Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Corrupted registry? Malware?


  • This topic is locked This topic is locked
33 replies to this topic

#1 rick_mcg

rick_mcg

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 08 May 2012 - 10:11 PM

I'm not sure if my problem is malware or if I just panicked but I hope you can help. I was progressing through my email in Microsoft Outlook when the system hung up after opening what appeared to be spam and became unresponsive even with CTRL-ALT-DEL. I powered off followed by reboot and selected the repair option on the way back up but it seemed to be hung again (or perhaps I was too impatient) so I did another power off - reboot this time as normal startup. Once booted I noticed the desktop background was back to default and the pinned task icons were gone from the taskbar as well as the start menu items. I tried doing a System Restore to the only checkpoint available (about 3-4 weeks old) but it came back up with the same symptoms. I (re)installed Windows updates and now find that most applications are missing settings (i.e. going through initial activation etc.), start menu and taskbar items are not populating (I canít unlock the taskbar) and some other quirky things.

Again, I'm hoping you can bail me out here or advise as to whether I should just bite the bullet and reformat ... the PC is only a few months old so it probably won't be too devastating.

Thanks in advance,
Rick

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Rick at 21:16:05 on 2012-05-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5611.1845 [GMT -4:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\helppane.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\Downloads\HijackThis.exe
C:\Windows\notepad.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
C:\Program Files (x86)\xfin_portal\CIDGlobalLight.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\TEMP\_isBB3D.exe
C:\Windows\TEMP\{00EF99D4-C6AF-479C-92B6-27CD2D0673BC}\ISBEW64.exe
C:\Program Files (x86)\Pinnacle\Shared Files\Pixie\PixieTool.exe
C:\Windows\system32\wbengine.exe
C:\Windows\System32\vds.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [Google Update] "C:\Users\Rick\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [<NO NAME>]
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
StartupFolder: C:\Users\Rick\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Rick\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Rick\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{24F28DF4-49E6-449A-95DF-B7C51E4D8170} : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{24F28DF4-49E6-449A-95DF-B7C51E4D8170}\255637964656E63656F594E6E6 : DhcpNameServer = 172.16.2.5 172.18.82.11 4.2.2.2
TCP: Interfaces\{24F28DF4-49E6-449A-95DF-B7C51E4D8170}\96261686E6 : DhcpNameServer = 172.16.2.5 172.18.82.11 4.2.2.2
TCP: Interfaces\{24F28DF4-49E6-449A-95DF-B7C51E4D8170}\D456C627F6375605C6163656 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EFFBBE7E-ACA7-405F-9B33-8B6A61D5B98E} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
BHO-X64: XFINITY Toolbar - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO-X64: RoboForm - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO-X64: TSBHO Class - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO-X64: Constant Guard Protection Suite (COM) - No File
BHO-X64: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll
BHO-X64: Updater For XFIN_PORTAL - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB-X64: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coIEPlg.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
mRun-x64: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun-x64: [(Default)]
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE-X64: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120507.001\BHDrvx64.sys [2012-5-8 1160824]
R1 GIDv2;GIDv2;C:\Windows\system32\drivers\GIDv2.sys --> C:\Windows\system32\drivers\GIDv2.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120507.001\IDSviA64.sys [2012-5-7 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0502010.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0502010.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-1-26 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-2 365568]
R2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-4-28 514232]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-18 265544]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-9-15 2375168]
R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-3-30 65608]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccsvchst.exe [2012-5-1 130008]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\amdhub30.sys --> C:\Windows\system32\DRIVERS\amdhub30.sys [?]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\amdxhc.sys --> C:\Windows\system32\DRIVERS\amdxhc.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-7 138360]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-5-23 1098296]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/26 17:49:56;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-2-24 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AllShare;SAMSUNG AllShare Service;C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-7-16 6638080]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;C:\Windows\system32\DRIVERS\MarvinAVS64.sys --> C:\Windows\system32\DRIVERS\MarvinAVS64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 U6000ALL;HDTV110 TV Box(ALL);C:\Windows\system32\DRIVERS\dmdcap.sys --> C:\Windows\system32\DRIVERS\dmdcap.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-05-08 01:09:03 419488 ------w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-02 00:11:14 -------- d-----w- C:\2a789b9d155684cb30eee0
2012-05-02 00:11:14 -------- d-----w- \2a789b9d155684cb30eee0
2012-05-02 00:08:15 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-02 00:08:15 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-02 00:08:14 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-02 00:04:55 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-05-02 00:04:54 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-05-02 00:04:54 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-05-02 00:04:54 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-05-02 00:04:54 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-05-02 00:04:54 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-05-02 00:04:54 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-05-01 15:44:14 912504 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\symefa64.sys
2012-05-01 15:44:14 386168 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\symnets.sys
2012-05-01 15:44:14 -------- d-----w- C:\Users\Rick\AppData\Local\Symantec
2012-05-01 15:44:13 744568 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\srtsp64.sys
2012-05-01 15:44:13 450680 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\symds64.sys
2012-05-01 15:44:13 40568 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\srtspx64.sys
2012-05-01 15:44:13 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0502010.003\ironx64.sys
2012-05-01 15:43:16 -------- d-----w- C:\Windows\System32\drivers\N360x64\0502010.003
2012-04-10 02:39:13 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-04-10 02:28:56 -------- d-----w- C:\ProgramData\Ask
.
==================== Find3M ====================
.
2012-05-08 01:09:03 70304 ------w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-10 02:27:39 472808 ------w- C:\Windows\SysWow64\deployJava1.dll
2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
.
============= FINISH: 21:17:00.16 ===============

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:07 AM

Posted 08 May 2012 - 11:58 PM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 rick_mcg

rick_mcg
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 10 May 2012 - 07:11 AM

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 31
Adobe Reader X (10.1.2)
Mozilla Firefox (6.0.1)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
``````````End of Log````````````

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:07 AM

Posted 10 May 2012 - 07:35 AM

OK still send me the combofix log once it completes
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 rick_mcg

rick_mcg
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 10 May 2012 - 10:11 AM

H Gringo and thanks for assisting. I ran ComboFix but it did not run to completion until after 2 attempts where it seemed to stop processing after Stage-04 at which point I rebooted to Safe Mode and tried again. I still see that there are no items pinned to the taskbar and I can't unlock it to manually pin items, and nothing shows on the Start Menu above the "All Programs" button ... these seem to be symptomatic of the issues I'm having.

ComboFix Log results...

ComboFix 12-05-10.02 - Rick 05/10/2012 10:13:21.3.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5611.4665 [GMT -4:00]
Running from: c:\users\Rick\Desktop\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Rick\AppData\Roaming\ConverterEngLog.log
c:\windows\WindowsUpdate.log
.
.
((((((((((((((((((((((((( Files Created from 2012-04-10 to 2012-05-10 )))))))))))))))))))))))))))))))
.
.
2012-05-10 14:20 . 2012-05-10 14:20 -------- d-----w- c:\users\Rick\AppData\Local\temp
2012-05-10 14:20 . 2012-05-10 14:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-08 01:09 . 2012-05-08 01:09 419488 ------w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-02 00:11 . 2012-05-02 00:11 -------- d-----w- C:\2a789b9d155684cb30eee0
2012-05-02 00:08 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-02 00:08 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-02 00:08 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-02 00:04 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-05-02 00:04 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-05-02 00:04 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-05-02 00:04 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-05-02 00:04 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-05-02 00:04 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-05-02 00:04 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-05-01 15:44 . 2012-05-01 15:44 -------- d-----w- c:\users\Rick\AppData\Roaming\Tific
2012-05-01 15:44 . 2012-05-01 15:44 -------- d-----w- c:\users\Rick\AppData\Local\Symantec
2012-05-01 15:43 . 2012-05-01 20:09 -------- d-----w- c:\windows\system32\drivers\N360x64\0502010.003
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-08 01:09 . 2012-01-08 03:16 70304 ------w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-10 02:27 . 2011-04-29 00:39 472808 ------w- c:\windows\SysWow64\deployJava1.dll
2012-04-04 19:56 . 2012-01-11 22:37 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-17 06:38 . 2012-03-14 11:37 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 11:37 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 11:37 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 11:37 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-04-09 21:43 1519272 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2012-01-08 160328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-02 336384]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-01-03 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"GIDDesktop"="c:\program files (x86)\SFT\GuardedID\gidd.exe" [2011-07-05 395528]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-07-11 574008]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2012-01-26 75048]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-05-26 413696]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-04-09 1557160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Constant Guard.lnk - c:\program files (x86)\Constant Guard Protection Suite\IDVault.exe [2012-3-30 5572168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/26 17:49;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-02-25 241648]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R3 AllShare;SAMSUNG AllShare Service;c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
R3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\DRIVERS\MarvinAVS64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 U6000ALL;HDTV110 TV Box(ALL);c:\windows\system32\DRIVERS\dmdcap.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120507.001\BHDrvx64.sys [2012-04-13 1160824]
S1 GIDv2;GIDv2; [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120509.001\IDSvia64.sys [2012-04-28 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-01-26 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-02 365568]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-06-17 616408]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-18 265544]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-07-11 26680]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168]
S2 IDVaultSvc;CGPS Service;c:\program files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-03-30 65608]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe [2011-04-17 130008]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-07 138360]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_38F51D56
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg]
2011-07-05 15:26 435976 ----a-w- c:\program files (x86)\SFT\GuardedID\GIDI.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-230497470-973949422-265497877-1001Core.job
- c:\users\Rick\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07 00:29]
.
2012-05-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-230497470-973949422-265497877-1001UA.job
- c:\users\Rick\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07 00:29]
.
2012-05-01 c:\windows\Tasks\HPCeeScheduleForRick.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-01-26 1128448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-The Weather Channel Desktop 6 - c:\program files (x86)\The Weather Channel FW\Desktop\TheWeatherChannelCustomUninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\CA\PPRT\bin\ITMRTSVC.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\SFT\GuardedID\gidd.exe
.
**************************************************************************
.
Completion time: 2012-05-10 10:29:15 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-10 14:29
.
Pre-Run: 268,275,695,616 bytes free
Post-Run: 273,770,668,032 bytes free
.
- - End Of File - - C6B0358EFF58C57E2029E1496BC06FED

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:07 AM

Posted 10 May 2012 - 02:21 PM

Greetings rick

OK I am going to do some more checking before I fix those symptoms (remind me later about them)

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 rick_mcg

rick_mcg
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 11 May 2012 - 07:34 AM

Hi Gringo,

Here are the TDSSKiller and aswMBR logs as requested. aswMBR took awhile but I finally managed to get it to run to completion after disabling Norton protection, running as administrator and in Safe Mode.

Thanks,
Rick

TDSSKiller

17:52:00.0605 6980 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
17:52:01.0844 6980 ============================================================
17:52:01.0844 6980 Current date / time: 2012/05/10 17:52:01.0844
17:52:01.0844 6980 SystemInfo:
17:52:01.0844 6980
17:52:01.0844 6980 OS Version: 6.1.7601 ServicePack: 1.0
17:52:01.0844 6980 Product type: Workstation
17:52:01.0844 6980 ComputerName: RICK-HP
17:52:01.0845 6980 UserName: Rick
17:52:01.0845 6980 Windows directory: C:\Windows
17:52:01.0845 6980 System windows directory: C:\Windows
17:52:01.0845 6980 Running under WOW64
17:52:01.0845 6980 Processor architecture: Intel x64
17:52:01.0845 6980 Number of processors: 4
17:52:01.0845 6980 Page size: 0x1000
17:52:01.0845 6980 Boot type: Normal boot
17:52:01.0845 6980 ============================================================
17:52:03.0728 6980 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:52:03.0737 6980 ============================================================
17:52:03.0737 6980 \Device\Harddisk0\DR0:
17:52:03.0737 6980 MBR partitions:
17:52:03.0737 6980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:52:03.0737 6980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48A7B800
17:52:03.0737 6980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48ADF800, BlocksNum 0x1D44800
17:52:03.0737 6980 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
17:52:03.0737 6980 ============================================================
17:52:03.0779 6980 C: <-> \Device\Harddisk0\DR0\Partition1
17:52:03.0824 6980 D: <-> \Device\Harddisk0\DR0\Partition2
17:52:03.0842 6980 F: <-> \Device\Harddisk0\DR0\Partition3
17:52:03.0842 6980 ============================================================
17:52:03.0842 6980 Initialize success
17:52:03.0842 6980 ============================================================
17:52:21.0325 3612 ============================================================
17:52:21.0325 3612 Scan started
17:52:21.0325 3612 Mode: Manual;
17:52:21.0325 3612 ============================================================
17:52:22.0229 3612 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:52:22.0235 3612 1394ohci - ok
17:52:22.0284 3612 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
17:52:22.0287 3612 61883 - ok
17:52:22.0315 3612 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
17:52:22.0316 3612 Accelerometer - ok
17:52:22.0393 3612 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:52:22.0400 3612 ACPI - ok
17:52:22.0428 3612 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:52:22.0431 3612 AcpiPmi - ok
17:52:22.0576 3612 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:52:22.0578 3612 AdobeARMservice - ok
17:52:22.0668 3612 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:52:22.0681 3612 adp94xx - ok
17:52:22.0809 3612 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:52:22.0818 3612 adpahci - ok
17:52:22.0883 3612 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:52:22.0889 3612 adpu320 - ok
17:52:22.0931 3612 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:52:22.0933 3612 AeLookupSvc - ok
17:52:23.0047 3612 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
17:52:23.0050 3612 AESTFilters - ok
17:52:23.0177 3612 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:52:23.0188 3612 AFD - ok
17:52:23.0226 3612 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:52:23.0229 3612 agp440 - ok
17:52:23.0259 3612 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:52:23.0262 3612 ALG - ok
17:52:23.0302 3612 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:52:23.0304 3612 aliide - ok
17:52:23.0952 3612 AllShare (aaa1f9d4cf4c976c21bca8afa2bae6a4) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
17:52:24.0104 3612 AllShare - ok
17:52:24.0232 3612 AMD External Events Utility (5580856001f78fecef19202a60334e7e) C:\Windows\system32\atiesrxx.exe
17:52:24.0236 3612 AMD External Events Utility - ok
17:52:24.0301 3612 AMD FUEL Service - ok
17:52:24.0356 3612 amdhub30 (30bfeee0dffd5bd79d29157cf080deed) C:\Windows\system32\DRIVERS\amdhub30.sys
17:52:24.0358 3612 amdhub30 - ok
17:52:24.0401 3612 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:52:24.0404 3612 amdide - ok
17:52:24.0429 3612 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
17:52:24.0431 3612 amdiox64 - ok
17:52:24.0486 3612 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:52:24.0490 3612 AmdK8 - ok
17:52:25.0279 3612 amdkmdag (69bc235b7983d67b8967ce634023ced1) C:\Windows\system32\DRIVERS\atikmdag.sys
17:52:25.0476 3612 amdkmdag - ok
17:52:25.0639 3612 amdkmdap (2a8496af669f282777f9e17d04d0aa22) C:\Windows\system32\DRIVERS\atikmpag.sys
17:52:25.0641 3612 amdkmdap - ok
17:52:25.0717 3612 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:52:25.0719 3612 AmdPPM - ok
17:52:25.0786 3612 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:52:25.0789 3612 amdsata - ok
17:52:25.0835 3612 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:52:25.0840 3612 amdsbs - ok
17:52:25.0901 3612 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:52:25.0902 3612 amdxata - ok
17:52:25.0951 3612 amdxhc (321533578132c811ec834a1b741c994c) C:\Windows\system32\DRIVERS\amdxhc.sys
17:52:25.0954 3612 amdxhc - ok
17:52:25.0975 3612 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\DRIVERS\amd_sata.sys
17:52:25.0976 3612 amd_sata - ok
17:52:26.0026 3612 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\DRIVERS\amd_xata.sys
17:52:26.0027 3612 amd_xata - ok
17:52:26.0188 3612 AntiSpywareService (f9dac844b1d370da4c984d4c22f5e696) C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
17:52:26.0199 3612 AntiSpywareService - ok
17:52:26.0246 3612 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:52:26.0249 3612 AppID - ok
17:52:26.0280 3612 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:52:26.0283 3612 AppIDSvc - ok
17:52:26.0325 3612 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:52:26.0326 3612 Appinfo - ok
17:52:26.0415 3612 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:52:26.0418 3612 Apple Mobile Device - ok
17:52:26.0465 3612 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:52:26.0469 3612 arc - ok
17:52:26.0498 3612 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:52:26.0502 3612 arcsas - ok
17:52:26.0616 3612 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:52:26.0619 3612 aspnet_state - ok
17:52:26.0654 3612 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:52:26.0655 3612 AsyncMac - ok
17:52:26.0683 3612 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:52:26.0684 3612 atapi - ok
17:52:26.0743 3612 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
17:52:26.0744 3612 AtiHDAudioService - ok
17:52:26.0824 3612 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:52:26.0833 3612 AudioEndpointBuilder - ok
17:52:26.0846 3612 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:52:26.0853 3612 AudioSrv - ok
17:52:26.0898 3612 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
17:52:26.0900 3612 Avc - ok
17:52:26.0940 3612 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:52:26.0943 3612 AxInstSV - ok
17:52:27.0017 3612 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:52:27.0025 3612 b06bdrv - ok
17:52:27.0086 3612 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:52:27.0092 3612 b57nd60a - ok
17:52:27.0201 3612 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:52:27.0206 3612 BBSvc - ok
17:52:27.0334 3612 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:52:27.0354 3612 BCM43XX - ok
17:52:27.0401 3612 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:52:27.0404 3612 BDESVC - ok
17:52:27.0472 3612 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:52:27.0473 3612 Beep - ok
17:52:27.0572 3612 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:52:27.0586 3612 BFE - ok
17:52:27.0933 3612 BHDrvx64 (5b1fe9d351c284701c8051da2aa81df6) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120507.001\BHDrvx64.sys
17:52:27.0950 3612 BHDrvx64 - ok
17:52:28.0128 3612 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
17:52:28.0148 3612 BITS - ok
17:52:28.0220 3612 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
17:52:28.0222 3612 blbdrive - ok
17:52:28.0325 3612 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:52:28.0334 3612 Bonjour Service - ok
17:52:28.0375 3612 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:52:28.0378 3612 bowser - ok
17:52:28.0406 3612 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:52:28.0409 3612 BrFiltLo - ok
17:52:28.0431 3612 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:52:28.0432 3612 BrFiltUp - ok
17:52:28.0483 3612 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:52:28.0485 3612 BridgeMP - ok
17:52:28.0531 3612 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:52:28.0534 3612 Browser - ok
17:52:28.0589 3612 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:52:28.0595 3612 Brserid - ok
17:52:28.0624 3612 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:52:28.0626 3612 BrSerWdm - ok
17:52:28.0662 3612 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:52:28.0664 3612 BrUsbMdm - ok
17:52:28.0698 3612 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:52:28.0700 3612 BrUsbSer - ok
17:52:28.0720 3612 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:52:28.0723 3612 BTHMODEM - ok
17:52:28.0766 3612 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:52:28.0769 3612 bthserv - ok
17:52:28.0781 3612 catchme - ok
17:52:28.0822 3612 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:52:28.0825 3612 cdfs - ok
17:52:28.0867 3612 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:52:28.0870 3612 cdrom - ok
17:52:28.0912 3612 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:52:28.0915 3612 CertPropSvc - ok
17:52:28.0950 3612 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:52:28.0951 3612 circlass - ok
17:52:29.0008 3612 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:52:29.0016 3612 CLFS - ok
17:52:29.0158 3612 CLKMSVC10_38F51D56 (524dc3807cb1746225f9d26add19c319) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
17:52:29.0165 3612 CLKMSVC10_38F51D56 - ok
17:52:29.0249 3612 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:52:29.0251 3612 clr_optimization_v2.0.50727_32 - ok
17:52:29.0328 3612 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:52:29.0332 3612 clr_optimization_v2.0.50727_64 - ok
17:52:29.0419 3612 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:52:29.0425 3612 clr_optimization_v4.0.30319_32 - ok
17:52:29.0485 3612 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:52:29.0491 3612 clr_optimization_v4.0.30319_64 - ok
17:52:29.0618 3612 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
17:52:29.0620 3612 clwvd - ok
17:52:29.0657 3612 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:52:29.0658 3612 CmBatt - ok
17:52:29.0685 3612 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:52:29.0688 3612 cmdide - ok
17:52:29.0773 3612 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:52:29.0782 3612 CNG - ok
17:52:29.0822 3612 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:52:29.0823 3612 Compbatt - ok
17:52:29.0858 3612 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:52:29.0859 3612 CompositeBus - ok
17:52:29.0873 3612 COMSysApp - ok
17:52:29.0889 3612 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:52:29.0890 3612 crcdisk - ok
17:52:29.0947 3612 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:52:29.0949 3612 CryptSvc - ok
17:52:30.0014 3612 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:52:30.0022 3612 DcomLaunch - ok
17:52:30.0067 3612 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:52:30.0072 3612 defragsvc - ok
17:52:30.0118 3612 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:52:30.0120 3612 DfsC - ok
17:52:30.0188 3612 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:52:30.0195 3612 Dhcp - ok
17:52:30.0234 3612 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:52:30.0235 3612 discache - ok
17:52:30.0286 3612 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:52:30.0288 3612 Disk - ok
17:52:30.0325 3612 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:52:30.0329 3612 Dnscache - ok
17:52:30.0380 3612 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:52:30.0386 3612 dot3svc - ok
17:52:30.0410 3612 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:52:30.0413 3612 DPS - ok
17:52:30.0452 3612 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:52:30.0454 3612 drmkaud - ok
17:52:30.0552 3612 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:52:30.0562 3612 DXGKrnl - ok
17:52:30.0585 3612 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:52:30.0587 3612 EapHost - ok
17:52:30.0890 3612 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:52:30.0933 3612 ebdrv - ok
17:52:31.0055 3612 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:52:31.0062 3612 eeCtrl - ok
17:52:31.0173 3612 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:52:31.0175 3612 EFS - ok
17:52:31.0282 3612 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:52:31.0296 3612 ehRecvr - ok
17:52:31.0333 3612 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:52:31.0337 3612 ehSched - ok
17:52:31.0439 3612 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:52:31.0450 3612 elxstor - ok
17:52:31.0542 3612 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:52:31.0544 3612 EraserUtilRebootDrv - ok
17:52:31.0571 3612 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:52:31.0574 3612 ErrDev - ok
17:52:31.0644 3612 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:52:31.0649 3612 EventSystem - ok
17:52:31.0712 3612 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:52:31.0719 3612 exfat - ok
17:52:31.0730 3612 ezSharedSvc - ok
17:52:31.0763 3612 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:52:31.0767 3612 fastfat - ok
17:52:31.0860 3612 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:52:31.0873 3612 Fax - ok
17:52:31.0909 3612 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:52:31.0911 3612 fdc - ok
17:52:31.0944 3612 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:52:31.0946 3612 fdPHost - ok
17:52:31.0967 3612 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:52:31.0969 3612 FDResPub - ok
17:52:32.0003 3612 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:52:32.0005 3612 FileInfo - ok
17:52:32.0015 3612 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:52:32.0018 3612 Filetrace - ok
17:52:32.0046 3612 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:52:32.0048 3612 flpydisk - ok
17:52:32.0106 3612 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:52:32.0112 3612 FltMgr - ok
17:52:32.0227 3612 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:52:32.0244 3612 FontCache - ok
17:52:32.0308 3612 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:52:32.0310 3612 FontCache3.0.0.0 - ok
17:52:32.0420 3612 FPLService (2074a85a6b8f84a5a9c60b915b465faf) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
17:52:32.0424 3612 FPLService - ok
17:52:32.0536 3612 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:52:32.0540 3612 FsDepends - ok
17:52:32.0582 3612 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:52:32.0583 3612 Fs_Rec - ok
17:52:32.0627 3612 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:52:32.0632 3612 fvevol - ok
17:52:32.0686 3612 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:52:32.0689 3612 gagp30kx - ok
17:52:32.0824 3612 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:52:32.0831 3612 GamesAppService - ok
17:52:32.0869 3612 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:52:32.0870 3612 GEARAspiWDM - ok
17:52:32.0929 3612 GIDv2 (9ba22aee7f531ef9ce085cc2e1112bc4) C:\Windows\system32\drivers\GIDv2.sys
17:52:32.0930 3612 GIDv2 - ok
17:52:33.0025 3612 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:52:33.0040 3612 gpsvc - ok
17:52:33.0085 3612 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:52:33.0086 3612 hcw85cir - ok
17:52:33.0161 3612 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:52:33.0171 3612 HdAudAddService - ok
17:52:33.0202 3612 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:52:33.0206 3612 HDAudBus - ok
17:52:33.0238 3612 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:52:33.0240 3612 HidBatt - ok
17:52:33.0270 3612 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:52:33.0274 3612 HidBth - ok
17:52:33.0304 3612 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:52:33.0306 3612 HidIr - ok
17:52:33.0325 3612 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
17:52:33.0328 3612 hidserv - ok
17:52:33.0372 3612 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:52:33.0374 3612 HidUsb - ok
17:52:33.0409 3612 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:52:33.0413 3612 hkmsvc - ok
17:52:33.0464 3612 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:52:33.0469 3612 HomeGroupListener - ok
17:52:33.0515 3612 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:52:33.0520 3612 HomeGroupProvider - ok
17:52:33.0619 3612 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:52:33.0621 3612 HP Support Assistant Service - ok
17:52:33.0712 3612 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:52:33.0719 3612 HPClientSvc - ok
17:52:33.0865 3612 hpCMSrv (c5d2f308e1c12a5c328ef549696dbc05) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
17:52:33.0881 3612 hpCMSrv - ok
17:52:33.0943 3612 HPDrvMntSvc.exe (b19ff523b533a3f198b9239e1749c940) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:52:33.0948 3612 HPDrvMntSvc.exe - ok
17:52:34.0073 3612 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
17:52:34.0075 3612 hpdskflt - ok
17:52:34.0199 3612 hpqwmiex (01091b900e15878b4434f9c726c4541d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:52:34.0218 3612 hpqwmiex - ok
17:52:34.0270 3612 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:52:34.0274 3612 HpSAMD - ok
17:52:34.0299 3612 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
17:52:34.0302 3612 hpsrv - ok
17:52:34.0345 3612 HPWMISVC (491ce9b6321fb74e4b37af2c47f98434) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:52:34.0346 3612 HPWMISVC - ok
17:52:34.0450 3612 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:52:34.0465 3612 HTTP - ok
17:52:34.0478 3612 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:52:34.0479 3612 hwpolicy - ok
17:52:34.0538 3612 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:52:34.0540 3612 i8042prt - ok
17:52:34.0637 3612 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:52:34.0647 3612 iaStorV - ok
17:52:34.0927 3612 IconMan_R (3a0ff117b4adc5abe4d968e26a337158) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:52:34.0959 3612 IconMan_R - ok
17:52:35.0126 3612 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:52:35.0145 3612 idsvc - ok
17:52:35.0347 3612 IDSVia64 (4e9e0e5a3b0efeb27491c26be1d97fda) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120509.001\IDSvia64.sys
17:52:35.0355 3612 IDSVia64 - ok
17:52:35.0462 3612 IDVaultSvc (9eb85e7ee5d408fbd7968e695d088570) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
17:52:35.0464 3612 IDVaultSvc - ok
17:52:35.0577 3612 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:52:35.0580 3612 iirsp - ok
17:52:35.0674 3612 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:52:35.0689 3612 IKEEXT - ok
17:52:35.0715 3612 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:52:35.0717 3612 intelide - ok
17:52:35.0757 3612 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:52:35.0760 3612 intelppm - ok
17:52:35.0789 3612 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:52:35.0793 3612 IPBusEnum - ok
17:52:35.0827 3612 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:52:35.0830 3612 IpFilterDriver - ok
17:52:35.0900 3612 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:52:35.0911 3612 iphlpsvc - ok
17:52:35.0942 3612 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:52:35.0946 3612 IPMIDRV - ok
17:52:35.0988 3612 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:52:35.0992 3612 IPNAT - ok
17:52:36.0132 3612 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
17:52:36.0149 3612 iPod Service - ok
17:52:36.0170 3612 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:52:36.0172 3612 IRENUM - ok
17:52:36.0195 3612 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:52:36.0198 3612 isapnp - ok
17:52:36.0253 3612 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:52:36.0259 3612 iScsiPrt - ok
17:52:36.0370 3612 ITMRTSVC (54f694c6cd3a1149ba3a8bdacc83badc) C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
17:52:36.0375 3612 ITMRTSVC - ok
17:52:36.0417 3612 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:52:36.0419 3612 kbdclass - ok
17:52:36.0438 3612 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:52:36.0441 3612 kbdhid - ok
17:52:36.0484 3612 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:52:36.0486 3612 KeyIso - ok
17:52:36.0507 3612 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:52:36.0510 3612 KSecDD - ok
17:52:36.0532 3612 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:52:36.0536 3612 KSecPkg - ok
17:52:36.0559 3612 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:52:36.0561 3612 ksthunk - ok
17:52:36.0621 3612 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:52:36.0631 3612 KtmRm - ok
17:52:36.0727 3612 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
17:52:36.0734 3612 LanmanServer - ok
17:52:36.0778 3612 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:52:36.0783 3612 LanmanWorkstation - ok
17:52:36.0823 3612 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:52:36.0825 3612 lltdio - ok
17:52:36.0886 3612 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:52:36.0894 3612 lltdsvc - ok
17:52:36.0909 3612 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:52:36.0912 3612 lmhosts - ok
17:52:36.0963 3612 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:52:36.0968 3612 LSI_FC - ok
17:52:36.0997 3612 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:52:37.0001 3612 LSI_SAS - ok
17:52:37.0025 3612 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:52:37.0028 3612 LSI_SAS2 - ok
17:52:37.0077 3612 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:52:37.0082 3612 LSI_SCSI - ok
17:52:37.0127 3612 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:52:37.0130 3612 luafv - ok
17:52:37.0202 3612 MarvinBus (024da28053d57e9e32bee52600576bbb) C:\Windows\system32\DRIVERS\MarvinBus64.sys
17:52:37.0207 3612 MarvinBus - ok
17:52:37.0251 3612 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:52:37.0267 3612 Mcx2Svc - ok
17:52:37.0302 3612 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:52:37.0305 3612 megasas - ok
17:52:37.0371 3612 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:52:37.0378 3612 MegaSR - ok
17:52:37.0490 3612 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:52:37.0494 3612 Microsoft Office Groove Audit Service - ok
17:52:37.0543 3612 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:52:37.0547 3612 MMCSS - ok
17:52:37.0582 3612 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:52:37.0585 3612 Modem - ok
17:52:37.0624 3612 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:52:37.0626 3612 monitor - ok
17:52:37.0666 3612 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:52:37.0667 3612 mouclass - ok
17:52:37.0696 3612 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
17:52:37.0699 3612 mouhid - ok
17:52:37.0734 3612 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:52:37.0737 3612 mountmgr - ok
17:52:37.0777 3612 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:52:37.0782 3612 mpio - ok
17:52:37.0811 3612 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:52:37.0814 3612 mpsdrv - ok
17:52:37.0921 3612 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:52:37.0936 3612 MpsSvc - ok
17:52:37.0966 3612 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:52:37.0969 3612 MRxDAV - ok
17:52:37.0997 3612 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:52:38.0000 3612 mrxsmb - ok
17:52:38.0038 3612 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:52:38.0042 3612 mrxsmb10 - ok
17:52:38.0072 3612 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:52:38.0074 3612 mrxsmb20 - ok
17:52:38.0102 3612 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:52:38.0103 3612 msahci - ok
17:52:38.0141 3612 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:52:38.0144 3612 msdsm - ok
17:52:38.0174 3612 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:52:38.0178 3612 MSDTC - ok
17:52:38.0223 3612 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys
17:52:38.0225 3612 MSDV - ok
17:52:38.0254 3612 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:52:38.0255 3612 Msfs - ok
17:52:38.0271 3612 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:52:38.0273 3612 mshidkmdf - ok
17:52:38.0301 3612 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:52:38.0302 3612 msisadrv - ok
17:52:38.0344 3612 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:52:38.0347 3612 MSiSCSI - ok
17:52:38.0352 3612 msiserver - ok
17:52:38.0387 3612 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:52:38.0389 3612 MSKSSRV - ok
17:52:38.0409 3612 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:52:38.0412 3612 MSPCLOCK - ok
17:52:38.0430 3612 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:52:38.0432 3612 MSPQM - ok
17:52:38.0479 3612 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:52:38.0486 3612 MsRPC - ok
17:52:38.0526 3612 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:52:38.0527 3612 mssmbios - ok
17:52:38.0566 3612 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:52:38.0568 3612 MSTEE - ok
17:52:38.0585 3612 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:52:38.0587 3612 MTConfig - ok
17:52:38.0630 3612 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:52:38.0632 3612 Mup - ok
17:52:38.0768 3612 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
17:52:38.0771 3612 N360 - ok
17:52:38.0835 3612 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:52:38.0846 3612 napagent - ok
17:52:38.0932 3612 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:52:38.0938 3612 NativeWifiP - ok
17:52:39.0079 3612 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120510.002\ENG64.SYS
17:52:39.0082 3612 NAVENG - ok
17:52:39.0306 3612 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120510.002\EX64.SYS
17:52:39.0328 3612 NAVEX15 - ok
17:52:39.0526 3612 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:52:39.0544 3612 NDIS - ok
17:52:39.0585 3612 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:52:39.0588 3612 NdisCap - ok
17:52:39.0618 3612 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:52:39.0619 3612 NdisTapi - ok
17:52:39.0632 3612 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:52:39.0634 3612 Ndisuio - ok
17:52:39.0663 3612 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:52:39.0666 3612 NdisWan - ok
17:52:39.0698 3612 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:52:39.0700 3612 NDProxy - ok
17:52:39.0736 3612 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:52:39.0737 3612 NetBIOS - ok
17:52:39.0789 3612 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:52:39.0792 3612 NetBT - ok
17:52:39.0828 3612 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:52:39.0831 3612 Netlogon - ok
17:52:39.0896 3612 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:52:39.0902 3612 Netman - ok
17:52:40.0017 3612 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:52:40.0021 3612 NetMsmqActivator - ok
17:52:40.0028 3612 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:52:40.0030 3612 NetPipeActivator - ok
17:52:40.0098 3612 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:52:40.0106 3612 netprofm - ok
17:52:40.0282 3612 netr28x (a98071e3e1e5e503462cc9e0ded91a36) C:\Windows\system32\DRIVERS\netr28x.sys
17:52:40.0310 3612 netr28x - ok
17:52:40.0439 3612 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:52:40.0442 3612 NetTcpActivator - ok
17:52:40.0451 3612 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:52:40.0454 3612 NetTcpPortSharing - ok
17:52:40.0582 3612 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:52:40.0585 3612 nfrd960 - ok
17:52:40.0656 3612 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:52:40.0663 3612 NlaSvc - ok
17:52:40.0706 3612 NPF (3ceee0be85d24d911b9c02714817774c) C:\Windows\system32\drivers\npf.sys
17:52:40.0710 3612 NPF - ok
17:52:40.0744 3612 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:52:40.0746 3612 Npfs - ok
17:52:40.0773 3612 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:52:40.0776 3612 nsi - ok
17:52:40.0812 3612 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:52:40.0813 3612 nsiproxy - ok
17:52:41.0000 3612 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:52:41.0022 3612 Ntfs - ok
17:52:41.0156 3612 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:52:41.0157 3612 Null - ok
17:52:41.0221 3612 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
17:52:41.0231 3612 NVENETFD - ok
17:52:41.0297 3612 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:52:41.0302 3612 nvraid - ok
17:52:41.0337 3612 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:52:41.0342 3612 nvstor - ok
17:52:41.0397 3612 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:52:41.0402 3612 nv_agp - ok
17:52:41.0542 3612 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:52:41.0553 3612 odserv - ok
17:52:41.0592 3612 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:52:41.0596 3612 ohci1394 - ok
17:52:41.0659 3612 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:52:41.0664 3612 ose - ok
17:52:41.0724 3612 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:52:41.0732 3612 p2pimsvc - ok
17:52:41.0803 3612 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:52:41.0813 3612 p2psvc - ok
17:52:41.0843 3612 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:52:41.0847 3612 Parport - ok
17:52:41.0884 3612 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:52:41.0886 3612 partmgr - ok
17:52:41.0922 3612 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:52:41.0926 3612 PcaSvc - ok
17:52:41.0961 3612 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:52:41.0965 3612 pci - ok
17:52:41.0996 3612 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:52:41.0997 3612 pciide - ok
17:52:42.0042 3612 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:52:42.0048 3612 pcmcia - ok
17:52:42.0085 3612 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:52:42.0086 3612 pcw - ok
17:52:42.0157 3612 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:52:42.0170 3612 PEAUTH - ok
17:52:42.0262 3612 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:52:42.0267 3612 PerfHost - ok
17:52:42.0371 3612 PinnacleMarvinAVS (0050e6bec926c98ac6c16714ff1ad450) C:\Windows\system32\DRIVERS\MarvinAVS64.sys
17:52:42.0382 3612 PinnacleMarvinAVS - ok
17:52:42.0528 3612 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:52:42.0549 3612 pla - ok
17:52:42.0614 3612 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:52:42.0625 3612 PlugPlay - ok
17:52:42.0661 3612 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:52:42.0665 3612 PNRPAutoReg - ok
17:52:42.0734 3612 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:52:42.0741 3612 PNRPsvc - ok
17:52:42.0848 3612 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:52:42.0858 3612 PolicyAgent - ok
17:52:42.0908 3612 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:52:42.0913 3612 Power - ok
17:52:42.0990 3612 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:52:42.0993 3612 PptpMiniport - ok
17:52:43.0016 3612 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:52:43.0020 3612 Processor - ok
17:52:43.0078 3612 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:52:43.0084 3612 ProfSvc - ok
17:52:43.0128 3612 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:52:43.0130 3612 ProtectedStorage - ok
17:52:43.0181 3612 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:52:43.0183 3612 Psched - ok
17:52:43.0346 3612 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:52:43.0373 3612 ql2300 - ok
17:52:43.0495 3612 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:52:43.0499 3612 ql40xx - ok
17:52:43.0554 3612 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:52:43.0561 3612 QWAVE - ok
17:52:43.0585 3612 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:52:43.0588 3612 QWAVEdrv - ok
17:52:43.0602 3612 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:52:43.0605 3612 RasAcd - ok
17:52:43.0650 3612 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:52:43.0651 3612 RasAgileVpn - ok
17:52:43.0678 3612 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:52:43.0683 3612 RasAuto - ok
17:52:43.0722 3612 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:52:43.0725 3612 Rasl2tp - ok
17:52:43.0778 3612 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:52:43.0785 3612 RasMan - ok
17:52:43.0831 3612 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:52:43.0834 3612 RasPppoe - ok
17:52:43.0849 3612 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:52:43.0851 3612 RasSstp - ok
17:52:43.0887 3612 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:52:43.0893 3612 rdbss - ok
17:52:43.0916 3612 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:52:43.0918 3612 rdpbus - ok
17:52:43.0945 3612 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:52:43.0946 3612 RDPCDD - ok
17:52:43.0974 3612 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:52:43.0975 3612 RDPENCDD - ok
17:52:43.0984 3612 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:52:43.0985 3612 RDPREFMP - ok
17:52:44.0061 3612 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:52:44.0075 3612 RDPWD - ok
17:52:44.0150 3612 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:52:44.0154 3612 rdyboost - ok
17:52:44.0225 3612 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:52:44.0243 3612 RemoteAccess - ok
17:52:44.0317 3612 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:52:44.0325 3612 RemoteRegistry - ok
17:52:44.0540 3612 RoxioNow Service (085d18c71ab2611a3d61528132b6501e) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
17:52:44.0588 3612 RoxioNow Service - ok
17:52:44.0639 3612 rpcapd (e51a8d02b4bd33eba1f7a5b76c3766ed) C:\Program Files (x86)\WinPcap\rpcapd.exe
17:52:44.0644 3612 rpcapd - ok
17:52:44.0693 3612 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:52:44.0697 3612 RpcEptMapper - ok
17:52:44.0721 3612 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:52:44.0725 3612 RpcLocator - ok
17:52:44.0794 3612 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:52:44.0805 3612 RpcSs - ok
17:52:44.0892 3612 RSPCIESTOR (9d21618e7a3b2c75cf1a2ecbbe723730) C:\Windows\system32\DRIVERS\RtsPStor.sys
17:52:44.0898 3612 RSPCIESTOR - ok
17:52:44.0938 3612 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:52:44.0940 3612 rspndr - ok
17:52:45.0009 3612 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:52:45.0016 3612 RTL8167 - ok
17:52:45.0063 3612 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:52:45.0065 3612 SamSs - ok
17:52:45.0097 3612 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:52:45.0101 3612 sbp2port - ok
17:52:45.0150 3612 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:52:45.0157 3612 SCardSvr - ok
17:52:45.0188 3612 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:52:45.0191 3612 scfilter - ok
17:52:45.0319 3612 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:52:45.0342 3612 Schedule - ok
17:52:45.0379 3612 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:52:45.0380 3612 SCPolicySvc - ok
17:52:45.0432 3612 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
17:52:45.0435 3612 sdbus - ok
17:52:45.0478 3612 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:52:45.0483 3612 SDRSVC - ok
17:52:45.0569 3612 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:52:45.0574 3612 SeaPort - ok
17:52:45.0608 3612 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:52:45.0610 3612 secdrv - ok
17:52:45.0637 3612 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:52:45.0640 3612 seclogon - ok
17:52:45.0663 3612 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
17:52:45.0666 3612 SENS - ok
17:52:45.0707 3612 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:52:45.0711 3612 SensrSvc - ok
17:52:45.0739 3612 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:52:45.0741 3612 Serenum - ok
17:52:45.0791 3612 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:52:45.0795 3612 Serial - ok
17:52:45.0815 3612 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:52:45.0817 3612 sermouse - ok
17:52:45.0868 3612 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:52:45.0873 3612 SessionEnv - ok
17:52:45.0904 3612 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:52:45.0906 3612 sffdisk - ok
17:52:45.0921 3612 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:52:45.0923 3612 sffp_mmc - ok
17:52:45.0940 3612 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:52:45.0942 3612 sffp_sd - ok
17:52:45.0960 3612 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:52:45.0962 3612 sfloppy - ok
17:52:46.0019 3612 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:52:46.0027 3612 SharedAccess - ok
17:52:46.0086 3612 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:52:46.0093 3612 ShellHWDetection - ok
17:52:46.0123 3612 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:52:46.0125 3612 SiSRaid2 - ok
17:52:46.0161 3612 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:52:46.0164 3612 SiSRaid4 - ok
17:52:46.0207 3612 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:52:46.0211 3612 Smb - ok
17:52:46.0260 3612 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:52:46.0264 3612 SNMPTRAP - ok
17:52:46.0282 3612 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:52:46.0283 3612 spldr - ok
17:52:46.0345 3612 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:52:46.0356 3612 Spooler - ok
17:52:46.0652 3612 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:52:46.0701 3612 sppsvc - ok
17:52:46.0812 3612 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:52:46.0818 3612 sppuinotify - ok
17:52:46.0994 3612 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502010.003\SRTSP64.SYS
17:52:47.0002 3612 SRTSP - ok
17:52:47.0019 3612 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502010.003\SRTSPX64.SYS
17:52:47.0020 3612 SRTSPX - ok
17:52:47.0093 3612 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:52:47.0101 3612 srv - ok
17:52:47.0135 3612 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:52:47.0142 3612 srv2 - ok
17:52:47.0205 3612 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:52:47.0212 3612 SrvHsfHDA - ok
17:52:47.0343 3612 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:52:47.0367 3612 SrvHsfV92 - ok
17:52:47.0537 3612 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:52:47.0551 3612 SrvHsfWinac - ok
17:52:47.0592 3612 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:52:47.0596 3612 srvnet - ok
17:52:47.0661 3612 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:52:47.0665 3612 SSDPSRV - ok
17:52:47.0709 3612 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:52:47.0712 3612 SstpSvc - ok
17:52:47.0850 3612 STacSV (20e27aa5bcc01c2149830c05fe22f675) C:\Program Files\IDT\WDM\STacSV64.exe
17:52:47.0857 3612 STacSV - ok
17:52:47.0885 3612 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:52:47.0887 3612 stexstor - ok
17:52:47.0977 3612 STHDA (beb37ce4e7456f5efa52d783d1e06d8c) C:\Windows\system32\DRIVERS\stwrt64.sys
17:52:47.0987 3612 STHDA - ok
17:52:48.0070 3612 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:52:48.0083 3612 stisvc - ok
17:52:48.0114 3612 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:52:48.0116 3612 swenum - ok
17:52:48.0195 3612 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:52:48.0210 3612 swprv - ok
17:52:48.0332 3612 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS
17:52:48.0342 3612 SymDS - ok
17:52:48.0429 3612 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS
17:52:48.0443 3612 SymEFA - ok
17:52:48.0490 3612 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:52:48.0493 3612 SymEvent - ok
17:52:48.0544 3612 SymIM (3aa3b2df451da88c38ab00b19fa3562e) C:\Windows\system32\DRIVERS\SymIMv.sys
17:52:48.0546 3612 SymIM - ok
17:52:48.0603 3612 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS
17:52:48.0605 3612 SymIRON - ok
17:52:48.0662 3612 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS
17:52:48.0669 3612 SymNetS - ok
17:52:48.0850 3612 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
17:52:48.0866 3612 SynTP - ok
17:52:49.0099 3612 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:52:49.0125 3612 SysMain - ok
17:52:49.0232 3612 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:52:49.0238 3612 TabletInputService - ok
17:52:49.0274 3612 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:52:49.0282 3612 TapiSrv - ok
17:52:49.0298 3612 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:52:49.0303 3612 TBS - ok
17:52:49.0521 3612 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:52:49.0546 3612 Tcpip - ok
17:52:49.0839 3612 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:52:49.0860 3612 TCPIP6 - ok
17:52:49.0977 3612 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:52:49.0979 3612 tcpipreg - ok
17:52:50.0000 3612 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:52:50.0001 3612 TDPIPE - ok
17:52:50.0042 3612 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:52:50.0043 3612 TDTCP - ok
17:52:50.0088 3612 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:52:50.0090 3612 tdx - ok
17:52:50.0119 3612 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:52:50.0120 3612 TermDD - ok
17:52:50.0205 3612 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:52:50.0217 3612 TermService - ok
17:52:50.0235 3612 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:52:50.0238 3612 Themes - ok
17:52:50.0277 3612 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:52:50.0279 3612 THREADORDER - ok
17:52:50.0318 3612 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:52:50.0321 3612 TrkWks - ok
17:52:50.0388 3612 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:52:50.0394 3612 TrustedInstaller - ok
17:52:50.0424 3612 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:52:50.0426 3612 tssecsrv - ok
17:52:50.0452 3612 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:52:50.0455 3612 TsUsbFlt - ok
17:52:50.0478 3612 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:52:50.0481 3612 TsUsbGD - ok
17:52:50.0536 3612 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:52:50.0539 3612 tunnel - ok
17:52:50.0616 3612 U6000ALL (7f8ad76415fb7476096fef6b92d428ca) C:\Windows\system32\DRIVERS\dmdcap.sys
17:52:50.0623 3612 U6000ALL - ok
17:52:50.0652 3612 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:52:50.0655 3612 uagp35 - ok
17:52:50.0712 3612 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:52:50.0719 3612 udfs - ok
17:52:50.0761 3612 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:52:50.0765 3612 UI0Detect - ok
17:52:50.0807 3612 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:52:50.0810 3612 uliagpkx - ok
17:52:50.0852 3612 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:52:50.0854 3612 umbus - ok
17:52:50.0884 3612 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:52:50.0887 3612 UmPass - ok
17:52:50.0950 3612 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:52:50.0958 3612 upnphost - ok
17:52:51.0010 3612 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:52:51.0013 3612 USBAAPL64 - ok
17:52:51.0059 3612 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:52:51.0061 3612 usbccgp - ok
17:52:51.0103 3612 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:52:51.0107 3612 usbcir - ok
17:52:51.0127 3612 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:52:51.0129 3612 usbehci - ok
17:52:51.0166 3612 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys
17:52:51.0167 3612 usbfilter - ok
17:52:51.0247 3612 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:52:51.0255 3612 usbhub - ok
17:52:51.0273 3612 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:52:51.0275 3612 usbohci - ok
17:52:51.0308 3612 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
17:52:51.0310 3612 usbprint - ok
17:52:51.0354 3612 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:52:51.0357 3612 USBSTOR - ok
17:52:51.0404 3612 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:52:51.0406 3612 usbuhci - ok
17:52:51.0460 3612 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:52:51.0463 3612 usbvideo - ok
17:52:51.0492 3612 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:52:51.0495 3612 UxSms - ok
17:52:51.0540 3612 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:52:51.0542 3612 VaultSvc - ok
17:52:51.0562 3612 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:52:51.0563 3612 vdrvroot - ok
17:52:51.0628 3612 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:52:51.0640 3612 vds - ok
17:52:51.0665 3612 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:52:51.0667 3612 vga - ok
17:52:51.0682 3612 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:52:51.0683 3612 VgaSave - ok
17:52:51.0725 3612 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:52:51.0730 3612 vhdmp - ok
17:52:51.0747 3612 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:52:51.0750 3612 viaide - ok
17:52:51.0785 3612 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:52:51.0787 3612 volmgr - ok
17:52:51.0839 3612 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:52:51.0846 3612 volmgrx - ok
17:52:51.0886 3612 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:52:51.0891 3612 volsnap - ok
17:52:51.0929 3612 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:52:51.0933 3612 vsmraid - ok
17:52:52.0092 3612 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:52:52.0120 3612 VSS - ok
17:52:52.0232 3612 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:52:52.0234 3612 vwifibus - ok
17:52:52.0262 3612 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:52:52.0264 3612 vwififlt - ok
17:52:52.0311 3612 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:52:52.0312 3612 vwifimp - ok
17:52:52.0378 3612 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:52:52.0387 3612 W32Time - ok
17:52:52.0417 3612 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:52:52.0419 3612 WacomPen - ok
17:52:52.0457 3612 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:52:52.0459 3612 WANARP - ok
17:52:52.0463 3612 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:52:52.0464 3612 Wanarpv6 - ok
17:52:52.0610 3612 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:52:52.0635 3612 WatAdminSvc - ok
17:52:52.0850 3612 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:52:52.0877 3612 wbengine - ok
17:52:52.0992 3612 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:52:52.0997 3612 WbioSrvc - ok
17:52:53.0043 3612 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:52:53.0053 3612 wcncsvc - ok
17:52:53.0103 3612 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:52:53.0108 3612 WcsPlugInService - ok
17:52:53.0178 3612 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:52:53.0181 3612 Wd - ok
17:52:53.0279 3612 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:52:53.0294 3612 Wdf01000 - ok
17:52:53.0323 3612 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:52:53.0326 3612 WdiServiceHost - ok
17:52:53.0330 3612 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:52:53.0333 3612 WdiSystemHost - ok
17:52:53.0366 3612 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:52:53.0373 3612 WebClient - ok
17:52:53.0425 3612 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:52:53.0434 3612 Wecsvc - ok
17:52:53.0468 3612 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:52:53.0473 3612 wercplsupport - ok
17:52:53.0505 3612 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:52:53.0511 3612 WerSvc - ok
17:52:53.0564 3612 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:52:53.0565 3612 WfpLwf - ok
17:52:53.0589 3612 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:52:53.0592 3612 WIMMount - ok
17:52:53.0623 3612 WinDefend - ok
17:52:53.0641 3612 WinHttpAutoProxySvc - ok
17:52:53.0716 3612 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:52:53.0720 3612 Winmgmt - ok
17:52:53.0913 3612 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:52:53.0946 3612 WinRM - ok
17:52:54.0071 3612 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
17:52:54.0073 3612 WinUsb - ok
17:52:54.0166 3612 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:52:54.0186 3612 Wlansvc - ok
17:52:54.0249 3612 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:52:54.0252 3612 wlcrasvc - ok
17:52:54.0546 3612 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:52:54.0580 3612 wlidsvc - ok
17:52:54.0731 3612 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:52:54.0733 3612 WmiAcpi - ok
17:52:54.0816 3612 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:52:54.0823 3612 wmiApSrv - ok
17:52:54.0873 3612 WMPNetworkSvc - ok
17:52:54.0909 3612 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:52:54.0915 3612 WPCSvc - ok
17:52:54.0941 3612 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:52:54.0948 3612 WPDBusEnum - ok
17:52:54.0978 3612 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:52:54.0980 3612 ws2ifsl - ok
17:52:55.0014 3612 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
17:52:55.0020 3612 wscsvc - ok
17:52:55.0027 3612 WSearch - ok
17:52:55.0306 3612 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:52:55.0341 3612 wuauserv - ok
17:52:55.0476 3612 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:52:55.0479 3612 WudfPf - ok
17:52:55.0527 3612 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:52:55.0532 3612 WUDFRd - ok
17:52:55.0566 3612 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:52:55.0571 3612 wudfsvc - ok
17:52:55.0612 3612 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:52:55.0621 3612 WwanSvc - ok
17:52:55.0664 3612 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:52:55.0727 3612 \Device\Harddisk0\DR0 - ok
17:52:55.0734 3612 Boot (0x1200) (913a40a93e4b6eec74a3208a51ca6c92) \Device\Harddisk0\DR0\Partition0
17:52:55.0736 3612 \Device\Harddisk0\DR0\Partition0 - ok
17:52:55.0775 3612 Boot (0x1200) (f1e646e65b120532e9223e04c8d6f1e3) \Device\Harddisk0\DR0\Partition1
17:52:55.0777 3612 \Device\Harddisk0\DR0\Partition1 - ok
17:52:55.0811 3612 Boot (0x1200) (ce6e8564c8720642392318180edf3c98) \Device\Harddisk0\DR0\Partition2
17:52:55.0813 3612 \Device\Harddisk0\DR0\Partition2 - ok
17:52:55.0834 3612 Boot (0x1200) (ae55a1c8d31d50184341e3f3e2721366) \Device\Harddisk0\DR0\Partition3
17:52:55.0835 3612 \Device\Harddisk0\DR0\Partition3 - ok
17:52:55.0835 3612 ============================================================
17:52:55.0835 3612 Scan finished
17:52:55.0835 3612 ============================================================
17:52:55.0848 5348 Detected object count: 0
17:52:55.0848 5348 Actual detected object count: 0

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-11 07:19:16
-----------------------------
07:19:16.715 OS Version: Windows x64 6.1.7601 Service Pack 1
07:19:16.715 Number of processors: 4 586 0x100
07:19:16.730 ComputerName: RICK-HP UserName: Rick
07:19:18.509 Initialize success
07:19:25.248 AVAST engine defs: 12051001
07:19:29.725 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000071
07:19:29.725 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 11
07:19:29.725 Disk 0 MBR read successfully
07:19:29.725 Disk 0 MBR scan
07:19:29.741 Disk 0 Windows 7 default MBR code
07:19:29.756 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
07:19:29.772 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 595191 MB offset 409600
07:19:29.788 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14985 MB offset 1219360768
07:19:29.819 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
07:19:29.881 Disk 0 scanning C:\Windows\system32\drivers
07:19:40.723 Service scanning
07:20:11.440 Modules scanning
07:20:11.440 Disk 0 trace - called modules:
07:20:11.954 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
07:20:11.954 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005bba060]
07:20:11.954 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8005a2db10]
07:20:11.954 5 hpdskflt.sys[fffff88001b9b189] -> nt!IofCallDriver -> [0xfffffa800593c040]
07:20:11.970 7 amd_xata.sys[fffff8800114b8f7] -> nt!IofCallDriver -> \Device\00000071[0xfffffa8005924060]
07:20:13.452 AVAST engine scan C:\Windows
07:20:17.695 AVAST engine scan C:\Windows\system32
07:23:44.489 AVAST engine scan C:\Windows\system32\drivers
07:23:57.578 AVAST engine scan C:\Users\Rick
07:54:08.351 AVAST engine scan C:\ProgramData
07:55:03.122 Scan finished successfully
08:00:40.145 Disk 0 MBR has been saved successfully to "C:\Users\Rick\Documents\PC Recovery\MBR.dat"
08:00:40.145 The log file has been saved successfully to "C:\Users\Rick\Documents\PC Recovery\aswMBR.txt"

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:07 AM

Posted 11 May 2012 - 07:48 AM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\program files (x86)\Ask.com

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 rick_mcg

rick_mcg
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 11 May 2012 - 11:13 AM

Hi Gringo, Here is the latest ComboFix log as requested (in 2 parts as post was too long / part 2 on next post). The computer is still showing signs of missing or corrupted registry settings as described before.

ComboFix log Part 1

ComboFix 12-05-11.02 - Rick 05/11/2012 9:33.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5611.3840 [GMT -4:00]
Running from: c:\users\Rick\Desktop\ComboFix.exe
Command switches used :: c:\users\Rick\Desktop\CFScript.txt
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\assets\oobe\b.png
c:\program files (x86)\Ask.com\assets\oobe\bl.png
c:\program files (x86)\Ask.com\assets\oobe\br.png
c:\program files (x86)\Ask.com\assets\oobe\l.png
c:\program files (x86)\Ask.com\assets\oobe\pointer.png
c:\program files (x86)\Ask.com\assets\oobe\r.png
c:\program files (x86)\Ask.com\assets\oobe\t.png
c:\program files (x86)\Ask.com\assets\oobe\tl.png
c:\program files (x86)\Ask.com\assets\oobe\tr.png
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\precache.exe
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\Updater\config.xml
c:\program files (x86)\Ask.com\Updater\Updater.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-04-11 to 2012-05-11 )))))))))))))))))))))))))))))))
.
.
2012-05-11 14:29 . 2012-05-11 14:29 -------- d-----w- c:\users\Rick\AppData\Local\temp
2012-05-11 14:29 . 2012-05-11 14:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-10 14:30 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-10 14:30 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 14:30 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 14:30 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-10 14:30 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-10 14:30 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 14:30 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-10 14:30 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-10 14:30 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-10 14:30 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-08 01:09 . 2012-05-08 01:09 419488 ------w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-02 00:11 . 2012-05-02 00:11 -------- d-----w- C:\2a789b9d155684cb30eee0
2012-05-02 00:04 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-05-02 00:04 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-05-02 00:04 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-05-02 00:04 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-05-02 00:04 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-05-02 00:04 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-05-02 00:04 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-05-01 15:44 . 2012-05-01 15:44 -------- d-----w- c:\users\Rick\AppData\Roaming\Tific
2012-05-01 15:44 . 2012-05-01 15:44 -------- d-----w- c:\users\Rick\AppData\Local\Symantec
2012-05-01 15:43 . 2012-05-01 20:09 -------- d-----w- c:\windows\system32\drivers\N360x64\0502010.003
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-08 01:09 . 2012-01-08 03:16 70304 ------w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-10 02:27 . 2011-04-29 00:39 472808 ------w- c:\windows\SysWow64\deployJava1.dll
2012-04-04 19:56 . 2012-01-11 22:37 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-17 06:38 . 2012-03-14 11:37 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 11:37 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 11:37 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 11:37 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-10_14.22.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-05-10 14:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-05-11 14:30 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-05-11 14:30 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-10 14:21 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-10 14:21 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-11 14:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-21 03:09 . 2012-05-10 14:36 43182 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-05-11 14:32 42310 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:46 . 2012-05-11 12:09 94744 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-11-22 03:57 . 2011-11-22 03:57 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2012-05-05 11:33 . 2012-05-05 11:33 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-05-05 11:33 . 2012-05-05 11:33 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-05-05 11:33 . 2012-05-05 11:33 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-05-05 11:33 . 2012-05-05 11:33 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-05-05 11:33 . 2012-05-05 11:33 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-05-05 11:33 . 2012-05-05 11:33 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-05-05 11:31 . 2012-05-05 11:31 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-05-11 07:25 . 2012-05-11 07:25 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-05-05 11:28 . 2012-05-05 11:28 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-05-05 11:28 . 2012-05-05 11:28 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-05-11 07:25 . 2012-05-11 07:25 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-01-07 22:28 . 2012-05-02 00:10 35088 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\oisicon.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 35088 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\oisicon.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 18704 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\mspicons.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 18704 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\mspicons.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 20240 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 20240 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-01-10 00:52 . 2012-05-11 07:06 27136 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2012-01-10 00:52 . 2012-05-02 00:08 27136 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2012-01-10 00:52 . 2012-05-02 00:08 12288 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2012-01-10 00:52 . 2012-05-11 07:06 12288 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2011-04-29 00:32 . 2012-05-11 07:03 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2011-04-29 00:32 . 2012-02-15 12:34 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 70656 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml.Hosting\d1fd7c6fa53fa174d2136462c2dadfd6\System.Xaml.Hosting.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\054fce9466c6cef615b2f7cc9ff4e7f8\System.Windows.Presentation.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 26112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Routing\df33d56dcdde38c15a777ebc79836fc5\System.Web.Routing.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 53760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\18508512df40a77e8697bde9f4be5967\System.Web.DynamicData.Design.ni.dll
+ 2012-05-11 07:37 . 2012-05-11 07:37 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\ff78ec1b5bf38a8fb74c2d4f41bb308a\System.Web.ApplicationServices.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 26112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Abstract#\4f6bef518b1bb0ae5d892588eccdcf25\System.Web.Abstractions.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 13824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\a8258e28b61cad85c49c97273a2aae55\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\e144d0028365c62178eb0662911ac910\System.AddIn.Contract.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 47616 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Workflow.#\c74328b7d9f2b5cf7f74cd4b55041ee7\Microsoft.Workflow.Compiler.ni.exe
+ 2012-05-11 07:33 . 2012-05-11 07:33 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\93295f3771dc9e5be2d49d5f5d76a7a6\Microsoft.VisualC.ni.dll
+ 2012-05-11 07:21 . 2012-05-11 07:21 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\5ea625ce2d6c08687f70cb81a003a28b\dfsvc.ni.exe
+ 2012-05-11 07:20 . 2012-05-11 07:20 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\061cbee19075e086d675a9e1f65725d7\Accessibility.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 55808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\4185d95173b2ad3cd57c5a8140a29784\System.Xaml.Hosting.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\f3a9c6e87bfa4bab3689ec1cdb56964f\System.Windows.Presentation.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\d8f7bf8ce78d0785e68c589c1e64a6dd\System.Web.Routing.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\0c0d7f259025712ff9d426b494a4866c\System.Web.DynamicData.Design.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\9b418f37f4594806e1f4b0ed6d083a95\System.Web.ApplicationServices.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\31ec874a9482ad1a99ba24ca4a6ec914\System.Web.Abstractions.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\703ffb7a271059d40edeff9eb0e2b7e3\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\59be5fb54e018032511415f0b0523ee3\System.AddIn.Contract.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 37888 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Workflow.#\f519738a47ffedaa4c04ec6e16a6b7b1\Microsoft.Workflow.Compiler.ni.exe
+ 2012-05-11 08:25 . 2012-05-11 08:25 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\fb4bc14964a1d415bdbe55b62ce73a52\System.Windows.Presentation.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\acd8bdefdcae0ce7c27b5ec016ef865c\System.Web.DynamicData.Design.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\ee709a01b51c82626f4b2c1173f2db28\stdole.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\78f495970511b726a0ca7b8119360e25\PresentationFontCache.ni.exe
+ 2012-05-11 07:59 . 2012-05-11 07:59 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\1a359e9b908a2565c546a8ca04b241c2\PresentationCFFRasterizer.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\9d57c4bbbc0b3243046fc7839da71b00\Microsoft.WSMan.Runtime.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\d6578432220dbabf2b15027681327bf8\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\66deb65a87750efddf62d1e0c0655352\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4b6402dc918e41b8de8c501f29833d91\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\28545d2b6a0aaef4aa168f9808603bc5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\1d8a17a2c1416a8ad4d6ad2a28b4c5fd\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0abc7256549c204f39af7dcc52c9e5d5\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-05-11 07:58 . 2012-05-11 07:58 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\3c3a6cce983114e7406e0a6e6116ecd8\Microsoft.VisualC.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6ab0575bf49b60fd4b697d47e1754072\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\1569a004b1f41193818e3b3777f2c73d\LoadMxf.ni.exe
+ 2012-05-11 08:14 . 2012-05-11 08:14 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\3ee98e8b2084e27d65953bbd7e362bf8\ehiUPnP.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\1cd9f92749d29b9fd61fcb1c4ae84294\ehiTVMSMusic.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\0811f67973c32efb2bfad62a4a2592b5\dfsvc.ni.exe
+ 2012-05-11 07:59 . 2012-05-11 07:59 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\ae9311dcb0e713330a2a86b04cf361dc\Accessibility.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\9c08aba33effec93e02906727f539866\WindowsLiveWriter.ni.exe
+ 2012-05-11 08:03 . 2012-05-11 08:03 80896 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4bd9d7d8d3686f779672029df66df150\WindowsLive.Writer.Passport.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\66d750f3f8dde0cc865f921497ab3545\System.Windows.Presentation.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c1ea7869d01b1b668de2181be6ebca56\System.Web.DynamicData.Design.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\543b0e12423bcec010bdd2ac27c5dc04\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-11 08:02 . 2012-05-11 08:02 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f34410ab8e82063735d876533db26c49\System.AddIn.Contract.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\d246780b91fd9f6393e85fb13bde94a6\stdole.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\d24744f15243e28ea541a459ff7ff5d5\PresentationFontCache.ni.exe
+ 2012-05-11 07:56 . 2012-05-11 07:56 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5a9d0ff936810991cedd098fe006a9be\PresentationCFFRasterizer.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\87a30ba337ed55d0905f19742e2985bc\napcrypt.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\9f2e8e0df9ff39ad21088f1d66cfadb1\Microsoft.WSMan.Runtime.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d797123d55bb7b823120d0a7ffbbc2a7\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb8ad29814d9e5589bd400d38e7a0b10\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb42a0f25b7608b2675080081b03f6e5\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\c6e9143be5afb36345875d56b61c444f\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\91767cf3facefe10e00734c815e925ad\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\66cd99d2f576cde047074e98bd5e1848\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\4308e1bdc640e1c3f1ea966e84e48900\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\06fcf2fbbe38d9425fc49d935498ec93\Microsoft.Vsa.ni.dll
+ 2012-05-11 07:55 . 2012-05-11 07:55 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\55c57057dc81a5e8c5bde3a230f0bcb9\Microsoft.VisualC.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e3ef400b1f37e4d3b79a42a8a602ea02\Microsoft.Build.Framework.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\2095344bf8c40f8baa94ba53a993fb4c\Microsoft.Build.Framework.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\dc93539af5a961641a26ada75f730136\ehiUserXp.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\53d03b0e238c77cf7e5ac88e02aecd2c\dfsvc.ni.exe
+ 2012-05-11 07:56 . 2012-05-11 07:56 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
+ 2012-01-04 20:54 . 2012-05-11 14:32 9636 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-230497470-973949422-265497877-1001_UserData.bin
- 2012-05-10 14:21 . 2012-05-10 14:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-11 14:30 . 2012-05-11 14:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-05-10 14:21 . 2012-05-10 14:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-11 14:30 . 2012-05-11 14:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-10 00:52 . 2012-05-02 00:08 4096 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2012-01-10 00:52 . 2012-05-11 07:06 4096 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2012-05-11 08:35 . 2012-05-11 08:35 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fd866b4158c3bd2a26c875f2896c5573\dfsvc.ni.exe
+ 2009-07-14 02:36 . 2012-05-11 12:07 660318 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-05-09 22:06 660318 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-05-09 22:06 121214 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-05-11 12:07 121214 c:\windows\system32\perfc009.dat
- 2009-07-14 04:45 . 2012-03-15 11:59 489296 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2012-05-11 07:53 489296 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:01 . 2012-05-08 01:05 423040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-05-11 14:29 423040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-15 18:01 . 2011-12-15 18:01 226600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 156440 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.AddIn.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2012-05-10 14:30 . 2012-02-10 23:29 172320 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationHostDLL.dll
+ 2012-05-10 14:30 . 2012-01-04 03:34 486144 c:\windows\Microsoft.NET\Framework64\v2.0.50727\SOS.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 182056 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 156440 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 386824 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2012-05-10 14:30 . 2012-02-10 23:31 131360 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2012-05-10 14:30 . 2012-01-04 02:51 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2012-05-10 14:30 . 2012-01-04 02:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2012-05-10 14:30 . 2012-01-04 02:50 996624 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2012-05-05 11:33 . 2012-05-05 11:33 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 616216 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 616216 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-05-05 11:33 . 2012-05-05 11:33 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-05-11 07:26 . 2012-05-11 07:26 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-05 11:30 . 2012-05-05 11:30 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-05 11:30 . 2012-05-05 11:30 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-11 07:26 . 2012-05-11 07:26 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-11 07:25 . 2012-05-11 07:25 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-05 11:28 . 2012-05-05 11:28 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 07:25 . 2012-05-11 07:25 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-05 11:28 . 2012-05-05 11:28 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-05-11 07:26 . 2012-05-11 07:26 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-05-05 11:29 . 2012-05-05 11:29 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-01-07 22:28 . 2012-05-02 00:10 888080 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\wordicon.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 888080 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\wordicon.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 272648 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pubs.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 272648 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pubs.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 922384 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pptico.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 922384 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\pptico.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 845584 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\outicon.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 845584 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\outicon.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 217864 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\misc.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 217864 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\misc.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 184080 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\joticon.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 184080 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\joticon.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 159504 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\inficon.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 159504 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\inficon.exe
+ 2012-01-10 00:52 . 2012-05-11 07:06 135168 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2012-01-10 00:52 . 2012-05-02 00:08 135168 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2012-01-10 00:52 . 2012-05-11 07:06 282624 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\fpicon.exe
- 2012-01-10 00:52 . 2012-05-02 00:08 282624 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\fpicon.exe
+ 2010-03-18 20:16 . 2010-03-18 20:16 181096 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_X86.dll
+ 2010-03-18 21:27 . 2010-03-18 21:27 225640 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_AMD64.dll
+ 2011-09-16 00:41 . 2011-09-16 00:41 408936 c:\windows\Installer\$PatchCache$\Managed\00002119E20000000000000000F01FEC\12.0.6612\WINWORD.EXE
+ 2012-05-11 07:45 . 2012-05-11 07:45 553984 c:\windows\assembly\NativeImages_v4.0.30319_64\XamlBuildTask\d7ba8f0a500f25cbed7daa07e8d748ec\XamlBuildTask.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 462336 c:\windows\assembly\NativeImages_v4.0.30319_64\WsatConfig\c87183cbec623926230118ddb9c93662\WsatConfig.ni.exe
+ 2012-05-11 07:45 . 2012-05-11 07:45 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\65f25960625d91ca79a40f9067adc021\WindowsFormsIntegration.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\fb43d84bc59b21e8a7f3e36d616eea90\UIAutomationTypes.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\26f12a0a3baed2a227cf30aaeae03913\UIAutomationProvider.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\1c3c298326e9ac14796516ac1da09a16\UIAutomationClient.ni.dll
+ 2012-05-11 07:35 . 2012-05-11 07:35 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\307eea660f877dc40ae90882ce554757\System.Xml.Linq.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\b4afa252d0f0e27b0b5e8fcb2cc5b3a7\System.Windows.Input.Manipulations.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 244736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\91675145e39e0f08e99261ae13fab748\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 314880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.RegularE#\31c9a177e71d9ded2a09252d362bab1d\System.Web.RegularExpressions.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 451072 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity\11f44ba4e33e44c2079c241d6204c1a0\System.Web.Entity.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 367104 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity.D#\c68fbb58da2a3fe9457aa5ccd0696e4b\System.Web.Entity.Design.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 973824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\2a18e601c2e39b63340a37586b41f9dd\System.Web.DynamicData.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 331776 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\5e6731a238b759d83bc05c32866c273c\System.Web.DataVisualization.Design.ni.dll
+ 2012-05-11 07:36 . 2012-05-11 07:36 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\8c0ee7b970cc4e8c2986c7898af71661\System.Transactions.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\85810fe277a718273eb946a460ae8010\System.ServiceProcess.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\eb4fb369926faaffede7aaf317fd6532\System.ServiceModel.Channels.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e5ab3c37897bb578bdbfe6b7e0558ad8\System.ServiceModel.Routing.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 587776 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\8f896864a26d75c339216f339a14f1a1\System.ServiceModel.Activation.ni.dll
+ 2012-05-11 07:21 . 2012-05-11 07:21 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\e48b6a8c491a96d1bc601795532af605\System.Security.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-11 07:36 . 2012-05-11 07:36 995328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\57f6833522c9820223bbf4a9a343f739\System.Runtime.Remoting.ni.dll
+ 2012-05-11 07:36 . 2012-05-11 07:36 311296 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Cach#\f13c2516bc89d916d39d3746e5d668e1\System.Runtime.Caching.ni.dll
+ 2012-05-11 07:32 . 2012-05-11 07:32 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\5f2bfb0585061dc256ee9587d430959f\System.Numerics.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\6996a415485a84fef2d2556b0462336f\System.Net.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\a3849a373beeb3509d8c22d5751dfad3\System.Messaging.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\92d266f677605e5475b7f39c063c4a9d\System.Management.Instrumentation.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\07a0e1efc063042be3e8faf62b413a12\System.IO.Log.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\7fd39b9a208214e6e5eba4e9396409f1\System.IdentityModel.Selectors.ni.dll
+ 2012-05-11 07:36 . 2012-05-11 07:36 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\521f5bccf74318a4777597b0c01fda1e\System.Dynamic.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 292352 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing.Desi#\cfe9bb29ab62c2263c904bc321a26bec\System.Drawing.Design.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\6a8bd7d373c988a585e90bb61c5ec8cc\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\78dd02d104bb15bc3820c06bd2876239\System.Device.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 662528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\a7528e9723fb3c77bba4ce617a9c9e03\System.Data.Services.Design.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\97d1aaf3733b107ecdbecb9d21050ff4\System.Data.DataSetExtensions.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c3d7a7ff58ff502887d8f1b77e61adbc\System.Configuration.Install.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\a4f91f2dfd1656ef2e42917963f6bf50\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 871936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\b1c67ee2e0e6e78c31985069fbc82596\System.AddIn.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\c69fb0f955adc7ca80cd5f2fd730edea\System.Activities.DurableInstancing.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\11fc863fa4f5092fca4f2ce25a9ac361\SMSvcHost.ni.exe
+ 2012-05-11 07:36 . 2012-05-11 07:36 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\50e8e826488639e549589ba34666933e\SMDiagnostics.ni.dll
+ 2012-05-11 07:35 . 2012-05-11 07:35 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\722c0236432dd5ccc047481d3ebbd49e\PresentationFramework.Royale.ni.dll
+ 2012-05-11 07:35 . 2012-05-11 07:35 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\6739c3715c9e38dbdfbfd57b424a3094\PresentationFramework.Aero.ni.dll
+ 2012-05-11 07:35 . 2012-05-11 07:35 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\3e7359f5f0fb68565314f88f6ec2d67a\PresentationFramework.Luna.ni.dll
+ 2012-05-11 07:35 . 2012-05-11 07:35 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\263748f3d18955b9e467710da1e8546f\PresentationFramework.Classic.ni.dll
+ 2012-05-11 07:32 . 2012-05-11 07:32 364544 c:\windows\assembly\NativeImages_v4.0.30319_64\MSBuild\d448d55698c8471a921d17e20c0ac885\MSBuild.ni.exe
+ 2012-05-11 07:33 . 2012-05-11 07:33 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6493bbb60833072904ad141a5a4d08ac\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\6480551111832c83ee88bcf756a72533\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 851456 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Uti#\0e541d178a5797ec61d0b97058e6cc2e\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2012-05-11 07:21 . 2012-05-11 07:21 353792 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Fra#\60fcea7acc6c048071451efa6d2f5fa6\Microsoft.Build.Framework.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\0e81a3996f7cbff23fc01bea4185a918\CustomMarshalers.ni.dll
+ 2012-05-11 07:21 . 2012-05-11 07:21 661504 c:\windows\assembly\NativeImages_v4.0.30319_64\ComSvcConfig\8ac8c91963eaf605a1bb1791e7d7f7e3\ComSvcConfig.ni.exe
+ 2012-05-11 08:35 . 2012-05-11 08:35 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\09f78ad9517d5d19de8498bac32fc9f8\XamlBuildTask.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 356864 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\a61f64155e6b58da21013a5e4d6805c2\WsatConfig.ni.exe
+ 2012-05-11 08:35 . 2012-05-11 08:35 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ede3b9144bc31da0eaaf86c7b6a9eaaa\WindowsFormsIntegration.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\7a9f70fa774076a7ec19bc03e7064d0d\UIAutomationClient.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\c477bbff1e4662263255a1bf17bd9c2a\System.Windows.Input.Manipulations.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 194560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\3ecfebe2517183d2536f9f19cfcb296a\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 224256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\ea0b825a2dd1a056f6171170eb072d4a\System.Web.RegularExpressions.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 865280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\3aa4cfeffe5f2eecf11c0c7515a63d1a\System.Web.Extensions.Design.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 335360 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\085674a5828837f2a6f977b371a75036\System.Web.Entity.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\c59bd0aba3cea65b34f13c126eda7db9\System.Web.Entity.Design.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 712192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\5d904aa7d91889039e5ef6a6cd82f569\System.Web.DynamicData.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 260608 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\0f4f92098ec67c0979680fc84eed7ca0\System.Web.DataVisualization.Design.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\35da2da22db8fde344d9e17b20a91816\System.ServiceProcess.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 432640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f8fa8f3947b4f9b6819d121537e39050\System.ServiceModel.Activation.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 771584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 244736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\d8b4dcd719a3805ab0bce3c8cdfe8288\System.Runtime.Caching.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd25ddcfa0417d40e3f1385e30abcd6f\System.Net.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\87f2fdf92547c337644f4db30caa63e3\System.Messaging.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\08397796343d5730a29f42e61c7f6ee7\System.Management.Instrumentation.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\ff1250d2409bd16283c423650d6fd3f6\System.IO.Log.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\e60675d3ba7fa94924489dc8466ebff5\System.IdentityModel.Selectors.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a9b1e597aaa263dea2cf8754440bd271\System.Dynamic.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 226304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\02fbf9c53252572c65734e4058139abc\System.Drawing.Design.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e41e86da56bb60523251e0e08210a77b\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\94d45f7f28d81304d7fa83bcea849141\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4c50d8a951546d6dffdc8bcb23f47a7b\System.Device.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 508928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\9242a5a839c4ae4f203c32b409dc7c42\System.Data.Services.Design.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\7803f4398a527a87d5cace8023e93e8b\System.Data.DataSetExtensions.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\977c7c2badf6a9059ba8371a0f645fc8\System.Configuration.Install.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\877ef74350e6d374ca8f80b489a8cc8e\System.ComponentModel.Composition.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4330e93f9d0ef85f1a972e11c2ac5156\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 624128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0c67d9fc14856eb7d8b4e405aef79960\System.AddIn.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2b046f2d5f056b906d7b25b75ca23575\System.Activities.DurableInstancing.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\4847f66153121ec4ed532909f7c152be\SMSvcHost.ni.exe
+ 2012-05-11 08:26 . 2012-05-11 08:26 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
+ 2012-05-11 07:30 . 2012-05-11 07:30 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ef6e3eb351fe12a5766be7c956c35d95\PresentationFramework.Classic.ni.dll
+ 2012-05-11 07:30 . 2012-05-11 07:30 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e49a124fdad0f1db135f03a49f18fb48\PresentationFramework.Royale.ni.dll
+ 2012-05-11 07:30 . 2012-05-11 07:30 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
+ 2012-05-11 07:30 . 2012-05-11 07:30 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\141f0a8fbfb83604fa3dd43dbe8fa0f4\PresentationFramework.Luna.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 274432 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\d47740fc85ad70c686adc9fc9dc6e7f5\MSBuild.ni.exe
+ 2012-05-11 08:25 . 2012-05-11 08:25 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\a604989c1d4b14505e020b7d015cacbd\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\01c5ff7a1ea0463414736df5d449e0a9\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 631296 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\3ad065635e1e0cd413081be61993cd38\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 258048 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\71a3a98ff5fb128d3abf6ecc3224ba6b\Microsoft.Build.Framework.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 136192 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\f18a2a149b3e7f9cf74de1263c2ee337\Microsoft.Build.Conversion.v4.0.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 475136 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\7186c9237e315a433d3c6a31fea48310\ComSvcConfig.ni.exe
+ 2012-05-11 08:07 . 2012-05-11 08:07 852480 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\9cc947b195d88208d3d90dbce04222d4\AspNetMMCExt.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\ad7f43afb4f124acae4d503b40f591c1\WsatConfig.ni.exe
+ 2012-05-11 08:24 . 2012-05-11 08:24 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\cefe28fde401a6a5718d1718c345fb37\WindowsFormsIntegration.ni.dll
+ 2012-05-11 07:59 . 2012-05-11 07:59 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\bf634b0e2e28466c6ed6ae1eb602b09f\UIAutomationTypes.ni.dll
+ 2012-05-11 07:59 . 2012-05-11 07:59 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\1ff8fb81d6f045f1dc6f50be95444292\UIAutomationProvider.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\1f36e020c3563e0ff414f13138e238e1\UIAutomationClient.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\769b7666d915de95db5b63ec22bf3e42\TaskScheduler.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\de45d043775d8c805f6feca40d7a9ed2\System.Xml.Linq.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\181702fb83901c085401957c6f731cf4\System.Web.Routing.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\76662ce36d2141e45513e64386073cc2\System.Web.RegularExpressions.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\9b9d3e3e44dc7d03bb96033a5b829a6b\System.Web.Entity.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\ad2339c5f0fd9aa8a9989800825da487\System.Web.Entity.Design.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\8309dc5dd39b93f3e105a4d455b74a00\System.Web.DynamicData.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\a79640760b61cc1c23ac3cfdfa6f0f3f\System.Web.Abstractions.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ec95ad2463c5588fc8ef552b3f375ee6\System.Transactions.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\05acafa7eb44049849a5aafd39147ee5\System.ServiceProcess.ni.dll
+ 2012-05-11 07:58 . 2012-05-11 07:58 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\1875b50d0228f29aef00bed38ab594d6\System.Security.ni.dll
+ 2012-05-11 07:59 . 2012-05-11 07:59 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\3b3581851a728bef36f319e9d4c72499\System.Net.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\b4297ef47e0839fce0145f665349dcc9\System.Messaging.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\599954438a668c94dd38e8e7e506ac2a\System.Management.Instrumentation.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\fd51741bfd973ad507bbd141e98932f8\System.IO.Log.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\ef6abe121bb11bff2514bfdfb7e76b7a\System.IdentityModel.Selectors.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\e7abd70c16a5e638a7121fc5f68484cc\System.Drawing.Design.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\4bb1134d9b166434327385ddf3c5dd54\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\7c4ce1b8a2f83ef29aa6d5f126ab5b71\System.Data.Services.Design.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\19d1414f1ca718ce4d0c07e7305b3450\System.Data.DataSetExtensions.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\4aebed13b5309398cd809454cafe472f\System.Configuration.Install.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\9536bb262c4f1ea389d287ab669767d4\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-11 08:02 . 2012-05-11 08:02 890880 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\84262138e2e9f34c88fd282caa82baa5\System.AddIn.ni.dll
+ 2012-05-11 08:02 . 2012-05-11 08:02 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\176899be7b920fb20408ff49e636a776\System.AddIn.Contract.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\ee0608cd62dfb37016016884fc39e425\sysglobl.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\9fa1abf006689e262527ae50d452e97e\SMSvcHost.ni.exe
+ 2012-05-11 08:13 . 2012-05-11 08:13 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\2eac9c598de3341eba5c16787c74f220\SMDiagnostics.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\89de197bdde5984658045ade41c2c9b9\PresentationFramework.Classic.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\7ffb91db770d0b09921f623bc5d68b4f\PresentationFramework.Luna.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4f3567165e2a444fc9a62980c4d0ea82\PresentationFramework.Aero.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\205bb33cef9ae6b906ceadd6f2861c86\PresentationFramework.Royale.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\bc8a2d99d8ebd29f94905072ccf4b3b8\napsnap.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\b79da521cf602154b475ea740cc7fd3b\napinit.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\5f0ae15f9d1cade37fbfaacff7e64bff\naphlpr.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\5346ceca518baf5e5fa3fed9f900f792\napcrypt.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\8f792883d0adad8c7beccf24aed65817\MSBuild.ni.exe
+ 2012-05-11 08:15 . 2012-05-11 08:15 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\926d20041c179cebc6f4398155b1b2c4\MMCFxCommon.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\b78beede8a3c9720095dde4a4a162acc\Microsoft.WSMan.Management.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\83222514e209f186ad3a1c3794168bfd\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\a843956bb452503139683304de4cc8f6\Microsoft.Vsa.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\c56d6513e4b239b1b1dbe29b0588321a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\fb0d102ca78bd05fe7064b9e6be30fc7\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b21fa6ff448b99a97319e18c166c03e2\Microsoft.PowerShell.Security.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6c3fe42a14ac5b48ebd43be290973d24\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\2572e94f9d0b412cdc529c8d74fdb689\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f4faec8b6d3e2c327c68070963ec1750\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f04ccbbf5199d2b264f1b1175be44686\Microsoft.MediaCenter.Mheg.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f015188310f7613f819fcf032f98705a\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c5f4ab28f67d5bf0cc221ef81e7f6966\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6dbd502a13b5e3caae0b1f2b4847612f\Microsoft.MediaCenter.Playback.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\514667153fd74307d21e7f50b79858c9\Microsoft.MediaCenter.Interop.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\18367b9a0b9e9261d1d9e371230af87c\Microsoft.MediaCenter.Sports.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\718cd5a598ed3e225a73b2aba7bcc1e1\Microsoft.ManagementConsole.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\d68a27daca73749e4438a47e61643c3c\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\3151235c1c38db94fd44e3c6f290ff38\Microsoft.Build.Utilities.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 121344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\cf5e9b5d10682467a9e03358a6d6258f\Microsoft.Build.Framework.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\0f233d0eb396065719e83ab573a72cc5\Microsoft.Build.Framework.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\2416af06edb993f98a751acb69f67016\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\69286d5692277a166404cb897a8b2e7a\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\74e4adc90675c3b1365825c7e78b5ce9\Mcx2Dvcs.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\4a1f9a648a3928d42b77a91666d9aa8a\mcupdate.ni.exe
+ 2012-05-11 08:14 . 2012-05-11 08:14 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\40d70417c04f9ccb5fdecb5b9be5a6a3\mcstoredb.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\927ada02b440d95fdf36a37ee96aaa54\mcplayerinterop.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\35023ad5cb299ca2020bd660f5dba2fc\mcGlidHostObj.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\3fc113fe40d0145cd87afca2d107bf6d\MCESidebarCtrl.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\0bd8d37bc6f648d092e1d8034609a107\EventViewer.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\584d419d4c837ea19f7f450a807b0273\ehRecObj.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\20c3505378a50f4859c9b2e7dcbb5fa2\ehiWUapi.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\2f9f48ad6496c9103043db1c21a651fd\ehiwmp.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\0955237aa3c1cb3a643248b8c58ec34c\ehiUserXp.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\7998173654fa518876cc97e37b86d465\ehiiTv.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\6c97aa6908f96ac9816ce74e4f6251ac\ehiExtens.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\a501747a95523297a8a1f119df8b1642\ehiBmlDataCarousel.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 126976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\414bbac4e1d7761a336bb9d74b9b243a\ehiActivScp.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\24d3859bba3ed02775f22c50ae5ab5a6\ehExtHost.ni.exe
+ 2012-05-11 08:14 . 2012-05-11 08:14 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\ff7ef4caed03d6934669d1a39877a8ac\ehCIR.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\b7916689137fd0bc9ba1ba5a27e2a38a\CustomMarshalers.ni.dll
+ 2012-05-11 08:13 . 2012-05-11 08:13 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\cc6e6febcd804604bf4d92d0eb8ec6ae\ComSvcConfig.ni.exe
+ 2012-05-11 08:13 . 2012-05-11 08:13 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\d18719c2df1334364cac199bb9c86adf\BDATunePIA.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\9d60139fdead64a892985181d663989f\WsatConfig.ni.exe
+ 2012-05-11 08:04 . 2012-05-11 08:04 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\91e23b6ffbada11e54816b2f329acb0d\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dbbb5914ff727ce0f6793177c4da31ba\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d5f38b26d06719bce75df9b32a557754\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cf4374c8bdd547ec387d4e75506b1f09\WindowsLive.Writer.Api.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bf6fd33cd452afed9250a32b89ca636e\WindowsLive.Writer.Controls.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a1ba3ba31e32f7e38e311d06dc4f5fb7\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9f3a254c1407ab341858c7e2e525abef\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 374272 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\853c1f1b75d33bbc710d95042876c71b\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\76e2551cbd4afc49d895d75f0f03e673\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7039bba7ff166706ab0b2cd61ff38302\WindowsLive.Writer.Instrumentation.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\66915176ab5aa52988ff1ee8cef3fe92\WindowsLive.Writer.Interop.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4f6aeeee01549f796d40a3af7b166d86\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\40469c3f4918b300f87937d50390746b\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3303c50c159ca46a4138b587056503b0\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1022079e02029f995d2432a837f10bc0\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\63f268e307ec2913c3cdddf13bcc2041\WindowsLive.Client.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\9bfbf0613d3780e34d98333c7b381218\WindowsFormsIntegration.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\779b08c46960a1824503aa6f089673fa\UIAutomationClient.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\c4edf782e69aa24453554f8b6cb40773\TaskScheduler.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d75f0b1e2ea688466552da04fd805949\System.Web.Routing.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\2b129372a27469195acbe3b6b81786ef\System.Web.RegularExpressions.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\5d6fdd022660b8ca4be19ff06ddfee7a\System.Web.Extensions.Design.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\d084aa31b82c66eb83e40853ba961b48\System.Web.Entity.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\53ca1042189a64dcd1f8ff487922b749\System.Web.Entity.Design.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\0b8a9e120d8f557a9702229e3c64987c\System.Web.DynamicData.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5d95b9a6cee5a9b1aac34b5d33c721ba\System.Web.Abstractions.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5abddd1112204bd1e3347be519eaa28f\System.ServiceProcess.ni.dll
+ 2012-05-11 07:55 . 2012-05-11 07:55 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\0b5f082230e3486412e0fa333290e85a\System.Net.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\f1241239a9b8229f91ce55d230fad38c\System.Messaging.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\8280490a2939075b726fd051d9010cc0\System.Management.Instrumentation.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\a03191ed937f6c1dc827b53d94ea0176\System.IO.Log.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\100d39c2f8985cb93e26feef86ba5212\System.IdentityModel.Selectors.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\6b16664ac4ab46643c4a7fdd960ef9fb\System.Drawing.Design.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\55545e89f96539ef93375524d1145a6f\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\4d73a7649876bb6e54a01ccbf235919b\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e36e03067b12bc35fcc3787dc81022c8\System.Data.Services.Design.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\5a29fff52e2c3d13ec15e8701027ab17\System.Data.Entity.Design.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\940f62a5d077405e0b324422afb6ff2c\System.Data.DataSetExtensions.ni.dll
+ 2012-05-11 07:55 . 2012-05-11 07:55 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\d3325c6bced333a67122db7414c1fd1e\System.Configuration.Install.ni.dll
+ 2012-05-11 08:02 . 2012-05-11 08:02 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\a90ec436f1d2c5cb0133a53c2e47d61a\System.AddIn.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\1ed79278fe139272e868e3a53d736f22\sysglobl.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\1b0b19607668635281fa260707f4352f\SMSvcHost.ni.exe

Part 2 to follow

#10 rick_mcg

rick_mcg
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 11 May 2012 - 11:20 AM

ComboFix Log Part 2
+ 2012-05-11 08:04 . 2012-05-11 08:04 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae55e761d480fe15781156d1311a1837\PresentationFramework.Classic.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7df1f379457aa5f39183903d115b5479\PresentationFramework.Royale.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\496bc57a53989bb83ec58865fa34be1d\PresentationFramework.Luna.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\9e0dafde490fbb06e0624ad4e5355b58\napsnap.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\782ffccdf30881e1eb1236c3fd7e959b\napinit.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\e0c40329b9cdd7f141a3702d79eb4bda\naphlpr.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\74a8b6419deb005337a1e43ec2502134\MSBuild.ni.exe
+ 2012-05-11 08:04 . 2012-05-11 08:04 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\9e8d56153e65d3cf74342c741126d396\MMCFxCommon.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\070505350ec9daa3343b3cd2bc8cf59e\Microsoft.WSMan.Management.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1e639225ba30d7f182b893ddacea506b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d4c36b363fcd1ca494218e74ba606e99\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ba2ca86f5d270f493501848843d2f227\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\607324a312b1c6d7fbede8300e8cee91\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1f1185444c8a12ace85ba4c2d49f41f8\Microsoft.PowerShell.Security.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\12715b7e3e89758161053520b57764b2\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\f077b7199d773c7812c04bb146014257\Microsoft.ManagementConsole.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\7e59b3b84ca3c61adfc0dc74a65ea177\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\07e346ee0e3f7433f2de7a72fadd6713\Microsoft.Build.Utilities.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\432160eff3b1f9301c6a74c2e647e03d\Microsoft.Build.Engine.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\8297305de86377d0070a983d99a7f943\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\541a5bb4d0f8490e506f885a4b435566\mcstoredb.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\185067f9c70ccbccb4431063f9054b66\EventViewer.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\5ae5c6732ef8e7115baaeb66fd69cdd2\ehRecObj.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\c4a5ce4f89c53b9601d13d22d01cf0bf\ehiVidCtl.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\cbf3a07d3ab873b19f47d6a24f06c796\ehiProxy.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\5cc4a5672758f4732ef430b3431f47fc\ehiExtens.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\3912b69593af13d0922279a063e5af66\ComSvcConfig.ni.exe
+ 2012-05-11 08:04 . 2012-05-11 08:04 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\e1c3540ffb669448747187f76c6ebe82\BDATunePIA.ni.dll
+ 2012-05-10 14:30 . 2012-01-04 02:50 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2010-11-21 03:25 . 2010-11-21 03:25 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-05-10 14:30 . 2012-02-10 23:31 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-05-10 14:30 . 2012-02-10 23:29 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-10 14:30 . 2012-02-10 23:31 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2009-07-14 04:45 . 2012-05-09 02:20 7204521 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-05-11 07:56 7204521 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-09-16 01:20 . 2012-05-11 14:29 2100848 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-09-16 01:20 . 2012-05-08 01:05 2100848 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-01-19 17:08 . 2012-01-19 17:08 1369872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsBase.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 6429992 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.dll
+ 2012-01-19 17:52 . 2012-01-19 17:52 3825952 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationCore.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 5029160 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 1512712 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
+ 2012-05-10 14:30 . 2012-02-10 23:29 2256152 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
+ 2012-05-10 14:30 . 2012-01-04 03:34 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
- 2012-01-03 08:07 . 2011-03-29 22:32 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
+ 2012-05-10 14:30 . 2012-01-04 03:34 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
- 2012-02-14 22:21 . 2011-10-31 23:15 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
+ 2012-05-10 14:30 . 2012-01-04 03:34 9992464 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
+ 2012-05-10 14:30 . 2012-01-04 03:34 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
- 2012-01-03 08:06 . 2011-07-08 22:31 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
+ 2012-05-10 14:30 . 2012-01-04 03:34 1577232 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
+ 2012-05-10 14:30 . 2012-01-04 03:34 1756432 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscordacwks.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 1369872 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 6429992 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 3790112 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 5029160 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2012-05-10 14:30 . 2012-02-10 23:31 1737496 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2012-05-10 14:30 . 2012-01-04 02:51 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2012-01-03 08:07 . 2011-03-29 22:33 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2012-02-14 22:21 . 2011-10-31 23:16 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-05-10 14:30 . 2012-01-04 02:51 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-05-10 14:30 . 2012-01-04 02:51 5925136 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2012-01-03 08:06 . 2011-07-08 22:33 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-05-10 14:30 . 2012-01-04 02:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 5029160 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-05-05 11:32 . 2012-05-05 11:32 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-11 07:28 . 2012-05-11 07:28 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-05 11:31 . 2012-05-05 11:31 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-05-11 07:27 . 2012-05-11 07:27 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-05-05 11:29 . 2012-05-05 11:29 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-11 07:25 . 2012-05-11 07:25 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-11 07:26 . 2012-05-11 07:26 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-05-05 11:28 . 2012-05-05 11:28 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-11 07:25 . 2012-05-11 07:25 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-11 07:26 . 2012-05-11 07:26 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-05-05 11:29 . 2012-05-05 11:29 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-04-05 02:38 . 2012-04-05 02:38 2831360 c:\windows\Installer\160b892.msp
+ 2012-04-29 01:44 . 2012-04-29 01:44 9101824 c:\windows\Installer\160b87a.msp
+ 2012-04-29 01:44 . 2012-04-29 01:44 9586176 c:\windows\Installer\160b862.msp
+ 2012-04-30 18:38 . 2012-04-30 18:38 5011456 c:\windows\Installer\160b83b.msp
+ 2012-04-05 02:38 . 2012-04-05 02:38 3620864 c:\windows\Installer\160b7ff.msp
+ 2012-03-20 02:02 . 2012-03-20 02:02 6695936 c:\windows\Installer\160b7e7.msp
+ 2012-03-15 06:24 . 2012-03-15 06:24 1795584 c:\windows\Installer\160b7d3.msp
+ 2012-04-29 01:43 . 2012-04-29 01:43 8459264 c:\windows\Installer\160b7bb.msp
+ 2012-02-17 12:45 . 2012-02-17 12:45 2299392 c:\windows\Installer\160b7a3.msp
+ 2012-01-07 22:28 . 2012-05-11 07:33 1172240 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\xlicons.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 1172240 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\xlicons.exe
- 2012-01-07 22:28 . 2012-05-02 00:10 1165584 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-01-07 22:28 . 2012-05-11 07:33 1165584 c:\windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-08-17 13:49 . 2011-08-17 13:49 4683624 c:\windows\Installer\$PatchCache$\Managed\00002119E20000000000000000F01FEC\12.0.6612\WRD12CNV.DLL
+ 2011-07-07 06:58 . 2011-07-07 06:58 1616240 c:\windows\Installer\$PatchCache$\Managed\00002119E20000000000000000F01FEC\12.0.6612\OGL.DLL
+ 2012-05-11 07:33 . 2012-05-11 07:33 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e41f5739292f4771c64a55940369efd2\WindowsBase.ni.dll
+ 2012-05-11 07:45 . 2012-05-11 07:45 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\6ee9d76d9f1e618cd6fb94b13355bcc9\UIAutomationClientsideProviders.ni.dll
+ 2012-05-11 07:21 . 2012-05-11 07:21 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\28ca4f076264ab07f1d00a6c9623dc49\System.Xml.ni.dll
+ 2012-05-11 07:21 . 2012-05-11 07:21 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\df013cbfec0defc7e9997cdaa90b89bc\System.Xaml.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 1602560 c:\windows\assembly\NativeImages_v4.0.30319_64\System.WorkflowServ#\e92e21c0bb943f4c4c0e6ba57f2e8b11\System.WorkflowServices.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 2887168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Run#\ab44c8403068d477d3ccb63a7b99c796\System.Workflow.Runtime.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 5922304 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Com#\257cccbbdf957827420366018bb8b2bb\System.Workflow.ComponentModel.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 3744768 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Act#\6f15c76d1133159cfb4233680d7a672d\System.Workflow.Activities.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\9e50e3bca6cb19f9acab815d46f5e7e5\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-05-11 07:37 . 2012-05-11 07:37 2287104 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\d27c82130281d30a958f94d9f7027e34\System.Web.Services.ni.dll
+ 2012-05-11 07:44 . 2012-05-11 07:44 2964992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Mobile\99fec8397616a4999470ea72bd8cac46\System.Web.Mobile.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 3805184 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\bd863273330792b63f9c4f1639d96543\System.Web.Extensions.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 1101312 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\0fd3a003f2e5f8272afbe7079fc837fb\System.Web.Extensions.Design.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 5618688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\13b948ccfa64afed6fcb2cb282207d17\System.Web.DataVisualization.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\cd7c3aed4408c3554c30a8f0236b90e1\System.Speech.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\94289b88c5b494f572cd7114fa995487\System.ServiceModel.Activities.ni.dll
+ 2012-05-11 07:41 . 2012-05-11 07:41 1506816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\755b7b34d1055295c619713f010f17b9\System.ServiceModel.Web.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\2dbc7aabd92cc0d470acb455c498d919\System.ServiceModel.Discovery.ni.dll
+ 2012-05-11 07:36 . 2012-05-11 07:36 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll
+ 2012-05-11 07:36 . 2012-05-11 07:36 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\b37e6f4b1d742031f328504eb99d0f6c\System.Runtime.DurableInstancing.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\682ea473b36fc9043d982c4f5a667568\System.Printing.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\b83f2453b4538b2e80fe09cfd94dce00\System.Management.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\60bf6251873ef465abcebeb9a24b7932\System.IdentityModel.ni.dll
+ 2012-05-11 07:36 . 2012-05-11 07:36 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.ni.dll
+ 2012-05-11 07:35 . 2012-05-11 07:35 2303488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\dadeee26c90fecbf3196eba10dc077b4\System.Drawing.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\a68116468a194678fd04167067134712\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-11 07:36 . 2012-05-11 07:36 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\3a737af86a6a819af97a6d1a04c0e944\System.DirectoryServices.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\f20144fba069563333d0f6be2e0b6e06\System.Deployment.ni.dll
+ 2012-05-11 07:37 . 2012-05-11 07:37 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\0ec8effb7b9d03ae69d37922813bc880\System.Data.ni.dll
+ 2012-05-11 07:21 . 2012-05-11 07:21 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\0eb72df497fad5c273ff16f88b0fb950\System.Data.SqlXml.ni.dll
+ 2012-05-11 07:41 . 2012-05-11 07:41 2703360 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Services\ef77bd7c278e00372440bc2a2d6bfef0\System.Data.Services.ni.dll
+ 2012-05-11 07:43 . 2012-05-11 07:43 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\536e12016ad3adc78e0708b77e6b9219\System.Data.Services.Client.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 1498112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.OracleC#\9ae2ebd5a18f5e129b09e1691126fce4\System.Data.OracleClient.ni.dll
+ 2012-05-11 07:41 . 2012-05-11 07:41 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\86553c1d7f3e66c17fc3e0274de7a2de\System.Data.Linq.ni.dll
+ 2012-05-11 07:41 . 2012-05-11 07:41 1750528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity.#\4997c69ce25208cb230a7f6f81c4dc83\System.Data.Entity.Design.ni.dll
+ 2012-05-11 07:21 . 2012-05-11 07:21 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\6aea67f24827961ce1d48356715389d8\System.Configuration.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\eac19ca5a18a6d08cd247e68b618ba68\System.ComponentModel.Composition.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\3869077874ba987242c791b3a18b2f8b\System.Activities.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\a7c19841c70fbce3b17ad3a46ee410d8\System.Activities.Presentation.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\96083298999a677341c98fc2bf01b248\System.Activities.Core.Presentation.ni.dll
+ 2012-05-11 07:39 . 2012-05-11 07:39 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\fe1704ff12348776e6b70dd4a2c69163\ReachFramework.ni.dll
+ 2012-05-11 07:35 . 2012-05-11 07:35 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\b0b05b1ecbfb813474f685de13027585\PresentationUI.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 1891328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationBuildTa#\f1a22e22627669cfa6df30d1b4051988\PresentationBuildTasks.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 1829888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\e6329450cf7a40ada7414ca9326aca56\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\93536d93a44ce7d5a60faf1aeb55f49e\Microsoft.VisualBasic.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\16425c121db8083cbaa51f619c9e51e7\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\5284682fcf04815a86233bcaf696da66\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\4b1d24a96b3882f9e77445e48a7c59ee\Microsoft.JScript.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\1ff62486cdefbfc2dab41b686a9aa4e2\Microsoft.CSharp.ni.dll
+ 2012-05-11 07:32 . 2012-05-11 07:32 6004736 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build\8186ee6e68fbefb30dca7b41ec0386c4\Microsoft.Build.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 3821056 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Tas#\32f1bdccbbc1086196ee0b16802659dd\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-05-11 07:33 . 2012-05-11 07:33 2521088 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Eng#\d0d3c1cf8ab4b8b5534a1e5a77d34f09\Microsoft.Build.Engine.ni.dll
+ 2012-05-11 07:21 . 2012-05-11 07:21 1007104 c:\windows\assembly\NativeImages_v4.0.30319_64\AspNetMMCExt\7441ee48816f9fdce14c5dad25008d28\AspNetMMCExt.ni.dll
+ 2012-05-11 07:30 . 2012-05-11 07:30 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\4b7adff986a085bb562222d0c5fdf5aa\WindowsBase.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\24ed0e1df6a605cdb2088f87ae2ab8ff\UIAutomationClientsideProviders.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 9091584 c:\windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 1226752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\6c7f57211a988e2f261dff251805e90e\System.WorkflowServices.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 1971712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\b0d4852fc57aed572307b110107affa0\System.Workflow.Runtime.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 4476416 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\e27ba229b4476e122b91d5df40da7f4b\System.Workflow.ComponentModel.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 2872320 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\4a76390ca3755f496d6615749d0a6650\System.Workflow.Activities.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\8ca12588b9ef54dbd02e607699fea6ae\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 1925632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\dbe597aa9c12df5d08fb2f3f9872b834\System.Web.Services.ni.dll
+ 2012-05-11 08:35 . 2012-05-11 08:35 2334720 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\2b86ac6189bb5b11f6c60b52990227c2\System.Web.Mobile.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 3127296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\53ac562204c363a76721a35b00441fed\System.Web.Extensions.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 4575232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\87bcfa9b1d416cbcc0dc4bc18ec30c03\System.Web.DataVisualization.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\f368c85283c4e6c9650dd1c8d369dcc5\System.Speech.ni.dll
+ 2012-05-11 08:28 . 2012-05-11 08:28 1086464 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f42c2acdb000001066c78acfc6cd8655\System.ServiceModel.Web.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ec057796972ce41b751eaa3a8306fbcb\System.ServiceModel.Discovery.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5055b60e339143bbace5871f5fe4b114\System.ServiceModel.Activities.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\bd371863e99082fa48cd630a73259448\System.Printing.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 1665536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\03b5233f1511f5fdb39eb681b04e5506\System.Drawing.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\0fe1e56d17858b6156a3a46330f75f27\System.DirectoryServices.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\75b4d98f7c7a434aff4e18cb724deae4\System.Deployment.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 2550272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\fdb98c6d783fe167c1dc0022f27b7cd6\System.Data.SqlXml.ni.dll
+ 2012-05-11 08:28 . 2012-05-11 08:28 2026496 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Services\9b0a11f0270b5bbeae593ca5c584afaa\System.Data.Services.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\b894a1df3e6d58ada8f1aa303465ca23\System.Data.Services.Client.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 1189376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\d62b53e7a5528b03ff512c624a1fdb83\System.Data.OracleClient.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\82c0c56ff8259e1440cfd0d5727a26d8\System.Data.Linq.ni.dll
+ 2012-05-11 08:28 . 2012-05-11 08:28 1424384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity.#\56e7e8cf5ba51bc1d284209d75a194a4\System.Data.Entity.Design.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 7069184 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 4129280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\51025a1c89f6fd752a5396a059d608b2\System.Activities.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\ebdd265de5f0300069da5f64983eca82\System.Activities.Presentation.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 1546752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\66893548d2b2cad29cabf3b3578f356f\System.Activities.Core.Presentation.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\4b6c6c090a1bcfe70c056f6c7116e8a9\ReachFramework.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\ea5933189eb5f066028b6e7d27d1d797\PresentationUI.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 1479168 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationBuildTa#\96e437d1e82e54e63ed96af50e96d03d\PresentationBuildTasks.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ee01b62f8e0ac49489118865cb34a25a\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\92694d06b9da1bff8e1722913a1d62bc\Microsoft.VisualBasic.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\42a7f127f3fda82fb12c6a6e144d08c1\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9a37f4e64ce5b856ac3892fef064c7de\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\cfcc92c125ddfaabad24abe61cfc0471\Microsoft.JScript.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 1616896 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\9912b6d76c1017b5af6ef24730f550ca\Microsoft.CSharp.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 4248064 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\5246fa832baabf6e3706fd537fe19062\Microsoft.Build.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 2877440 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\ac69ff5ee7791bd60b846598e1e405eb\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-05-11 08:25 . 2012-05-11 08:25 1931264 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Eng#\520f23eeaf6b5241a74a56338e8b89f8\Microsoft.Build.Engine.ni.dll
+ 2012-05-11 07:58 . 2012-05-11 07:58 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\783df1ee260d3df406fa80afa38502d4\UIAutomationClientsideProviders.ni.dll
+ 2012-05-11 07:58 . 2012-05-11 07:58 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\b7d8410b7226a2654823657f0a714441\System.WorkflowServices.ni.dll
+ 2012-05-11 08:02 . 2012-05-11 08:02 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\8ac687b7f43937c81f1c49d14975c740\System.Workflow.Runtime.ni.dll
+ 2012-05-11 08:02 . 2012-05-11 08:02 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\6fdec1a3278d87cbbc5211736d446d32\System.Workflow.ComponentModel.ni.dll
+ 2012-05-11 08:02 . 2012-05-11 08:02 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\052fd2c15eb37e00cecf33f6d13d9b09\System.Workflow.Activities.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\6a0b589c4c1467f6b783991842a0f961\System.Web.Services.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\395c96f5d2a876805d3846d396081c79\System.Web.Mobile.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\e4860ce9959b3593834516b4a6a75593\System.Web.Extensions.Design.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\baa7ed93207641c186f79f82ee22aea0\System.Web.Extensions.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\ca51f026916139f886519fdf6d6c73e9\System.Speech.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\56ee9b5f220583c1c7374a61ad904044\System.ServiceModel.Web.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
+ 2012-05-11 08:00 . 2012-05-11 08:00 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\f0bcd188487600cb07ce08dfd7b471ba\System.Printing.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\d1f21a29e79e73b5401fae156f339f67\System.IdentityModel.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.ni.dll
+ 2012-05-11 07:59 . 2012-05-11 07:59 2317312 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\92c038385ee5b9840e941f9c84b988df\System.Drawing.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\39d16229a3d5c6e7c1594ef10758bf75\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-11 08:00 . 2012-05-11 08:00 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\152ef61928f1c300fdad8fa6d5905880\System.DirectoryServices.ni.dll
+ 2012-05-11 07:59 . 2012-05-11 07:59 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\7c7024b309424dfaf8abae617f669fa0\System.Deployment.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\ea1848ec07c70f3d3c3445f4fbdae87a\System.Data.ni.dll
+ 2012-05-11 07:58 . 2012-05-11 07:58 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\7f6f74f1cc0ea6c40a2d6707b12af818\System.Data.SqlXml.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\0679fe5f3f9164f499e50cdade962ba3\System.Data.Services.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\2e9de1acfb7974cad94b747442ca325f\System.Data.Services.Client.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\97429a1c70c94c49850be3f944a32a2e\System.Data.OracleClient.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\2ec3d436b861d35c586b710a570e170d\System.Data.Linq.ni.dll
+ 2012-05-11 08:23 . 2012-05-11 08:23 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\b7b5364bc524988f7ca5b8c20a24119d\System.Data.Entity.Design.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\766ce7ee1a2e4f2a85fd90e7572f5d53\System.Core.ni.dll
+ 2012-05-11 07:58 . 2012-05-11 07:58 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
+ 2012-05-11 08:00 . 2012-05-11 08:00 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\d6379f3503f00cf1c2bb4f6118efdbd9\ReachFramework.ni.dll
+ 2012-05-11 08:00 . 2012-05-11 08:00 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\5fa575ebe76aab9d9fd07ce601c0d2e1\PresentationUI.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\4fbff79b8ebf082d08c0080923ff5036\PresentationBuildTasks.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\d0c041e321cf4d752d5113a0cdbccbaa\Narrator.ni.exe
+ 2012-05-11 08:17 . 2012-05-11 08:17 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\051b72a48f2c3f7ddd7353c7d5479b10\MMCEx.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\c79bf402b4840e3b0021f75cf467f82b\MIGUIControls.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\70b3f55017e9ddb67ce0f3c983eb6f37\Microsoft.VisualBasic.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\28ba52bc122353647f1b547506e2df7c\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f5790625975320b1ffad63b476da9132\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f29b31b09b826a27cced362030561d00\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d0328b4733d1a99d342a84928e319d4f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-05-11 08:17 . 2012-05-11 08:17 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\99049fd20c2a5e2779e879c2d95c96a2\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\efdc3b97b3c9d01dd00959970d086937\Microsoft.MediaCenter.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c057be8bb6614cce013af3721fe34983\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5c50dfc78bd40be7ca0d850c781671e4\Microsoft.MediaCenter.UI.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\31fb31c16a37080687f869db6b443adf\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\260d83ee2128a3388051cf416d4450b0\Microsoft.MediaCenter.Shell.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\094f6a515ca31504f96b4bad5848d692\Microsoft.JScript.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\a27890dd120635ba590a6fc9d9014197\Microsoft.Ink.ni.dll
+ 2012-05-11 08:24 . 2012-05-11 08:24 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\588a688a0b71a211247d8e18b05d61e4\Microsoft.Build.Tasks.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\f1a0df6a86ceb708c5e50338f12b77ba\Microsoft.Build.Engine.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\6b727c7aa69ae3e04a869908bfbae696\Microsoft.Build.Engine.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\208e6937e39f8f516536ba5f23e79687\mcstore.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\596902addad034f4df2caf291b12d61d\mcepg.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 2184192 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\cdad46cd58389f53308b735e6f29ce1f\ehiVidCtl.ni.dll
+ 2012-05-11 08:14 . 2012-05-11 08:14 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\0423915e377ec85d71ac216fafa77ab0\ehiProxy.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ffc7ce66bd0fd13b71c8870110124c0f\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ad799293e3b5b4a480ca68bbea49e61a\WindowsLive.Writer.Localization.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 7025152 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\70498b5c0eb482f16e365a4d2d38466a\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-05-11 08:03 . 2012-05-11 08:03 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\36410c38cbb2a080367c5b5f47020f8e\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-05-11 07:55 . 2012-05-11 07:55 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\3b452cde57280624e1085699fe8beb03\UIAutomationClientsideProviders.ni.dll
+ 2012-05-11 07:55 . 2012-05-11 07:55 7967232 c:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
+ 2012-05-11 07:55 . 2012-05-11 07:55 5452800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\439862b007b2dd84127ff35af476f5ad\System.WorkflowServices.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\bfa1ffe928b4e3fd6701aabfee7df15e\System.Workflow.Runtime.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0a7d29e1614521f3a87cd5a13e57f9f1\System.Workflow.ComponentModel.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\edac556f009c25b62ef1a040152e9cda\System.Workflow.Activities.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\59a5af8e3ea07f7980e0476d2da234cd\System.Web.Services.ni.dll
+ 2012-05-11 08:07 . 2012-05-11 08:07 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0307caacafd3e157fc003ed4743c5e2e\System.Web.Mobile.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\04442376410587c6de88f4b84cc69b1a\System.Web.Extensions.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\bd2611ceab6f7db0e3012790947da574\System.Speech.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d900f9ec12af9070d7c8f061a2b2618c\System.Printing.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\a8495b797e6f7adddc5811a4e1f97db5\System.Management.Automation.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 1590784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ef0d8a4790c24a3a091170958bc7b976\System.DirectoryServices.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\bf659f9bb758ac14ed7a37bdfe965849\System.Deployment.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
+ 2012-05-11 07:55 . 2012-05-11 07:55 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e9774272e9fc6ca49e6c616a31783040\System.Data.SqlXml.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\3285887b33030a7ce453573d3bed4e95\System.Data.Services.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\330d3ad45a00455b537047183e128def\System.Data.Services.Client.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\0f4e07fb8b1b7e7133a98f478856f70c\System.Data.OracleClient.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\2fe1658f05b0a96fe25c956a31d27b06\System.Data.Linq.ni.dll
+ 2012-05-11 08:06 . 2012-05-11 08:06 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\51a2589d5ee1c9c40fb6c56391570f9e\System.Data.Entity.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\305c4315c192a2964a312051caa5259e\ReachFramework.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\b935f8a4e6115d3eeb7bb293bf4b2257\PresentationUI.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b3f13707cbd5d48aabaa9ef5264c8a30\PresentationBuildTasks.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\a96e05eaed77a88a7a495091ed8296dc\Narrator.ni.exe
+ 2012-05-11 08:05 . 2012-05-11 08:05 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\0310b6efd8cd8b1b90bb78303d014081\MMCEx.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\6e602986ed39fd1f9e3801ee96b63f41\MIGUIControls.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dab0ad2d0f5da372a4947d3a1c7c07a9\Microsoft.VisualBasic.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\cd9e47effec6549cdec61eb3aef99f7c\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d62bb06df2169fa249006539173d6b5f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\870bb30c079ed5bc201057d71661601f\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7ee29045f76b1e9577bfc1e0fab723d8\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\9ac798ce15e5c0336f43b624af7363ec\Microsoft.MediaCenter.UI.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\0cb862d3708c15fe0f5c66d2a40cb074\Microsoft.MediaCenter.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\e3d2577e00aef6bc9b3e235eb83634f3\Microsoft.JScript.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\89ebef016091d09d58c8a1066def8bcd\Microsoft.Ink.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\81b8987ca8661d6af40ead6311c45724\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\52e05f8fa4314803ceab2befae2e0a39\Microsoft.Build.Tasks.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b66f52dbd8f87e53c3c9a1de7ca5bba\Microsoft.Build.Engine.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\14defdf34097afaf302497a7d612aaaf\mcstore.ni.dll
+ 2012-05-11 08:05 . 2012-05-11 08:05 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\69b8de21b08c3412422c5918399ed702\mcepg.ni.dll
+ 2012-05-10 14:30 . 2012-02-10 23:31 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-02-14 22:21 . 2011-10-31 23:16 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-05-10 14:30 . 2012-01-04 02:51 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-01-03 08:07 . 2011-03-29 22:33 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-10 14:30 . 2012-01-04 02:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-10 14:30 . 2012-02-10 23:31 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-10 14:30 . 2012-02-10 23:29 2256152 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
+ 2012-05-10 14:30 . 2012-02-10 23:29 3998208 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-10 14:30 . 2012-01-04 03:34 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-01-03 08:06 . 2011-07-08 22:31 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-10 14:30 . 2012-02-10 23:31 1737496 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
+ 2012-05-10 14:30 . 2012-02-10 23:31 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-10 14:30 . 2012-01-04 02:50 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-01-03 08:06 . 2011-07-08 22:33 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-07-14 02:34 . 2012-05-11 07:51 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-05-02 01:04 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-01-12 15:04 . 2012-05-11 07:33 57848688 c:\windows\system32\MRT.exe
+ 2012-01-04 20:48 . 2012-05-11 14:29 13593028 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-230497470-973949422-265497877-1001-8192.dat
+ 2012-01-19 18:20 . 2012-01-19 18:20 11997696 c:\windows\Installer\160b84a.msp
+ 2011-12-15 18:54 . 2011-12-15 18:54 39732736 c:\windows\Installer\160b824.msp
+ 2012-05-11 07:02 . 2012-05-11 07:02 20343808 c:\windows\Installer\160b78d.msp
+ 2011-09-16 00:42 . 2011-09-16 00:42 18115432 c:\windows\Installer\$PatchCache$\Managed\00002119E20000000000000000F01FEC\12.0.6612\WWLIB.DLL
+ 2012-05-11 07:17 . 2012-05-11 07:17 11880448 c:\windows\assembly\NativeImages_v4.0.30319_64\System\935aea6e7eae16674abdd96a68ec97af\System.ni.dll
+ 2012-05-11 07:38 . 2012-05-11 07:38 17353728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\401ebcc2dd54ce1e0d63a544f7ed7b8a\System.Windows.Forms.ni.dll
+ 2012-05-11 07:36 . 2012-05-11 07:36 15761920 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web\b7c097a32df012a0786ae236c7563031\System.Web.ni.dll
+ 2012-05-11 07:42 . 2012-05-11 07:42 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\c4cc7eb7733c4221c32caccfd66ae320\System.ServiceModel.ni.dll
+ 2012-05-11 07:37 . 2012-05-11 07:37 13314048 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Design\c5673f9907d635d3dbaec5d240acd47d\System.Design.ni.dll
+ 2012-05-11 07:40 . 2012-05-11 07:40 18479616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9df4e7ae75baa7bbb1af30c8061a6e9b\System.Data.Entity.ni.dll
+ 2012-05-11 07:32 . 2012-05-11 07:32 10440192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\b64f213e823a591607c45fac4997801e\System.Core.ni.dll
+ 2012-05-11 07:35 . 2012-05-11 07:35 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\34c2013b5f730680bd610d6a98d2977f\PresentationFramework.ni.dll
+ 2012-05-11 07:34 . 2012-05-11 07:34 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\4464e9df7184e3393b4cbb0f6dc286ba\PresentationCore.ni.dll
+ 2012-05-11 07:16 . 2012-05-11 07:16 19353600 c:\windows\assembly\NativeImages_v4.0.30319_64\mscorlib\6087fce8f76d9af69af496cb10b7d1ee\mscorlib.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 13197312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9ee9841d9e33fe5dceba4cd7d90f2ae0\System.Windows.Forms.ni.dll
+ 2012-05-11 08:26 . 2012-05-11 08:26 12079616 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\43476ffc51367fb771ac37209c7f0280\System.Web.ni.dll
+ 2012-05-11 08:34 . 2012-05-11 08:34 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 11021824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Design\5a3f59e0fe83702ffff3925dd6ef8f47\System.Design.ni.dll
+ 2012-05-11 08:28 . 2012-05-11 08:28 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\7aa839fb16503243d6ae454ab334bcf4\System.Data.Entity.ni.dll
+ 2012-05-11 07:30 . 2012-05-11 07:30 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\041b1bcf6ae9ab58925791d8198c37e2\PresentationFramework.ni.dll
+ 2012-05-11 07:30 . 2012-05-11 07:30 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a1de74c8d0dfd15e3246e5dd394013bf\PresentationCore.ni.dll
+ 2012-05-11 07:19 . 2012-05-11 07:19 14412800 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
+ 2012-05-11 07:58 . 2012-05-11 07:58 10624512 c:\windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
+ 2012-05-11 07:59 . 2012-05-11 07:59 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e2ca64137e0da231edc4d158b153e4b7\System.Windows.Forms.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\1cb5a7cbd9cdf50f1d48cee830331c9f\System.Web.ni.dll
+ 2012-05-11 08:13 . 2012-05-11 08:13 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f74b2d1b8cf279ff6bfe479f79e70fe9\System.ServiceModel.ni.dll
+ 2012-05-11 08:16 . 2012-05-11 08:16 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\00c4a761d0a5cafc00f34d763fe76ac4\System.Management.Automation.ni.dll
+ 2012-05-11 08:01 . 2012-05-11 08:01 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\78c747493d14dd3db5134d26e623851c\System.Design.ni.dll
+ 2012-05-11 08:23 . 2012-05-11 08:23 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\daaff9fe9c85fc171d426a3cb6766dbb\System.Data.Entity.ni.dll
+ 2012-05-11 08:00 . 2012-05-11 08:00 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9aa6320f06da2553fb04e78722c739c8\PresentationFramework.ni.dll
+ 2012-05-11 07:59 . 2012-05-11 07:59 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4dc6e89ac37368291890ba27c374208b\PresentationCore.ni.dll
+ 2012-05-11 07:58 . 2012-05-11 07:58 15570944 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
+ 2012-05-11 08:15 . 2012-05-11 08:15 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\d19a72cf466c23b193009386b25049ba\ehshell.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll
+ 2012-05-11 08:04 . 2012-05-11 08:04 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll
+ 2012-05-11 07:57 . 2012-05-11 07:57 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\649766df70bab5885c1b74a1491d60cb\System.Design.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07f019692c382d588d3c6cb2da2a9ec5\PresentationFramework.ni.dll
+ 2012-05-11 07:56 . 2012-05-11 07:56 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2d1fd350e9bc62ce659e5cbcfd555796\PresentationCore.ni.dll
+ 2012-05-11 07:54 . 2012-05-11 07:54 11492864 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2012-01-08 160328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-02 336384]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-01-03 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"GIDDesktop"="c:\program files (x86)\SFT\GuardedID\gidd.exe" [2011-07-05 395528]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-07-11 574008]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2012-01-26 75048]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-05-26 413696]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Constant Guard.lnk - c:\program files (x86)\Constant Guard Protection Suite\IDVault.exe [2012-3-30 5572168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/26 17:49;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-02-25 241648]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R3 AllShare;SAMSUNG AllShare Service;c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
R3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\DRIVERS\MarvinAVS64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 U6000ALL;HDTV110 TV Box(ALL);c:\windows\system32\DRIVERS\dmdcap.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120507.001\BHDrvx64.sys [2012-04-13 1160824]
S1 GIDv2;GIDv2; [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120510.001\IDSvia64.sys [2012-04-28 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502010.003\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-01-26 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-02 365568]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-06-17 616408]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-18 265544]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-07-11 26680]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168]
S2 IDVaultSvc;CGPS Service;c:\program files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-03-30 65608]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe [2011-04-17 130008]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-07 138360]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg]
2011-07-05 15:26 435976 ----a-w- c:\program files (x86)\SFT\GuardedID\GIDI.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-230497470-973949422-265497877-1001Core.job
- c:\users\Rick\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07 00:29]
.
2012-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-230497470-973949422-265497877-1001UA.job
- c:\users\Rick\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07 00:29]
.
2012-05-01 c:\windows\Tasks\HPCeeScheduleForRick.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-01-26 1128448]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Wow6432Node-HKLM-Run-ApnUpdater - c:\program files (x86)\Ask.com\Updater\Updater.exe
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\5.2.1.3\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\CA\PPRT\bin\ITMRTSVC.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\SFT\GuardedID\gidd.exe
.
**************************************************************************
.
Completion time: 2012-05-11 10:36:54 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-11 14:36
.
Pre-Run: 279,957,737,472 bytes free
Post-Run: 280,064,307,200 bytes free
.
- - End Of File - - E425B9718F7B22E16A513D697061BA09

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:07 AM

Posted 11 May 2012 - 03:10 PM

Ok now I would like you to give me a semi detailed overview of what problems we still have
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 rick_mcg

rick_mcg
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 11 May 2012 - 08:00 PM

To recap, the system hung while reading emails from Microsoft Outlook, I had to power off manually and tried the windows "repair" function that was offered figuring better safe than sorry (in hindsight I wished I hadn't). This process seemed to be hung up as well, but maybe I just needed to wait it out but I didn't ... powered off / on again, this time normally. When I got to the desktop I noticed my normal desktop background was replaced by the initail default theme which was the first indication something was wrong. In addition, I noticed

The "pinned" icons were missing from the taskbar as were the Start Menu items (note: the All Programs dropdown looks ok)

I can't unlock the taskbar

change the Start Menu customize options

I've found that when I start up some applications they've reverted back to their initial install settings (i.e. I've had to re-enter activation codes etc.)

When the Windows Live Photo Gallery screen saver starts up is issues a message regarding WLXPGSS.SCR not being in the ffdshow whitelist or blacklist with options to use or not use ffdshow

That's all I have noticed so far and I assume the registry got screwed up somewhere along the way and unless you noticed / cleaned up any malware then I also assume it was bacause the Windows repair function didn't complete successfully.

Thanks,
Rick

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:07 AM

Posted 11 May 2012 - 08:18 PM

well we can try few things that come to mind


1. I would ret system restore and see if that will fix anything

2.we can try redoing startup repair.

3. we can try and make a new profile and see if that has the same problem


try system restore first and lets see what we get


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 rick_mcg

rick_mcg
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 11 May 2012 - 08:55 PM

The only Restore point I show now is from 3 AM this morning and for what it's worth I originally tried restoring back to early April but it didn't fix the problem. Do you still want me to try it or skip to plan B?

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:07 AM

Posted 11 May 2012 - 09:02 PM

Greetings

well from 3am today is not going to help so lets try this


Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Startup Repair
[/list]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users