Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected


  • This topic is locked This topic is locked
18 replies to this topic

#1 CALVIN1693

CALVIN1693

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 08 May 2012 - 11:42 PM

My MSE is telling me I have the following Trojans:
Trojan:win64/Sirefef.Y
Trojan:win32/Sirefef.AB
Trojan:win64/Sirefef.U
Trojan:win64/Alureon.FP
Trojan:win64/Sirefef.P
Exploit:java/CVE-2012-0507.BA
Trojan:win64/Sirefef.J
and many more combinations of both of these. When I fix the issues and restart Windows will not start normally and it make me Do a System Restore. I have tried Malware Bytes and Microsoft Removal tools. I am at a loss and am really to the point of doing a system recovery back to factory settings which I really DO NOT WANT TO DO. Please Help!! Someone... I appreciate any help in advance.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by Owner at 23:50:34 on 2012-05-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.3526 [GMT -5:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\spoolsv.exe
C:\Users\Owner\Desktop\Windows-KB890830-x64-V4.7.exe
c:\258ef8db4f5cf88a30c8ea2c91e0\mrtstub.exe
C:\Windows\system32\MRT.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Games\World_of_Tanks\WOTLauncher.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mWinlogon: Userinit=userinit.exe
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
BHO: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No File
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Security Protection] C:\Users\Owner\AppData\Roaming\defender.exe
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Kujytuo] "C:\Users\Owner\AppData\Roaming\kujytuo.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{666A1E7D-8CEE-414C-B7D8-7AEB8E6D0D37} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO-X64: Conduit Engine - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No File
BHO-X64: Ad-Aware Security Toolbar - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-X64: Vuze Remote - No File
BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB-X64: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No File
TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\604ddafg.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=108988&babsrc=HP_ss&mntrId=147f53a10000000000002c27d71a9a9f
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=108988&babsrc=KW_ss&mntrId=147f53a10000000000002c27d71a9a9f&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll
FF - plugin: C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npicaN.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=108988
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 147f53a10000000000002c27d71a9a9f
FF - user.js: extensions.BabylonToolbar_i.hardId - 147f53a10000000000002c27d71a9a9f
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15461
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1713:16:29
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111014.001\BHDrvx64.sys [2011-10-14 1155704]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111021.030\IDSviA64.sys [2011-10-21 488568]
R1 SbFw;SbFw;C:\Windows\system32\drivers\SbFw.sys --> C:\Windows\system32\drivers\SbFw.sys [?]
R1 SbTis;SbTis;C:\Windows\system32\drivers\sbtis.sys --> C:\Windows\system32\drivers\sbtis.sys [?]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207010.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1207010.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-8-20 92216]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-8 654408]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccsvchst.exe [2012-4-3 130008]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-3-2 2348352]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-3-18 1119768]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-9 382272]
R3 danewFltr;NewDeathAdder Mouse;C:\Windows\system32\drivers\danew.sys --> C:\Windows\system32\drivers\danew.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\Windows\system32\DRIVERS\SBFWIM.sys --> C:\Windows\system32\DRIVERS\SBFWIM.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 VKbms;Razer Gaming Device;C:\Windows\system32\DRIVERS\VKbms.sys --> C:\Windows\system32\DRIVERS\VKbms.sys [?]
S1 azyskylf;azyskylf;\??\C:\Windows\system32\drivers\azyskylf.sys --> C:\Windows\system32\drivers\azyskylf.sys [?]
S1 fzbvknbv;fzbvknbv;\??\C:\Windows\system32\drivers\fzbvknbv.sys --> C:\Windows\system32\drivers\fzbvknbv.sys [?]
S1 gyyyzpdj;gyyyzpdj;\??\C:\Windows\system32\drivers\gyyyzpdj.sys --> C:\Windows\system32\drivers\gyyyzpdj.sys [?]
S1 rptwspuh;rptwspuh;\??\C:\Windows\system32\drivers\rptwspuh.sys --> C:\Windows\system32\drivers\rptwspuh.sys [?]
S1 xfwnpgcw;xfwnpgcw;\??\C:\Windows\system32\drivers\xfwnpgcw.sys --> C:\Windows\system32\drivers\xfwnpgcw.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-6 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-1 253088]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-6 136176]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;C:\Windows\system32\DRIVERS\sbfwim.sys --> C:\Windows\system32\DRIVERS\sbfwim.sys [?]
S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-05-09 04:21:35 50000 ----a-w- C:\Windows\System32\drivers\rptwspuh.sys
2012-05-09 04:21:27 50000 ----a-w- C:\Windows\System32\drivers\azyskylf.sys
2012-05-09 03:31:57 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2012-05-09 03:31:46 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-09 03:31:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-09 03:31:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-09 03:30:55 -------- d-----w- C:\258ef8db4f5cf88a30c8ea2c91e0
2012-05-09 03:25:57 50000 ----a-w- C:\Windows\System32\drivers\fzbvknbv.sys
2012-05-09 03:18:09 50000 ----a-w- C:\Windows\System32\drivers\xfwnpgcw.sys
2012-05-09 03:14:04 50000 ----a-w- C:\Windows\System32\drivers\gyyyzpdj.sys
2012-05-09 03:13:51 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D6382A4C-F49D-4E58-BEDA-A5568E88EDFB}\offreg.dll
2012-05-09 03:13:24 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CF00A89F-E5B4-4512-AC4E-E23909BF1BA9}\gapaengine.dll
2012-05-09 03:13:17 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D6382A4C-F49D-4E58-BEDA-A5568E88EDFB}\mpengine.dll
2012-05-09 02:27:15 -------- d-----w- C:\Users\Owner\AppData\Roaming\SpeedyPC Software
2012-05-09 02:27:15 -------- d-----w- C:\Users\Owner\AppData\Roaming\DriverCure
2012-05-09 02:27:04 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedyPC Software
2012-05-09 02:27:03 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-05-09 02:27:03 -------- d-----w- C:\Program Files (x86)\SpeedyPC Software
2012-05-08 23:32:14 -------- d-----w- C:\Users\Owner\AppData\Roaming\FixTDSS
2012-05-08 13:50:26 -------- d-----w- C:\Users\Owner\AppData\Local\NPE
2012-05-05 15:07:44 -------- d-----w- C:\Users\Owner\AppData\Roaming\Ad-Aware Antivirus
2012-05-05 00:10:21 -------- d-----w- C:\Users\Owner\AppData\Roaming\Tific
2012-05-05 00:10:19 -------- d-----w- C:\Users\Owner\AppData\Local\Symantec
2012-05-05 00:01:11 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-05-05 00:01:06 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-05-02 01:24:13 60504 ----a-w- C:\Windows\System32\drivers\sbhips.sys
2012-05-02 01:24:12 94296 ----a-w- C:\Windows\System32\drivers\sbtis.sys
2012-05-02 01:23:51 84568 ----a-w- C:\Windows\System32\drivers\SbFwIm.sys
2012-05-02 01:23:50 253528 ----a-w- C:\Windows\System32\drivers\SbFw.sys
2012-05-02 01:23:50 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
2012-05-02 01:23:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-05-02 01:23:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-02 01:23:17 -------- d-----w- C:\Users\Owner\AppData\Local\adawarebp
2012-05-02 01:23:16 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2012-05-01 19:44:21 0 --sha-w- C:\Windows\System32\dds_trash_log.cmd
2012-05-01 19:43:25 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-01 18:16:29 -------- d-----w- C:\Program Files (x86)\BabylonToolbar
2012-05-01 18:16:24 391520 ----a-w- C:\Users\Owner\AppData\Roaming\kujytuo.exe
2012-05-01 08:02:40 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-01 08:02:39 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-01 08:02:39 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 08:00:35 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-05-01 08:00:35 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-05-01 08:00:35 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-05-01 08:00:34 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-05-01 08:00:34 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-05-01 08:00:34 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-05-01 08:00:34 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-05-01 02:57:57 -------- d-----w- C:\ProgramData\Recovery
2012-04-30 23:12:18 -------- d-----we C:\Windows\system64
2012-04-13 13:50:40 -------- d-----w- C:\Program Files (x86)\Citrix
.
==================== Find3M ====================
.
2012-05-01 19:43:25 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-22 04:30:08 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-03-22 04:30:08 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-03-22 04:29:44 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-03-21 01:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-21 01:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-03-03 06:22:00 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-02-28 06:39:37 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 05:38:52 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 04:31:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 03:52:27 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-10 03:14:04 6074176 ----a-w- C:\Windows\System32\nvcpl.dll
2012-02-10 03:14:01 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-02-10 03:07:00 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-02-10 03:07:00 63296 ----a-w- C:\Windows\System32\nvshext.dll
2012-02-10 03:07:00 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2012-02-10 03:05:59 2497985 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-02-10 02:05:44 416064 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
============= FINISH: 23:51:40.64 ===============

Edited by CALVIN1693, 08 May 2012 - 11:53 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:55 AM

Posted 08 May 2012 - 11:59 PM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
Gringo[/b]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 CALVIN1693

CALVIN1693
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 11 May 2012 - 05:39 PM

Scan result of Farbar Recovery Scan Tool Version: 11-05-2012
Ran by SYSTEM at 11-05-2012 16:46:07
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [611896 2010-09-15] ()
HKLM\...\Run: [SBRegRebootCleaner] "C:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBRC.exe" [x]
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [102400 2010-05-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273544 2011-08-08] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-11-01] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-12-07] (Apple Inc.)
HKLM-x32\...\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [248832 2012-01-14] ()
HKU\Owner\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1242448 2011-08-05] (Valve Corporation)
HKU\Owner\...\Run: [Security Protection] C:\Users\Owner\AppData\Roaming\defender.exe [x]
HKU\Owner\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet [6276408 2011-08-21] (Yahoo! Inc.)
HKU\Owner\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17148552 2012-02-29] (Skype Technologies S.A.)
HKU\Owner\...\Run: [Kujytuo] "C:\Users\Owner\AppData\Roaming\kujytuo.exe" [391520 2012-02-17] ()
HKU\Owner\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\TEMP\...\Run: [iCall] C:\Program Files (x86)\iCall\iCall.exe [1587576 2008-12-18] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ATTENTION! ====> ZeroAccess

==================== Services (Whitelisted) ======

2 HPClientSvc; "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" [291896 2010-08-05] (Hewlett-Packard Company)
3 Macromedia Licensing Service; "C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe" [68096 2011-12-07] ()
2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation)
2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [2804568 2010-06-01] (Symantec Corporation)
2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService [1119768 2010-09-28] (PDF Complete Inc)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-03-02] ()
2 RoxioNow Service; C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [399344 2010-09-11] (Roxio)
2 LightScribeService; "c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" [x]
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]

========================== Drivers (Whitelisted) =============

3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [221184 2010-05-11] (Advanced Micro Devices, Inc.)
0 amd_sata; C:\Windows\System32\Drivers\amd_sata.sys [75904 2010-08-13] (Advanced Micro Devices)
0 amd_xata; C:\Windows\System32\Drivers\amd_xata.sys [38016 2010-08-13] (Advanced Micro Devices)
1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111014.001\BHDrvx64.sys [1155704 2011-10-14] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [481912 2011-08-23] (Symantec Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111021.030\IDSvia64.sys [488568 2011-08-22] (Symantec Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111021.034\ENG64.SYS [117880 2011-08-23] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111021.034\EX64.SYS [2048632 2011-08-23] (Symantec Corporation)
1 SbFw; C:\Windows\System32\Drivers\SbFw.sys [253528 2011-04-05] (Sunbelt Software, Inc.)
3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
3 sbhips; C:\Windows\System32\Drivers\sbhips.sys [60504 2011-04-05] (Sunbelt Software, Inc.)
1 SbTis; C:\Windows\System32\Drivers\SbTis.sys [94296 2011-04-05] (Sunbelt Software, Inc.)
3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207010.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
1 SRTSPX; C:\Windows\System32\drivers\NISx64\1207010.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
0 SymDS; C:\Windows\System32\drivers\NISx64\1207010.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\NISx64\1207010.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-06-12] (Symantec Corporation)
1 SymIRON; C:\Windows\System32\drivers\NISx64\1207010.003\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
3 VKbms; C:\Windows\System32\Drivers\VKbms.sys [13312 2010-09-30] (Windows ® Win 7 DDK provider)
1 xwvskpdi; C:\Windows\System32\Drivers\xwvskpdi.sys [50000 2012-05-11] (Microsoft Corporation)
1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]

========================== NetSvcs (Whitelisted) ===========
NETSVC: authsyssvc

============ One Month Created Files and Folders ==============

2012-05-11 16:46 - 2012-05-11 16:46 - 0000000 ____D C:\FRST
2012-05-11 05:39 - 2012-05-11 05:39 - 0174283 ____A C:\Users\Owner\Desktop\San Antonio Ford1.pdf
2012-05-11 00:31 - 2012-05-11 00:31 - 0050000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\xwvskpdi.sys
2012-05-10 22:03 - 2012-03-30 22:05 - 5559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-10 22:03 - 2012-03-30 20:39 - 3968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-10 22:03 - 2012-03-30 20:39 - 3913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-10 22:03 - 2012-03-30 19:10 - 3146240 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-10 22:03 - 2012-03-16 23:58 - 0075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-05-10 22:03 - 2012-03-02 22:35 - 1544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-05-10 22:03 - 2012-03-02 21:31 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-05-10 22:00 - 2012-03-30 03:35 - 1918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-05-08 20:52 - 2012-05-08 20:52 - 0035404 ____A C:\Users\Owner\Desktop\DDS.txt
2012-05-08 20:52 - 2012-05-08 20:52 - 0016839 ____A C:\Users\Owner\Desktop\Attach.txt
2012-05-08 20:50 - 2012-05-08 20:50 - 0607260 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr
2012-05-08 20:49 - 2012-05-08 20:49 - 0000472 ____A C:\Users\Owner\Desktop\defogger_disable.log
2012-05-08 20:49 - 2012-05-08 20:49 - 0000000 ____A C:\Users\Owner\defogger_reenable
2012-05-08 19:31 - 2012-05-10 23:47 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-08 19:31 - 2012-05-08 19:31 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Malwarebytes
2012-05-08 19:31 - 2012-05-08 19:31 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-05-08 19:31 - 2012-05-08 19:31 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\Users\Owner\AppData\Roaming\SpeedyPC Software
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\Users\Owner\AppData\Roaming\DriverCure
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\Users\All Users\SpeedyPC Software
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\ProgramData\SpeedyPC Software
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\Program Files (x86)\SpeedyPC Software
2012-05-08 15:33 - 2012-05-08 15:33 - 0001180 ____A C:\Users\Owner\AppData\Roaming\SMRResults250.dat
2012-05-08 15:32 - 2012-05-08 15:32 - 0000000 ____D C:\Users\Owner\AppData\Roaming\FixTDSS
2012-05-08 05:50 - 2012-05-08 15:26 - 0000000 ____D C:\Users\Owner\AppData\Local\NPE
2012-05-08 05:48 - 2012-05-08 05:48 - 0002030 ____A C:\Users\Owner\Desktop\remove.txt
2012-05-06 00:19 - 2012-05-06 00:19 - 229536080 ____A C:\Users\Owner\Downloads\Video_13.wmv
2012-05-05 10:12 - 2012-05-05 10:12 - 0001945 ____A C:\Windows\epplauncher.mif
2012-05-05 09:17 - 2012-05-10 22:04 - 0000122 ____A C:\Users\Owner\AppData\Roaming\Offre.ini
2012-05-05 07:07 - 2012-05-05 09:18 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Ad-Aware Antivirus
2012-05-05 07:07 - 2012-05-05 07:07 - 0000000 ____D C:\Users\All Users\Lavasoft
2012-05-05 07:07 - 2012-05-05 07:07 - 0000000 ____D C:\ProgramData\Lavasoft
2012-05-04 16:10 - 2012-05-04 16:10 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Tific
2012-05-04 16:10 - 2012-05-04 16:10 - 0000000 ____D C:\Users\Owner\AppData\Local\Symantec
2012-05-04 16:01 - 2012-05-05 10:11 - 0000000 ____D C:\Program Files\Microsoft Security Client
2012-05-04 16:01 - 2012-05-05 10:11 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-05-01 17:36 - 2012-05-05 07:06 - 0000944 ____A C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2012-05-01 17:36 - 2012-05-01 17:36 - 0000104 ____A C:\Windows\System32\SBRC.dat
2012-05-01 17:24 - 2011-04-05 14:35 - 0094296 ____A (Sunbelt Software, Inc.) C:\Windows\System32\Drivers\sbtis.sys
2012-05-01 17:24 - 2011-04-05 14:35 - 0060504 ____A (Sunbelt Software, Inc.) C:\Windows\System32\Drivers\sbhips.sys
2012-05-01 17:23 - 2012-05-10 23:47 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-05-01 17:23 - 2012-05-10 23:47 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2012-05-01 17:23 - 2012-05-05 09:18 - 0000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2012-05-01 17:23 - 2012-05-01 17:24 - 0000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-01 17:23 - 2012-05-01 17:23 - 0001260 ____A C:\Users\Owner\Desktop\Spybot - Search & Destroy.lnk
2012-05-01 17:23 - 2012-05-01 17:23 - 0000000 ____D C:\Users\Owner\AppData\Local\adawarebp
2012-05-01 17:23 - 2012-05-01 17:23 - 0000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2012-05-01 17:23 - 2011-04-05 14:35 - 0253528 ____A (Sunbelt Software, Inc.) C:\Windows\System32\Drivers\SbFw.sys
2012-05-01 17:23 - 2011-02-08 06:14 - 0084568 ____A (Sunbelt Software, Inc.) C:\Windows\System32\Drivers\SbFwIm.sys
2012-05-01 11:44 - 2012-05-10 21:56 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-05-01 11:43 - 2012-05-11 12:43 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-05-01 11:43 - 2012-05-01 11:43 - 0418464 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-05-01 11:43 - 2012-05-01 11:43 - 0000000 ____D C:\Windows\System32\Macromed
2012-05-01 10:17 - 2012-05-01 10:17 - 0557056 ____A C:\Users\Owner\Desktop\SetupWebV2.msi
2012-05-01 10:16 - 2012-05-10 23:47 - 0000000 ____D C:\Program Files (x86)\BabylonToolbar
2012-05-01 10:16 - 2012-05-01 10:16 - 0000237 ____A C:\user.js
2012-05-01 10:16 - 2012-02-17 05:01 - 0391520 ____A C:\Users\Owner\AppData\Roaming\kujytuo.exe
2012-05-01 09:44 - 2012-05-04 00:30 - 0009006 ____A C:\Users\Owner\AppData\Roaming\data.dat
2012-05-01 00:00 - 2012-02-29 22:46 - 0023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-05-01 00:00 - 2012-02-29 22:38 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-05-01 00:00 - 2012-02-29 22:33 - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-05-01 00:00 - 2012-02-29 22:28 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-05-01 00:00 - 2012-02-29 21:37 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-05-01 00:00 - 2012-02-29 21:33 - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-05-01 00:00 - 2012-02-29 21:29 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-04-30 18:57 - 2012-05-11 00:54 - 0000000 ____D C:\Users\All Users\Recovery
2012-04-30 18:57 - 2012-05-11 00:54 - 0000000 ____D C:\ProgramData\Recovery
2012-04-30 17:28 - 2012-05-11 13:38 - 0214478 ____A C:\Windows\ntbtlog.txt
2012-04-30 16:17 - 2012-02-27 22:39 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-04-30 16:17 - 2012-02-27 22:39 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-04-30 16:17 - 2012-02-27 22:39 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-04-30 16:17 - 2012-02-27 22:36 - 9020928 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-04-30 16:17 - 2012-02-27 22:36 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-04-30 16:17 - 2012-02-27 22:36 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-04-30 16:17 - 2012-02-27 22:35 - 2453504 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-04-30 16:17 - 2012-02-27 22:35 - 12264448 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-04-30 16:17 - 2012-02-27 22:35 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-04-30 16:17 - 2012-02-27 22:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-04-30 16:17 - 2012-02-27 21:38 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-04-30 16:17 - 2012-02-27 21:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-04-30 16:17 - 2012-02-27 21:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-04-30 16:17 - 2012-02-27 21:35 - 5998080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-04-30 16:17 - 2012-02-27 21:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-04-30 16:17 - 2012-02-27 21:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-04-30 16:17 - 2012-02-27 21:34 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-04-30 16:17 - 2012-02-27 21:34 - 10992640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-04-30 16:17 - 2012-02-27 21:34 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-04-30 16:17 - 2012-02-27 21:34 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-04-30 16:17 - 2012-02-27 20:31 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-04-30 16:17 - 2012-02-27 19:52 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-04-30 15:39 - 2012-04-30 15:34 - 0118668 ____A C:\Users\TEMP\Documents\dodge1.jpg
2012-04-30 15:39 - 2012-04-30 15:32 - 0113243 ____A C:\Users\TEMP\Documents\chrysler2.jpg
2012-04-30 15:39 - 2012-04-30 15:30 - 0116453 ____A C:\Users\TEMP\Documents\chryslerlogo.jpg
2012-04-30 15:37 - 2012-04-30 15:34 - 0118668 ____A C:\Users\TEMP\Desktop\dodge1.jpg
2012-04-30 15:37 - 2012-04-30 15:32 - 0113243 ____A C:\Users\TEMP\Desktop\chrysler2.jpg
2012-04-30 15:37 - 2012-04-30 15:30 - 0116453 ____A C:\Users\TEMP\Desktop\chryslerlogo.jpg
2012-04-30 15:24 - 2012-04-30 15:24 - 1112556 ____A C:\Users\Owner\55252274_201203_345208.zip
2012-04-30 15:23 - 2012-04-30 19:02 - 0000000 ____D C:\Users\TEMP\AppData\Local\WinZip
2012-04-30 15:18 - 2012-04-30 15:14 - 1112556 ____A C:\Users\Owner\Desktop\55252274_201203_345208.zip
2012-04-30 15:12 - 2012-04-30 15:12 - 0000000 ____D C:\Windows\system64
2012-04-21 22:17 - 2012-04-21 22:17 - 0000000 ____D C:\Users\TEMP\AppData\Local\icall
2012-04-21 22:15 - 2012-04-30 19:02 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Skype
2012-04-19 09:36 - 2012-04-30 15:53 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\SoftGrid Client
2012-04-19 09:36 - 2012-04-19 09:36 - 0000000 ____D C:\Users\TEMP\AppData\Local\SoftGrid Client
2012-04-15 18:28 - 2012-04-15 18:28 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Hewlett-Packard
2012-04-15 17:57 - 2012-04-29 17:58 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\HP Support Assistant
2012-04-15 17:56 - 2012-04-29 17:58 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\HpUpdate
2012-04-15 17:56 - 2012-04-15 17:56 - 0000000 ____D C:\Users\TEMP\AppData\Local\Hewlett-Packard
2012-04-14 20:59 - 2012-04-23 21:12 - 0000000 ____D C:\Users\TEMP\AppData\Local\CrashDumps
2012-04-14 12:36 - 2012-04-14 12:36 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Mozilla
2012-04-14 12:36 - 2012-04-14 12:36 - 0000000 ____D C:\Users\TEMP\AppData\Local\Mozilla
2012-04-13 20:56 - 2012-04-30 19:02 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Mumble
2012-04-13 20:56 - 2012-04-13 20:56 - 0002377 ____A C:\Users\TEMP\Documents\MumbleAutomaticCertificateBackup.p12
2012-04-13 16:01 - 2012-04-13 16:01 - 0000000 ____D C:\Users\TEMP\AppData\Local\Adobe
2012-04-13 05:51 - 2012-04-30 19:02 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\ICAClient
2012-04-13 05:50 - 2012-04-13 05:50 - 0000000 ____D C:\Program Files (x86)\Citrix
2012-04-12 12:37 - 2012-04-12 12:37 - 0000000 ____D C:\Users\TEMP\AppData\Local\Apple
2012-04-11 06:27 - 2012-04-13 16:01 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2012-04-11 06:27 - 2012-04-13 15:52 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Google
2012-04-11 06:27 - 2012-04-11 06:31 - 0000000 ____D C:\Users\TEMP\AppData\Local\Google
2012-04-11 06:24 - 2012-04-30 19:02 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\PictureMover
2012-04-11 06:24 - 2012-04-30 15:34 - 0000000 ____D C:\Users\TEMP\Documents\Snagit
2012-04-11 06:24 - 2012-04-11 06:26 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\wargaming.net
2012-04-11 06:24 - 2012-04-11 06:24 - 0068784 ____A C:\Users\TEMP\AppData\Local\GDIPFONTCACHEV1.DAT
2012-04-11 06:24 - 2012-04-11 06:24 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\ATI
2012-04-11 06:24 - 2012-04-11 06:24 - 0000000 ____D C:\Users\TEMP\AppData\Local\ATI
2012-04-11 06:23 - 2012-05-10 23:44 - 0000000 ____D C:\Users\TEMP\AppData\LocalLow
2012-04-11 06:23 - 2012-04-30 19:03 - 0000000 ____D C:\Users\TEMP\AppData\Local\HuluDesktop
2012-04-11 06:23 - 2012-04-22 09:29 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Real
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Templates
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Start Menu
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\PrintHood
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\NetHood
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\My Documents
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Documents\My Videos
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Documents\My Pictures
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Documents\My Music
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\AppData\Local\Temporary Internet Files
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\AppData\Local\History
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Apple Computer
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Local\TechSmith
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Local\PDFC
2012-04-11 06:23 - 2011-03-18 10:17 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2012-04-11 06:23 - 2009-07-13 23:44 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Media Center Programs

============ 3 Months Modified Files and Folders =============

2012-05-11 16:46 - 2012-05-11 16:46 - 0000000 ____D C:\FRST
2012-05-11 13:41 - 2011-03-18 09:50 - 1124483 ____A C:\Windows\WindowsUpdate.log
2012-05-11 13:40 - 2009-07-13 21:13 - 0730566 ____A C:\Windows\System32\PerfStringBackup.INI
2012-05-11 13:38 - 2012-04-30 17:28 - 0214478 ____A C:\Windows\ntbtlog.txt
2012-05-11 13:14 - 2011-07-06 07:03 - 0000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-05-11 12:43 - 2012-05-01 11:43 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-05-11 05:39 - 2012-05-11 05:39 - 0174283 ____A C:\Users\Owner\Desktop\San Antonio Ford1.pdf
2012-05-11 05:39 - 2011-06-11 04:17 - 0000000 ___HD C:\Users\Owner\AppData\Local\PDFC
2012-05-11 05:35 - 2011-07-06 07:03 - 0000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-05-11 05:35 - 2011-06-12 12:22 - 0000000 ____D C:\Program Files (x86)\Steam
2012-05-11 00:54 - 2012-04-30 18:57 - 0000000 ____D C:\Users\All Users\Recovery
2012-05-11 00:54 - 2012-04-30 18:57 - 0000000 ____D C:\ProgramData\Recovery
2012-05-11 00:38 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-05-11 00:38 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-05-11 00:31 - 2012-05-11 00:31 - 0050000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\xwvskpdi.sys
2012-05-11 00:30 - 2011-06-11 16:10 - 0000000 ____D C:\Users\All Users\NVIDIA
2012-05-11 00:30 - 2011-06-11 16:10 - 0000000 ____D C:\ProgramData\NVIDIA
2012-05-11 00:30 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-05-11 00:30 - 2009-07-13 20:51 - 0040861 ____A C:\Windows\setupact.log
2012-05-11 00:30 - 2009-07-13 20:45 - 0303856 ____A C:\Windows\System32\FNTCACHE.DAT
2012-05-11 00:29 - 2011-03-18 11:50 - 536305664 __ASH C:\hiberfil.sys
2012-05-11 00:29 - 2011-03-18 10:18 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-11 00:11 - 2011-08-12 06:10 - 57848688 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-05-11 00:06 - 2011-11-20 19:49 - 0000332 ____A C:\Windows\Tasks\HPCeeScheduleForOwner.job
2012-05-11 00:05 - 2009-07-13 21:08 - 0015888 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-05-11 00:00 - 2009-07-13 23:45 - 0000000 ____D C:\Program Files\Windows Journal
2012-05-10 23:47 - 2012-05-08 19:31 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-10 23:47 - 2012-05-01 17:23 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-05-10 23:47 - 2012-05-01 17:23 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2012-05-10 23:47 - 2012-05-01 10:16 - 0000000 ____D C:\Program Files (x86)\BabylonToolbar
2012-05-10 23:47 - 2012-03-12 16:19 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Razer
2012-05-10 23:47 - 2011-11-28 23:18 - 0000000 ____D C:\Users\All Users\Yahoo! Companion
2012-05-10 23:47 - 2011-11-28 23:18 - 0000000 ____D C:\ProgramData\Yahoo! Companion
2012-05-10 23:47 - 2011-07-01 14:13 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Azureus
2012-05-10 23:47 - 2011-06-11 04:15 - 0000000 ____D C:\Users\Owner\AppData\Local\Hewlett-Packard
2012-05-10 23:47 - 2011-03-18 10:22 - 0000000 ____D C:\Users\All Users\Norton
2012-05-10 23:47 - 2011-03-18 10:22 - 0000000 ____D C:\ProgramData\Norton
2012-05-10 23:47 - 2011-03-18 10:10 - 0000000 ____D C:\Users\All Users\RoxioNow
2012-05-10 23:47 - 2011-03-18 10:10 - 0000000 ____D C:\ProgramData\RoxioNow
2012-05-10 23:47 - 2009-07-13 23:45 - 0000000 ____D C:\Windows\ShellNew
2012-05-10 23:47 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2012-05-10 23:47 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2012-05-10 23:46 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-05-10 23:44 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\LocalLow
2012-05-10 23:44 - 2012-03-22 07:40 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2012-05-10 23:44 - 2011-11-28 23:18 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Yahoo!
2012-05-10 23:43 - 2011-08-08 13:24 - 0000000 ____D C:\Users\All Users\Real
2012-05-10 23:43 - 2011-08-08 13:24 - 0000000 ____D C:\ProgramData\Real
2012-05-10 22:56 - 2011-03-18 10:10 - 0000000 ____D C:\Users\All Users\PDFC
2012-05-10 22:56 - 2011-03-18 10:10 - 0000000 ____D C:\ProgramData\PDFC
2012-05-10 22:07 - 2011-06-12 22:43 - 0000052 ____A C:\Windows\SysWOW64\DOErrors.log
2012-05-10 22:07 - 2011-06-12 22:42 - 0000000 ___HD C:\Users\Owner\AppData\Roaming\HP Support Assistant
2012-05-10 22:07 - 2011-06-12 12:22 - 0000000 ___HD C:\Users\Owner\AppData\Roaming\HpUpdate
2012-05-10 22:04 - 2012-05-05 09:17 - 0000122 ____A C:\Users\Owner\AppData\Roaming\Offre.ini
2012-05-10 22:03 - 2011-06-11 04:14 - 0000000 ____D C:\users\Owner
2012-05-10 21:59 - 2012-03-02 15:02 - 0000000 ____D C:\users\UpdatusUser
2012-05-10 21:56 - 2012-05-01 11:44 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-05-10 21:55 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-05-08 20:52 - 2012-05-08 20:52 - 0035404 ____A C:\Users\Owner\Desktop\DDS.txt
2012-05-08 20:52 - 2012-05-08 20:52 - 0016839 ____A C:\Users\Owner\Desktop\Attach.txt
2012-05-08 20:50 - 2012-05-08 20:50 - 0607260 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr
2012-05-08 20:49 - 2012-05-08 20:49 - 0000472 ____A C:\Users\Owner\Desktop\defogger_disable.log
2012-05-08 20:49 - 2012-05-08 20:49 - 0000000 ____A C:\Users\Owner\defogger_reenable
2012-05-08 19:31 - 2012-05-08 19:31 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Malwarebytes
2012-05-08 19:31 - 2012-05-08 19:31 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-05-08 19:31 - 2012-05-08 19:31 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\Users\Owner\AppData\Roaming\SpeedyPC Software
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\Users\Owner\AppData\Roaming\DriverCure
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\Users\All Users\SpeedyPC Software
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\ProgramData\SpeedyPC Software
2012-05-08 18:27 - 2012-05-08 18:27 - 0000000 ____D C:\Program Files (x86)\SpeedyPC Software
2012-05-08 15:33 - 2012-05-08 15:33 - 0001180 ____A C:\Users\Owner\AppData\Roaming\SMRResults250.dat
2012-05-08 15:32 - 2012-05-08 15:32 - 0000000 ____D C:\Users\Owner\AppData\Roaming\FixTDSS
2012-05-08 15:26 - 2012-05-08 05:50 - 0000000 ____D C:\Users\Owner\AppData\Local\NPE
2012-05-08 05:48 - 2012-05-08 05:48 - 0002030 ____A C:\Users\Owner\Desktop\remove.txt
2012-05-07 22:05 - 2011-07-01 14:14 - 0000000 ___HD C:\Users\Owner\Documents\Vuze Downloads
2012-05-06 00:19 - 2012-05-06 00:19 - 229536080 ____A C:\Users\Owner\Downloads\Video_13.wmv
2012-05-05 19:49 - 2011-06-11 15:59 - 0000000 ___HD C:\Users\Owner\AppData\Local\CrashDumps
2012-05-05 10:12 - 2012-05-05 10:12 - 0001945 ____A C:\Windows\epplauncher.mif
2012-05-05 10:12 - 2011-07-06 12:37 - 0743932 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-05-05 10:11 - 2012-05-04 16:01 - 0000000 ____D C:\Program Files\Microsoft Security Client
2012-05-05 10:11 - 2012-05-04 16:01 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-05-05 10:03 - 2012-03-21 07:01 - 0000000 ____D C:\Program Files (x86)\7-Zip
2012-05-05 10:03 - 2011-07-01 14:13 - 0000000 ____D C:\Users\Owner\AppData\Local\WinZip
2012-05-05 10:03 - 2011-07-01 14:13 - 0000000 ____D C:\Program Files (x86)\WinZip
2012-05-05 10:03 - 2011-03-18 10:18 - 0000000 ____D C:\Program Files (x86)\Kobo
2012-05-05 09:19 - 2011-10-04 21:51 - 0000000 ____D C:\Program Files (x86)\iCall
2012-05-05 09:19 - 2011-06-11 04:14 - 0000000 ____D C:\Users\Owner\AppData\LocalLow
2012-05-05 09:18 - 2012-05-05 07:07 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Ad-Aware Antivirus
2012-05-05 09:18 - 2012-05-01 17:23 - 0000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2012-05-05 07:07 - 2012-05-05 07:07 - 0000000 ____D C:\Users\All Users\Lavasoft
2012-05-05 07:07 - 2012-05-05 07:07 - 0000000 ____D C:\ProgramData\Lavasoft
2012-05-05 07:06 - 2012-05-01 17:36 - 0000944 ____A C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2012-05-04 16:10 - 2012-05-04 16:10 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Tific
2012-05-04 16:10 - 2012-05-04 16:10 - 0000000 ____D C:\Users\Owner\AppData\Local\Symantec
2012-05-04 16:06 - 2011-07-01 14:13 - 0000000 ____D C:\Users\All Users\WinZip
2012-05-04 16:06 - 2011-07-01 14:13 - 0000000 ____D C:\ProgramData\WinZip
2012-05-04 00:30 - 2012-05-01 09:44 - 0009006 ____A C:\Users\Owner\AppData\Roaming\data.dat
2012-05-01 21:01 - 2012-03-19 11:46 - 0000000 ____D C:\Users\Owner\AppData\Roaming\E-centives
2012-05-01 17:36 - 2012-05-01 17:36 - 0000104 ____A C:\Windows\System32\SBRC.dat
2012-05-01 17:24 - 2012-05-01 17:23 - 0000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-01 17:23 - 2012-05-01 17:23 - 0001260 ____A C:\Users\Owner\Desktop\Spybot - Search & Destroy.lnk
2012-05-01 17:23 - 2012-05-01 17:23 - 0000000 ____D C:\Users\Owner\AppData\Local\adawarebp
2012-05-01 17:23 - 2012-05-01 17:23 - 0000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2012-05-01 11:43 - 2012-05-01 11:43 - 0418464 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-05-01 11:43 - 2012-05-01 11:43 - 0000000 ____D C:\Windows\System32\Macromed
2012-05-01 11:43 - 2011-06-17 11:37 - 0070304 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-05-01 11:43 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\Downloaded Program Files
2012-05-01 10:17 - 2012-05-01 10:17 - 0557056 ____A C:\Users\Owner\Desktop\SetupWebV2.msi
2012-05-01 10:16 - 2012-05-01 10:16 - 0000237 ____A C:\user.js
2012-05-01 10:16 - 2011-11-06 09:28 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-04-30 21:09 - 2011-07-15 00:21 - 0000342 ____A C:\Windows\Tasks\HPCeeScheduleForOWNER-HP$.job
2012-04-30 19:03 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Local\HuluDesktop
2012-04-30 19:03 - 2011-03-18 09:49 - 0000000 ____D C:\Windows\SysWOW64\Macromed
2012-04-30 19:03 - 2009-07-13 23:44 - 0000000 ___RD C:\Users\Public\Recorded TV
2012-04-30 19:02 - 2012-04-30 15:23 - 0000000 ____D C:\Users\TEMP\AppData\Local\WinZip
2012-04-30 19:02 - 2012-04-21 22:15 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Skype
2012-04-30 19:02 - 2012-04-13 20:56 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Mumble
2012-04-30 19:02 - 2012-04-13 05:51 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\ICAClient
2012-04-30 19:02 - 2012-04-11 06:24 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\PictureMover
2012-04-30 19:01 - 2011-07-06 12:38 - 0000000 ____D C:\Users\Owner\AppData\Roaming\SoftGrid Client
2012-04-30 17:28 - 2011-03-18 11:50 - 0042574 ____A C:\Windows\PFRO.log
2012-04-30 16:10 - 2011-06-14 00:25 - 0002482 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk
2012-04-30 16:10 - 2011-03-18 10:22 - 0000000 ____D C:\Windows\System32\Drivers\NISx64
2012-04-30 15:53 - 2012-04-19 09:36 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\SoftGrid Client
2012-04-30 15:34 - 2012-04-30 15:39 - 0118668 ____A C:\Users\TEMP\Documents\dodge1.jpg
2012-04-30 15:34 - 2012-04-30 15:37 - 0118668 ____A C:\Users\TEMP\Desktop\dodge1.jpg
2012-04-30 15:34 - 2012-04-11 06:24 - 0000000 ____D C:\Users\TEMP\Documents\Snagit
2012-04-30 15:32 - 2012-04-30 15:39 - 0113243 ____A C:\Users\TEMP\Documents\chrysler2.jpg
2012-04-30 15:32 - 2012-04-30 15:37 - 0113243 ____A C:\Users\TEMP\Desktop\chrysler2.jpg
2012-04-30 15:30 - 2012-04-30 15:39 - 0116453 ____A C:\Users\TEMP\Documents\chryslerlogo.jpg
2012-04-30 15:30 - 2012-04-30 15:37 - 0116453 ____A C:\Users\TEMP\Desktop\chryslerlogo.jpg
2012-04-30 15:24 - 2012-04-30 15:24 - 1112556 ____A C:\Users\Owner\55252274_201203_345208.zip
2012-04-30 15:14 - 2012-04-30 15:18 - 1112556 ____A C:\Users\Owner\Desktop\55252274_201203_345208.zip
2012-04-30 15:12 - 2012-04-30 15:12 - 0000000 ____D C:\Windows\system64
2012-04-29 17:58 - 2012-04-15 17:57 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\HP Support Assistant
2012-04-29 17:58 - 2012-04-15 17:56 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\HpUpdate
2012-04-23 21:12 - 2012-04-14 20:59 - 0000000 ____D C:\Users\TEMP\AppData\Local\CrashDumps
2012-04-22 09:29 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Real
2012-04-21 22:17 - 2012-04-21 22:17 - 0000000 ____D C:\Users\TEMP\AppData\Local\icall
2012-04-19 09:36 - 2012-04-19 09:36 - 0000000 ____D C:\Users\TEMP\AppData\Local\SoftGrid Client
2012-04-15 18:28 - 2012-04-15 18:28 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Hewlett-Packard
2012-04-15 17:56 - 2012-04-15 17:56 - 0000000 ____D C:\Users\TEMP\AppData\Local\Hewlett-Packard
2012-04-14 12:36 - 2012-04-14 12:36 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Mozilla
2012-04-14 12:36 - 2012-04-14 12:36 - 0000000 ____D C:\Users\TEMP\AppData\Local\Mozilla
2012-04-13 20:56 - 2012-04-13 20:56 - 0002377 ____A C:\Users\TEMP\Documents\MumbleAutomaticCertificateBackup.p12
2012-04-13 16:01 - 2012-04-13 16:01 - 0000000 ____D C:\Users\TEMP\AppData\Local\Adobe
2012-04-13 16:01 - 2012-04-11 06:27 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2012-04-13 15:52 - 2012-04-11 06:27 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Google
2012-04-13 05:50 - 2012-04-13 05:50 - 0000000 ____D C:\Program Files (x86)\Citrix
2012-04-12 12:37 - 2012-04-12 12:37 - 0000000 ____D C:\Users\TEMP\AppData\Local\Apple
2012-04-11 06:31 - 2012-04-11 06:27 - 0000000 ____D C:\Users\TEMP\AppData\Local\Google
2012-04-11 06:26 - 2012-04-11 06:24 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\wargaming.net
2012-04-11 06:24 - 2012-04-11 06:24 - 0068784 ____A C:\Users\TEMP\AppData\Local\GDIPFONTCACHEV1.DAT
2012-04-11 06:24 - 2012-04-11 06:24 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\ATI
2012-04-11 06:24 - 2012-04-11 06:24 - 0000000 ____D C:\Users\TEMP\AppData\Local\ATI
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Templates
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Start Menu
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\PrintHood
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\NetHood
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\My Documents
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Documents\My Videos
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Documents\My Pictures
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\Documents\My Music
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\AppData\Local\Temporary Internet Files
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 __SHD C:\Users\TEMP\AppData\Local\History
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Apple Computer
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Local\TechSmith
2012-04-11 06:23 - 2012-04-11 06:23 - 0000000 ____D C:\Users\TEMP\AppData\Local\PDFC
2012-04-10 18:48 - 2012-01-02 14:17 - 0000000 ____D C:\Users\Owner\AppData\Roaming\Mumble
2012-04-02 05:02 - 2011-07-13 05:32 - 0000000 ___HD C:\Users\Owner\Tracing
2012-03-31 18:28 - 2012-03-24 17:03 - 0000000 ____D C:\Windows\Minidump
2012-03-31 18:28 - 2011-03-18 11:50 - 0346315 ____N C:\Windows\Minidump\033112-51667-01.dmp
2012-03-30 22:05 - 2012-05-10 22:03 - 5559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-30 20:39 - 2012-05-10 22:03 - 3968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-03-30 20:39 - 2012-05-10 22:03 - 3913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-03-30 19:10 - 2012-05-10 22:03 - 3146240 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-30 03:35 - 2012-05-10 22:00 - 1918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-25 17:57 - 2011-09-21 15:29 - 0000000 ____D C:\Users\Owner\Desktop\atc stuff
2012-03-24 17:03 - 2011-03-18 11:50 - 0345227 ____N C:\Windows\Minidump\032412-55551-01.dmp
2012-03-22 07:40 - 2012-03-22 07:40 - 0002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-03-22 07:40 - 2012-03-22 07:40 - 0000000 ___RD C:\Program Files (x86)\Skype
2012-03-22 07:40 - 2012-03-22 07:40 - 0000000 ____D C:\Users\All Users\Skype
2012-03-22 07:40 - 2012-03-22 07:40 - 0000000 ____D C:\ProgramData\Skype
2012-03-21 20:30 - 2011-10-30 16:20 - 0282864 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2012-03-21 20:30 - 2011-10-30 14:12 - 0282864 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-03-21 20:29 - 2011-10-30 14:12 - 0280904 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-03-20 20:45 - 2011-10-30 16:19 - 0000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2012-03-20 17:44 - 2012-03-20 17:44 - 0203888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-03-20 17:44 - 2012-03-20 17:44 - 0098688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
2012-03-19 11:42 - 2012-03-19 11:36 - 0000000 ____D C:\Users\Owner\AppData\Roaming\FileZilla
2012-03-19 11:37 - 2012-03-19 11:36 - 0000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2012-03-19 11:36 - 2012-03-19 11:36 - 4518720 ____A (FileZilla Project) C:\Users\Owner\Downloads\FileZilla_3.5.3_win32-setup.exe
2012-03-16 23:58 - 2012-05-10 22:03 - 0075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-03-12 21:22 - 2011-10-30 12:50 - 0000000 ____D C:\Program Files (x86)\Origin
2012-03-12 16:16 - 2012-03-12 16:15 - 0014362 ____A C:\Windows\DPINST.LOG
2012-03-12 16:15 - 2012-03-12 16:15 - 0000000 ____D C:\Users\Owner\AppData\Roaming\InstallShield
2012-03-12 16:15 - 2012-03-12 16:15 - 0000000 ____D C:\Program Files (x86)\Razer
2012-03-12 16:15 - 2011-03-18 09:50 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-03-07 18:08 - 2012-03-07 18:08 - 0036740 ____A C:\Users\Owner\Desktop\Customers.xlsx
2012-03-07 18:02 - 2012-03-07 18:01 - 0081623 ____N C:\Users\Owner\Desktop\3-7-2012 8-01-56 PM.pdf
2012-03-04 19:46 - 2012-03-02 23:06 - 0000000 ____D C:\Users\Owner\AppData\Local\ESN Sonar
2012-03-03 23:00 - 2011-07-25 12:57 - 0000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics
2012-03-02 22:35 - 2012-05-10 22:03 - 1544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-03-02 22:22 - 2011-10-30 14:12 - 0076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-03-02 22:07 - 2012-03-02 21:56 - 0000000 ____D C:\Users\All Users\EA Logs
2012-03-02 22:07 - 2012-03-02 21:56 - 0000000 ____D C:\ProgramData\EA Logs
2012-03-02 21:31 - 2012-05-10 22:03 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-03-02 20:57 - 2011-10-30 12:50 - 0002603 ____A C:\Windows\KB893803v2.log
2012-03-02 15:02 - 2012-03-02 15:02 - 0000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\Templates
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\Start Menu
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\PrintHood
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\NetHood
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\My Documents
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\Documents\My Videos
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\Documents\My Pictures
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\Documents\My Music
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\History
2012-03-02 15:02 - 2012-03-02 15:02 - 0000000 ____D C:\Users\UpdatusUser\AppData\LocalLow
2012-03-02 15:02 - 2011-06-11 16:10 - 0000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2012-03-02 15:02 - 2011-06-11 16:09 - 0000000 ____D C:\Program Files\NVIDIA Corporation
2012-03-01 08:21 - 2011-07-13 05:40 - 0000000 ____D C:\Users\Owner\AppData\Roaming\ICAClient
2012-03-01 08:20 - 2011-07-06 12:45 - 0000000 __RHD C:\MSOCache
2012-02-29 22:46 - 2012-05-01 00:00 - 0023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-02-29 22:38 - 2012-05-01 00:00 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-02-29 22:33 - 2012-05-01 00:00 - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-02-29 22:28 - 2012-05-01 00:00 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-02-29 21:37 - 2012-05-01 00:00 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-02-29 21:33 - 2012-05-01 00:00 - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-02-29 21:29 - 2012-05-01 00:00 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-02-29 19:52 - 2012-02-29 19:52 - 0011888 ____A C:\Users\Owner\Desktop\TaxFormPdf.pdf
2012-02-27 22:39 - 2012-04-30 16:17 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-27 22:39 - 2012-04-30 16:17 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-27 22:39 - 2012-04-30 16:17 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-27 22:36 - 2012-04-30 16:17 - 9020928 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-27 22:36 - 2012-04-30 16:17 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-27 22:36 - 2012-04-30 16:17 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-27 22:35 - 2012-04-30 16:17 - 2453504 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-27 22:35 - 2012-04-30 16:17 - 12264448 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-27 22:35 - 2012-04-30 16:17 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-27 22:35 - 2012-04-30 16:17 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-27 21:38 - 2012-04-30 16:17 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-02-27 21:38 - 2012-04-30 16:17 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-02-27 21:38 - 2012-04-30 16:17 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-02-27 21:35 - 2012-04-30 16:17 - 5998080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-02-27 21:35 - 2012-04-30 16:17 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-02-27 21:35 - 2012-04-30 16:17 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-02-27 21:34 - 2012-04-30 16:17 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-02-27 21:34 - 2012-04-30 16:17 - 10992640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-02-27 21:34 - 2012-04-30 16:17 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-02-27 21:34 - 2012-04-30 16:17 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-02-27 20:31 - 2012-04-30 16:17 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-27 19:52 - 2012-04-30 16:17 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-02-26 19:56 - 2012-02-26 19:56 - 0052433 ____A C:\Users\Owner\Desktop\Statement[1].pdf
2012-02-17 05:01 - 2012-05-01 10:16 - 0391520 ____A C:\Users\Owner\AppData\Roaming\kujytuo.exe
2012-02-16 22:38 - 2012-03-15 15:20 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-16 21:34 - 2012-03-15 15:20 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-02-16 20:58 - 2012-03-15 15:20 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-16 20:57 - 2012-03-15 15:20 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-16 20:47 - 2011-06-11 04:17 - 0000174 ___SH C:\Users\Owner\Start Menu\Programs\Startup\desktop.ini
2012-02-16 20:47 - 2011-06-11 04:17 - 0000174 ___SH C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-16 01:03 - 2011-07-06 12:37 - 0000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-02-14 07:31 - 2011-06-11 04:17 - 0000000 ____D C:\Users\Owner\AppData\Local\VirtualStore
2012-02-12 20:27 - 2012-02-12 20:27 - 0000000 ____D C:\Users\Owner\AppData\Roaming\NVIDIA

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 15%
Total physical RAM: 6143.29 MB
Available physical RAM: 5220.28 MB
Total Pagefile: 6141.43 MB
Available Pagefile: 5188.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:918.5 GB) (Free:769.75 GB) NTFS
2 Drive e: (HP_RECOVERY) (Fixed) (Total:12.92 GB) (Free:1.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (Battlefield 3) (CDROM) (Total:5.63 GB) (Free:0 GB) CDFS
4 Drive g: () (Removable) (Total:0.94 GB) (Free:0.06 GB) FAT
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 963 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 918 GB 101 MB
Partition 3 Primary 12 GB 918 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 918 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E HP_RECOVERY NTFS Partition 12 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 962 MB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT Removable 962 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-05-08 23:44

======================= End Of Log ==========================

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:55 AM

Posted 11 May 2012 - 06:10 PM

Hello

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

SubSystems: [Windows] ATTENTION! ====> ZeroAccess
1 xwvskpdi; C:\Windows\System32\Drivers\xwvskpdi.sys [50000 2012-05-11] (Microsoft Corporation)
C:\Windows\System32\Drivers\xwvskpdi.sys 
2012-05-01 11:44 - 2012-05-10 21:56 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-05-01 10:16 - 2012-02-17 05:01 - 0391520 ____A C:\Users\Owner\AppData\Roaming\kujytuo.exe

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Gringo[/b]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 CALVIN1693

CALVIN1693
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 11 May 2012 - 07:09 PM

Fix result of Farbar Recovery Tool (FRST written by farbar) Version: 11-05-2012
Ran by SYSTEM at 2012-05-11 19:04:34 Run:2
Running from G:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored.
xwvskpdi service not found.
C:\Windows\System32\Drivers\xwvskpdi.sys not found.
C:\Windows\System32\dds_trash_log.cmd not found.
C:\Users\Owner\AppData\Roaming\kujytuo.exe not found.

==== End of Fixlog ====

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:55 AM

Posted 11 May 2012 - 08:06 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 CALVIN1693

CALVIN1693
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 11 May 2012 - 09:36 PM

Seems to be running fine but MSE still says I have Trojans.

ComboFix 12-05-11.03 - Owner 05/11/2012 20:20:47.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.4601 [GMT -5:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
C:\Thumbs.db
c:\users\Owner\AppData\Local\assembly\tmp
c:\users\Owner\AppData\Roaming\data.dat
c:\users\TEMP\AppData\Local\assembly\tmp
c:\windows\assembly\temp\@
c:\windows\assembly\temp\cfg.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-04-12 to 2012-05-12 )))))))))))))))))))))))))))))))
.
.
2012-05-12 01:29 . 2012-05-12 01:29 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DCECC26F-B495-4094-BC79-06DFA93A71DD}\offreg.dll
2012-05-12 00:46 . 2012-05-12 00:47 -------- d-----w- C:\FRST
2012-05-11 06:08 . 2012-05-11 06:08 50000 ----a-w- c:\windows\system32\drivers\cydlbrdn.sys
2012-05-11 06:00 . 2012-05-11 06:00 50000 ----a-w- c:\windows\system32\drivers\kbcihlpa.sys
2012-05-11 05:59 . 2012-05-11 05:57 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6EEBAEA7-2455-42EF-AB7B-5B15AC93C432}\gapaengine.dll
2012-05-11 05:58 . 2012-04-13 06:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DCECC26F-B495-4094-BC79-06DFA93A71DD}\mpengine.dll
2012-05-09 03:31 . 2012-05-09 03:31 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-05-09 03:31 . 2012-05-09 03:31 -------- d-----w- c:\programdata\Malwarebytes
2012-05-09 03:31 . 2012-05-11 07:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-09 02:27 . 2012-05-09 02:27 -------- d-----w- c:\users\Owner\AppData\Roaming\SpeedyPC Software
2012-05-09 02:27 . 2012-05-09 02:27 -------- d-----w- c:\users\Owner\AppData\Roaming\DriverCure
2012-05-09 02:27 . 2012-05-09 02:27 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software
2012-05-09 02:27 . 2012-05-09 02:27 -------- d-----w- c:\programdata\SpeedyPC Software
2012-05-09 02:27 . 2012-05-09 02:27 -------- d-----w- c:\program files (x86)\SpeedyPC Software
2012-05-08 23:32 . 2012-05-08 23:32 -------- d-----w- c:\users\Owner\AppData\Roaming\FixTDSS
2012-05-08 13:50 . 2012-05-08 23:26 -------- d-----w- c:\users\Owner\AppData\Local\NPE
2012-05-05 15:07 . 2012-05-05 17:18 -------- d-----w- c:\users\Owner\AppData\Roaming\Ad-Aware Antivirus
2012-05-05 15:07 . 2012-05-05 15:07 -------- d-----w- c:\programdata\Lavasoft
2012-05-05 00:10 . 2012-05-05 00:10 -------- d-----w- c:\users\Owner\AppData\Roaming\Tific
2012-05-05 00:10 . 2012-05-05 00:10 -------- d-----w- c:\users\Owner\AppData\Local\Symantec
2012-05-05 00:01 . 2012-05-05 18:11 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-05-05 00:01 . 2012-05-05 18:11 -------- d-----w- c:\program files\Microsoft Security Client
2012-05-02 01:24 . 2011-04-05 22:35 60504 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-05-02 01:24 . 2011-04-05 22:35 94296 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-05-02 01:23 . 2011-02-08 14:14 84568 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-05-02 01:23 . 2012-05-05 17:18 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2012-05-02 01:23 . 2011-04-05 22:35 253528 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-05-02 01:23 . 2012-05-12 01:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-05-02 01:23 . 2012-05-02 01:24 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-05-02 01:23 . 2012-05-02 01:23 -------- d-----w- c:\users\Owner\AppData\Local\adawarebp
2012-05-02 01:23 . 2012-05-02 01:23 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2012-05-01 19:43 . 2012-05-01 19:43 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-01 19:43 . 2012-05-01 19:43 -------- d-----w- c:\windows\system32\Macromed
2012-05-01 18:16 . 2012-05-11 07:47 -------- d-----w- c:\program files (x86)\BabylonToolbar
2012-05-01 18:16 . 2012-05-01 18:16 237 ----a-w- C:\user.js
2012-05-01 08:02 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-01 08:02 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-01 08:02 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 08:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-05-01 08:00 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-05-01 08:00 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-05-01 08:00 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-05-01 08:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-05-01 08:00 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-05-01 08:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-05-01 02:57 . 2012-05-11 08:54 -------- d-----w- c:\programdata\Recovery
2012-04-30 23:23 . 2012-05-01 03:02 -------- d-----w- c:\users\TEMP\AppData\Local\WinZip
2012-04-30 23:12 . 2012-04-30 23:12 -------- d-----we c:\windows\system64
2012-04-22 06:17 . 2012-04-22 06:17 -------- d-----w- c:\users\TEMP\AppData\Local\icall
2012-04-22 06:15 . 2012-05-01 03:02 -------- d-----w- c:\users\TEMP\AppData\Roaming\Skype
2012-04-19 17:36 . 2012-04-19 17:36 -------- d-----w- c:\users\TEMP\AppData\Local\SoftGrid Client
2012-04-19 17:36 . 2012-04-30 23:53 -------- d-----w- c:\users\TEMP\AppData\Roaming\SoftGrid Client
2012-04-16 02:28 . 2012-04-16 02:28 -------- d-----w- c:\users\TEMP\AppData\Roaming\Hewlett-Packard
2012-04-16 01:57 . 2012-04-30 01:58 -------- d-----w- c:\users\TEMP\AppData\Roaming\HP Support Assistant
2012-04-16 01:56 . 2012-04-30 01:58 -------- d-----w- c:\users\TEMP\AppData\Roaming\HpUpdate
2012-04-16 01:56 . 2012-04-16 01:56 -------- d-----w- c:\users\TEMP\AppData\Local\Hewlett-Packard
2012-04-15 04:59 . 2012-04-24 05:12 -------- d-----w- c:\users\TEMP\AppData\Local\CrashDumps
2012-04-14 20:36 . 2012-04-14 20:36 -------- d-----w- c:\users\TEMP\AppData\Local\Mozilla
2012-04-14 04:56 . 2012-05-01 03:02 -------- d-----w- c:\users\TEMP\AppData\Roaming\Mumble
2012-04-14 00:01 . 2012-04-14 00:01 -------- d-----w- c:\users\TEMP\AppData\Local\Adobe
2012-04-13 13:51 . 2012-05-01 03:02 -------- d-----w- c:\users\TEMP\AppData\Roaming\ICAClient
2012-04-13 13:50 . 2012-04-13 13:50 -------- d-----w- c:\program files (x86)\Citrix
2012-04-12 20:37 . 2012-04-12 20:37 -------- d-----w- c:\users\TEMP\AppData\Local\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-01 19:43 . 2011-06-17 19:37 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-22 04:30 . 2011-10-31 00:20 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-03-22 04:30 . 2011-10-30 22:12 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-03-22 04:29 . 2011-10-30 22:12 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-03-21 01:44 . 2012-03-21 01:44 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 01:44 . 2012-03-21 01:44 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-03 06:22 . 2011-10-30 22:12 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-02-17 06:38 . 2012-03-15 23:20 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-15 23:20 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-15 23:20 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-15 23:20 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 21:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-17 21:54 175912 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2011-08-06 1242448]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 6276408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-12 102400]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2011-08-08 273544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"DeathAdder"="c:\program files (x86)\Razer\DeathAdder\razerhid.exe" [2012-01-14 248832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snagit 10.lnk - c:\program files (x86)\TechSmith\Snagit 10\Snagit32.exe [2011-11-8 7070608]
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-06 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 253088]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-06 136176]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111014.001\BHDrvx64.sys [2011-10-14 1155704]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111021.030\IDSvia64.sys [2011-08-23 488568]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-21 92216]
S3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 19:43]
.
2012-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-06 15:03]
.
2012-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-06 15:03]
.
2012-05-01 c:\windows\Tasks\HPCeeScheduleForOWNER-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-05-11 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
authsyssvc
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\604ddafg.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=108988&babsrc=HP_ss&mntrId=147f53a10000000000002c27d71a9a9f
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=108988&babsrc=KW_ss&mntrId=147f53a10000000000002c27d71a9a9f&q=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=108988
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 147f53a10000000000002c27d71a9a9f
FF - user.js: extensions.BabylonToolbar_i.hardId - 147f53a10000000000002c27d71a9a9f
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15461
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1713:16
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
Toolbar-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
Wow6432Node-HKCU-Run-Kujytuo - c:\users\Owner\AppData\Roaming\kujytuo.exe
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKLM-Run-SBRegRebootCleaner - c:\program files (x86)\Ad-Aware Antivirus\Engine\SBRC.exe
AddRemove-ESN Sonar-0.70.4 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
AddRemove-{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8} - c:\program files (x86)\InstallShield Installation Information\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\07\05\01\16\0c\14?"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
c:\program files (x86)\PDF Complete\pdfsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
.
**************************************************************************
.
Completion time: 2012-05-11 20:49:47 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-12 01:49
.
Pre-Run: 834,778,415,104 bytes free
Post-Run: 834,957,844,480 bytes free
.
- - End Of File - - B25F96D17703EC2F974D7C26E432DC10

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:55 AM

Posted 11 May 2012 - 09:45 PM

Greetings CALVIN

Next time MSE says you have a trojan I would like to have the location

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 CALVIN1693

CALVIN1693
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 12 May 2012 - 03:07 AM

03:03:59.0804 4140 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
03:04:00.0313 4140 ============================================================
03:04:00.0314 4140 Current date / time: 2012/05/12 03:04:00.0313
03:04:00.0314 4140 SystemInfo:
03:04:00.0314 4140
03:04:00.0314 4140 OS Version: 6.1.7601 ServicePack: 1.0
03:04:00.0314 4140 Product type: Workstation
03:04:00.0314 4140 ComputerName: OWNER-HP
03:04:00.0314 4140 UserName: Owner
03:04:00.0314 4140 Windows directory: C:\Windows
03:04:00.0314 4140 System windows directory: C:\Windows
03:04:00.0314 4140 Running under WOW64
03:04:00.0314 4140 Processor architecture: Intel x64
03:04:00.0314 4140 Number of processors: 4
03:04:00.0314 4140 Page size: 0x1000
03:04:00.0314 4140 Boot type: Normal boot
03:04:00.0314 4140 ============================================================
03:04:09.0493 4140 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:04:09.0602 4140 Drive \Device\Harddisk5\DR5 - Size: 0x3C300000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
03:04:09.0606 4140 ============================================================
03:04:09.0606 4140 \Device\Harddisk0\DR0:
03:04:09.0670 4140 MBR partitions:
03:04:09.0670 4140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
03:04:09.0670 4140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72CFF000
03:04:09.0670 4140 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72D31800, BlocksNum 0x19D4800
03:04:09.0670 4140 \Device\Harddisk5\DR5:
03:04:09.0671 4140 MBR partitions:
03:04:09.0672 4140 \Device\Harddisk5\DR5\Partition0: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1E17E0
03:04:09.0672 4140 ============================================================
03:04:10.0295 4140 C: <-> \Device\Harddisk0\DR0\Partition1
03:04:10.0569 4140 D: <-> \Device\Harddisk0\DR0\Partition2
03:04:10.0569 4140 ============================================================
03:04:10.0569 4140 Initialize success
03:04:10.0570 4140 ============================================================
03:04:29.0253 2624 ============================================================
03:04:29.0253 2624 Scan started
03:04:29.0253 2624 Mode: Manual;
03:04:29.0253 2624 ============================================================
03:04:40.0116 2624 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
03:04:40.0127 2624 1394ohci - ok
03:04:40.0225 2624 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
03:04:40.0229 2624 ACPI - ok
03:04:40.0291 2624 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
03:04:40.0295 2624 AcpiPmi - ok
03:04:40.0449 2624 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
03:04:40.0450 2624 AdobeARMservice - ok
03:04:40.0679 2624 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
03:04:40.0683 2624 AdobeFlashPlayerUpdateSvc - ok
03:04:40.0812 2624 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
03:04:40.0818 2624 adp94xx - ok
03:04:40.0884 2624 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
03:04:40.0888 2624 adpahci - ok
03:04:40.0903 2624 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
03:04:40.0906 2624 adpu320 - ok
03:04:40.0946 2624 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
03:04:40.0948 2624 AeLookupSvc - ok
03:04:41.0083 2624 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
03:04:41.0089 2624 AFD - ok
03:04:41.0115 2624 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
03:04:41.0117 2624 agp440 - ok
03:04:41.0145 2624 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
03:04:41.0146 2624 ALG - ok
03:04:41.0185 2624 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
03:04:41.0186 2624 aliide - ok
03:04:41.0276 2624 AMD External Events Utility (ca0d6c1390f4b3baf2a0a69d1a7f8332) C:\Windows\system32\atiesrxx.exe
03:04:41.0279 2624 AMD External Events Utility - ok
03:04:41.0293 2624 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
03:04:41.0297 2624 amdide - ok
03:04:41.0337 2624 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
03:04:41.0339 2624 AmdK8 - ok
03:04:42.0848 2624 amdkmdag (75e4baca583ae02c11e9ac8747e2abe0) C:\Windows\system32\DRIVERS\atikmdag.sys
03:04:42.0992 2624 amdkmdag - ok
03:04:43.0332 2624 amdkmdap (b765cf4b32f347be747b21ae22641025) C:\Windows\system32\DRIVERS\atikmpag.sys
03:04:43.0361 2624 amdkmdap - ok
03:04:43.0440 2624 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
03:04:43.0442 2624 AmdPPM - ok
03:04:43.0554 2624 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
03:04:43.0557 2624 amdsata - ok
03:04:43.0602 2624 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
03:04:43.0606 2624 amdsbs - ok
03:04:43.0620 2624 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
03:04:43.0621 2624 amdxata - ok
03:04:43.0668 2624 amd_sata (8a2b4818215d8a6ff54dc3f0d63cbb2d) C:\Windows\system32\DRIVERS\amd_sata.sys
03:04:43.0669 2624 amd_sata - ok
03:04:43.0682 2624 amd_xata (a2d8977623e13591b15f6370c6cc37b0) C:\Windows\system32\DRIVERS\amd_xata.sys
03:04:43.0684 2624 amd_xata - ok
03:04:43.0759 2624 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
03:04:43.0761 2624 AppID - ok
03:04:43.0791 2624 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
03:04:43.0792 2624 AppIDSvc - ok
03:04:43.0817 2624 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
03:04:43.0818 2624 Appinfo - ok
03:04:43.0961 2624 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:04:43.0965 2624 Apple Mobile Device - ok
03:04:44.0062 2624 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
03:04:44.0065 2624 arc - ok
03:04:44.0078 2624 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
03:04:44.0081 2624 arcsas - ok
03:04:44.0095 2624 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
03:04:44.0096 2624 AsyncMac - ok
03:04:44.0121 2624 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
03:04:44.0122 2624 atapi - ok
03:04:44.0159 2624 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
03:04:44.0160 2624 AtiPcie - ok
03:04:44.0251 2624 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
03:04:44.0265 2624 AudioEndpointBuilder - ok
03:04:44.0274 2624 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
03:04:44.0279 2624 AudioSrv - ok
03:04:44.0318 2624 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
03:04:44.0320 2624 AxInstSV - ok
03:04:44.0692 2624 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
03:04:44.0857 2624 b06bdrv - ok
03:04:45.0140 2624 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
03:04:45.0147 2624 b57nd60a - ok
03:04:45.0381 2624 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
03:04:45.0384 2624 BDESVC - ok
03:04:45.0416 2624 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
03:04:45.0417 2624 Beep - ok
03:04:46.0783 2624 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
03:04:46.0801 2624 BFE - ok
03:04:47.0326 2624 BHDrvx64 (cd0ecb395666fc9ae23d7381e9e3370d) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111014.001\BHDrvx64.sys
03:04:47.0339 2624 BHDrvx64 - ok
03:04:47.0554 2624 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
03:04:47.0563 2624 BITS - ok
03:04:47.0687 2624 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
03:04:47.0691 2624 blbdrive - ok
03:04:47.0918 2624 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
03:04:47.0922 2624 Bonjour Service - ok
03:04:47.0995 2624 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
03:04:47.0997 2624 bowser - ok
03:04:48.0041 2624 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
03:04:48.0042 2624 BrFiltLo - ok
03:04:48.0045 2624 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
03:04:48.0046 2624 BrFiltUp - ok
03:04:48.0093 2624 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
03:04:48.0095 2624 BridgeMP - ok
03:04:48.0185 2624 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
03:04:48.0187 2624 Browser - ok
03:04:48.0209 2624 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
03:04:48.0213 2624 Brserid - ok
03:04:48.0219 2624 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
03:04:48.0220 2624 BrSerWdm - ok
03:04:48.0224 2624 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
03:04:48.0224 2624 BrUsbMdm - ok
03:04:48.0228 2624 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
03:04:48.0229 2624 BrUsbSer - ok
03:04:48.0258 2624 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
03:04:48.0260 2624 BTHMODEM - ok
03:04:48.0324 2624 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
03:04:48.0326 2624 bthserv - ok
03:04:48.0346 2624 catchme - ok
03:04:48.0378 2624 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
03:04:48.0379 2624 cdfs - ok
03:04:48.0561 2624 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
03:04:48.0563 2624 cdrom - ok
03:04:48.0616 2624 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
03:04:48.0617 2624 CertPropSvc - ok
03:04:48.0675 2624 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
03:04:48.0677 2624 circlass - ok
03:04:48.0765 2624 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
03:04:48.0770 2624 CLFS - ok
03:04:48.0891 2624 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:04:48.0893 2624 clr_optimization_v2.0.50727_32 - ok
03:04:48.0954 2624 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:04:48.0956 2624 clr_optimization_v2.0.50727_64 - ok
03:04:49.0090 2624 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:04:49.0091 2624 clr_optimization_v4.0.30319_32 - ok
03:04:49.0195 2624 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:04:49.0218 2624 clr_optimization_v4.0.30319_64 - ok
03:04:49.0264 2624 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
03:04:49.0266 2624 CmBatt - ok
03:04:49.0375 2624 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
03:04:49.0460 2624 cmdide - ok
03:04:49.0686 2624 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
03:04:49.0692 2624 CNG - ok
03:04:49.0756 2624 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
03:04:49.0764 2624 Compbatt - ok
03:04:49.0832 2624 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
03:04:49.0833 2624 CompositeBus - ok
03:04:49.0853 2624 COMSysApp - ok
03:04:49.0877 2624 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
03:04:49.0879 2624 crcdisk - ok
03:04:49.0963 2624 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
03:04:49.0965 2624 CryptSvc - ok
03:04:50.0262 2624 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
03:04:50.0270 2624 cvhsvc - ok
03:04:50.0301 2624 danewFltr (003626f7ca17c204f16cd5047af0703a) C:\Windows\system32\drivers\danew.sys
03:04:50.0302 2624 danewFltr - ok
03:04:51.0202 2624 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
03:04:51.0219 2624 DcomLaunch - ok
03:04:51.0592 2624 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
03:04:51.0618 2624 defragsvc - ok
03:04:51.0713 2624 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
03:04:51.0715 2624 DfsC - ok
03:04:51.0806 2624 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
03:04:51.0810 2624 Dhcp - ok
03:04:51.0936 2624 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
03:04:51.0947 2624 discache - ok
03:04:52.0048 2624 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
03:04:52.0050 2624 Disk - ok
03:04:52.0117 2624 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
03:04:52.0120 2624 Dnscache - ok
03:04:52.0257 2624 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
03:04:52.0260 2624 dot3svc - ok
03:04:52.0320 2624 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
03:04:52.0322 2624 DPS - ok
03:04:52.0411 2624 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
03:04:52.0425 2624 drmkaud - ok
03:04:53.0297 2624 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
03:04:53.0336 2624 DXGKrnl - ok
03:04:53.0414 2624 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
03:04:53.0432 2624 EapHost - ok
03:04:54.0516 2624 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
03:04:54.0581 2624 ebdrv - ok
03:04:55.0003 2624 eeCtrl (5e3a50930447f464c66032e05a4632f5) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
03:04:55.0010 2624 eeCtrl - ok
03:04:55.0298 2624 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
03:04:55.0300 2624 EFS - ok
03:04:55.0756 2624 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
03:04:55.0809 2624 ehRecvr - ok
03:04:55.0851 2624 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
03:04:55.0853 2624 ehSched - ok
03:04:56.0166 2624 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
03:04:56.0422 2624 elxstor - ok
03:04:56.0466 2624 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
03:04:56.0469 2624 ErrDev - ok
03:04:56.0537 2624 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
03:04:56.0542 2624 EventSystem - ok
03:04:56.0623 2624 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
03:04:56.0625 2624 exfat - ok
03:04:56.0906 2624 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
03:04:56.0965 2624 fastfat - ok
03:04:57.0234 2624 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
03:04:57.0242 2624 Fax - ok
03:04:57.0282 2624 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
03:04:57.0283 2624 fdc - ok
03:04:57.0336 2624 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
03:04:57.0338 2624 fdPHost - ok
03:04:57.0385 2624 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
03:04:57.0386 2624 FDResPub - ok
03:04:57.0423 2624 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
03:04:57.0424 2624 FileInfo - ok
03:04:57.0494 2624 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
03:04:57.0671 2624 Filetrace - ok
03:04:57.0795 2624 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
03:04:57.0797 2624 flpydisk - ok
03:04:57.0853 2624 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
03:04:57.0857 2624 FltMgr - ok
03:04:58.0186 2624 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
03:04:58.0223 2624 FontCache - ok
03:04:58.0569 2624 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:04:58.0610 2624 FontCache3.0.0.0 - ok
03:04:58.0787 2624 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
03:04:58.0788 2624 FsDepends - ok
03:04:58.0892 2624 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
03:04:58.0931 2624 Fs_Rec - ok
03:04:59.0009 2624 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
03:04:59.0011 2624 fvevol - ok
03:04:59.0055 2624 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
03:04:59.0057 2624 gagp30kx - ok
03:04:59.0272 2624 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
03:04:59.0277 2624 GameConsoleService - ok
03:04:59.0383 2624 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:04:59.0393 2624 GEARAspiWDM - ok
03:04:59.0822 2624 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
03:04:59.0831 2624 gpsvc - ok
03:04:59.0978 2624 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:04:59.0980 2624 gupdate - ok
03:05:00.0053 2624 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:05:00.0054 2624 gupdatem - ok
03:05:00.0119 2624 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
03:05:00.0122 2624 gusvc - ok
03:05:00.0173 2624 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
03:05:00.0191 2624 hcw85cir - ok
03:05:00.0459 2624 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
03:05:00.0475 2624 HdAudAddService - ok
03:05:00.0546 2624 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
03:05:00.0547 2624 HDAudBus - ok
03:05:00.0602 2624 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
03:05:00.0604 2624 HidBatt - ok
03:05:00.0971 2624 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
03:05:01.0009 2624 HidBth - ok
03:05:01.0015 2624 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
03:05:01.0017 2624 HidIr - ok
03:05:01.0081 2624 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
03:05:01.0083 2624 hidserv - ok
03:05:01.0176 2624 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
03:05:01.0177 2624 HidUsb - ok
03:05:01.0251 2624 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
03:05:01.0275 2624 hkmsvc - ok
03:05:01.0385 2624 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
03:05:01.0455 2624 HomeGroupListener - ok
03:05:02.0192 2624 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
03:05:02.0210 2624 HomeGroupProvider - ok
03:05:02.0881 2624 HP Health Check Service (37965381364b2e106e1dd7d74cdcaa43) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
03:05:02.0882 2624 HP Health Check Service - ok
03:05:03.0356 2624 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
03:05:03.0363 2624 HPClientSvc - ok
03:05:03.0639 2624 HPDrvMntSvc.exe (a48a151d3fa7cb032a51453f087221c7) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
03:05:03.0642 2624 HPDrvMntSvc.exe - ok
03:05:03.0754 2624 hpqwmiex (71bd8a611e0677175d3938c9cea7339a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
03:05:03.0762 2624 hpqwmiex - ok
03:05:04.0570 2624 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
03:05:04.0571 2624 HpSAMD - ok
03:05:04.0698 2624 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
03:05:04.0707 2624 HTTP - ok
03:05:04.0868 2624 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
03:05:04.0925 2624 hwpolicy - ok
03:05:04.0994 2624 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
03:05:04.0996 2624 i8042prt - ok
03:05:05.0123 2624 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
03:05:05.0157 2624 iaStorV - ok
03:05:05.0528 2624 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:05:05.0538 2624 idsvc - ok
03:05:05.0899 2624 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111021.030\IDSvia64.sys
03:05:05.0905 2624 IDSVia64 - ok
03:05:06.0336 2624 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
03:05:06.0383 2624 iirsp - ok
03:05:07.0084 2624 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
03:05:07.0127 2624 IKEEXT - ok
03:05:08.0302 2624 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
03:05:08.0383 2624 IntcAzAudAddService - ok
03:05:09.0444 2624 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
03:05:09.0446 2624 intelide - ok
03:05:09.0493 2624 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
03:05:09.0497 2624 intelppm - ok
03:05:09.0575 2624 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
03:05:09.0580 2624 IPBusEnum - ok
03:05:09.0622 2624 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:05:09.0625 2624 IpFilterDriver - ok
03:05:10.0221 2624 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
03:05:10.0252 2624 iphlpsvc - ok
03:05:10.0428 2624 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
03:05:10.0467 2624 IPMIDRV - ok
03:05:10.0719 2624 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
03:05:10.0750 2624 IPNAT - ok
03:05:11.0171 2624 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
03:05:11.0202 2624 iPod Service - ok
03:05:11.0327 2624 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
03:05:11.0343 2624 IRENUM - ok
03:05:11.0374 2624 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
03:05:11.0374 2624 isapnp - ok
03:05:11.0702 2624 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
03:05:11.0717 2624 iScsiPrt - ok
03:05:11.0826 2624 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
03:05:11.0858 2624 kbdclass - ok
03:05:11.0920 2624 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
03:05:11.0982 2624 kbdhid - ok
03:05:12.0060 2624 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
03:05:12.0076 2624 KeyIso - ok
03:05:12.0201 2624 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
03:05:12.0201 2624 KSecDD - ok
03:05:12.0653 2624 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
03:05:12.0653 2624 KSecPkg - ok
03:05:12.0716 2624 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
03:05:12.0731 2624 ksthunk - ok
03:05:12.0918 2624 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
03:05:12.0934 2624 KtmRm - ok
03:05:13.0059 2624 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
03:05:13.0074 2624 LanmanServer - ok
03:05:13.0106 2624 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
03:05:13.0106 2624 LanmanWorkstation - ok
03:05:13.0293 2624 LightScribeService (fa4a45c179ab0e0f1a31b9751d4b18d7) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
03:05:13.0308 2624 LightScribeService - ok
03:05:13.0371 2624 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
03:05:13.0386 2624 lltdio - ok
03:05:13.0496 2624 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
03:05:13.0558 2624 lltdsvc - ok
03:05:13.0620 2624 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
03:05:13.0652 2624 lmhosts - ok
03:05:13.0792 2624 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
03:05:13.0792 2624 LSI_FC - ok
03:05:13.0901 2624 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
03:05:13.0901 2624 LSI_SAS - ok
03:05:13.0917 2624 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
03:05:13.0917 2624 LSI_SAS2 - ok
03:05:13.0932 2624 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
03:05:13.0932 2624 LSI_SCSI - ok
03:05:14.0042 2624 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
03:05:14.0042 2624 luafv - ok
03:05:14.0120 2624 Macromedia Licensing Service (d5ba9b816afef5292fe13c9a6267b6ab) C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
03:05:14.0135 2624 Macromedia Licensing Service - ok
03:05:14.0198 2624 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
03:05:14.0198 2624 Mcx2Svc - ok
03:05:14.0260 2624 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
03:05:14.0291 2624 megasas - ok
03:05:14.0338 2624 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
03:05:14.0354 2624 MegaSR - ok
03:05:14.0385 2624 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
03:05:14.0385 2624 MMCSS - ok
03:05:14.0385 2624 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
03:05:14.0400 2624 Modem - ok
03:05:14.0447 2624 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
03:05:14.0447 2624 monitor - ok
03:05:14.0494 2624 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
03:05:14.0510 2624 mouclass - ok
03:05:14.0588 2624 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
03:05:14.0603 2624 mouhid - ok
03:05:14.0650 2624 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
03:05:14.0666 2624 mountmgr - ok
03:05:15.0040 2624 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
03:05:15.0056 2624 MpFilter - ok
03:05:15.0134 2624 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
03:05:15.0134 2624 mpio - ok
03:05:15.0180 2624 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
03:05:15.0180 2624 mpsdrv - ok
03:05:15.0383 2624 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
03:05:15.0399 2624 MpsSvc - ok
03:05:15.0477 2624 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
03:05:15.0477 2624 MRxDAV - ok
03:05:15.0617 2624 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
03:05:15.0633 2624 mrxsmb - ok
03:05:15.0789 2624 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:05:15.0804 2624 mrxsmb10 - ok
03:05:15.0851 2624 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:05:15.0851 2624 mrxsmb20 - ok
03:05:15.0898 2624 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
03:05:15.0898 2624 msahci - ok
03:05:15.0929 2624 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
03:05:15.0929 2624 msdsm - ok
03:05:15.0992 2624 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
03:05:15.0992 2624 MSDTC - ok
03:05:16.0054 2624 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
03:05:16.0054 2624 Msfs - ok
03:05:16.0132 2624 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
03:05:16.0132 2624 mshidkmdf - ok
03:05:16.0179 2624 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
03:05:16.0179 2624 msisadrv - ok
03:05:16.0335 2624 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
03:05:16.0335 2624 MSiSCSI - ok
03:05:16.0350 2624 msiserver - ok
03:05:16.0397 2624 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
03:05:16.0397 2624 MSKSSRV - ok
03:05:16.0522 2624 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
03:05:16.0522 2624 MsMpSvc - ok
03:05:16.0538 2624 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
03:05:16.0553 2624 MSPCLOCK - ok
03:05:16.0569 2624 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
03:05:16.0600 2624 MSPQM - ok
03:05:16.0709 2624 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
03:05:16.0709 2624 MsRPC - ok
03:05:16.0912 2624 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
03:05:16.0912 2624 mssmbios - ok
03:05:17.0006 2624 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
03:05:17.0006 2624 MSTEE - ok
03:05:17.0037 2624 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
03:05:17.0037 2624 MTConfig - ok
03:05:17.0146 2624 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
03:05:17.0146 2624 Mup - ok
03:05:17.0224 2624 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
03:05:17.0286 2624 napagent - ok
03:05:17.0349 2624 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
03:05:17.0349 2624 NativeWifiP - ok
03:05:18.0082 2624 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111021.034\ENG64.SYS
03:05:18.0144 2624 NAVENG - ok
03:05:18.0503 2624 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111021.034\EX64.SYS
03:05:18.0534 2624 NAVEX15 - ok
03:05:19.0221 2624 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
03:05:19.0236 2624 NDIS - ok
03:05:19.0361 2624 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
03:05:19.0361 2624 NdisCap - ok
03:05:19.0502 2624 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
03:05:19.0502 2624 NdisTapi - ok
03:05:19.0517 2624 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
03:05:19.0517 2624 Ndisuio - ok
03:05:19.0564 2624 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
03:05:19.0564 2624 NdisWan - ok
03:05:19.0580 2624 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
03:05:19.0580 2624 NDProxy - ok
03:05:19.0595 2624 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
03:05:19.0611 2624 NetBIOS - ok
03:05:19.0658 2624 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
03:05:19.0673 2624 NetBT - ok
03:05:19.0704 2624 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
03:05:19.0704 2624 Netlogon - ok
03:05:19.0907 2624 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
03:05:19.0923 2624 Netman - ok
03:05:20.0032 2624 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
03:05:20.0032 2624 netprofm - ok
03:05:20.0282 2624 netr28x (1982b291df9833fb3adc397ebd310a18) C:\Windows\system32\DRIVERS\netr28x.sys
03:05:20.0282 2624 netr28x - ok
03:05:20.0453 2624 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:05:20.0469 2624 NetTcpPortSharing - ok
03:05:20.0562 2624 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
03:05:20.0562 2624 nfrd960 - ok
03:05:21.0124 2624 NIS (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
03:05:21.0140 2624 NIS - ok
03:05:21.0202 2624 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
03:05:21.0202 2624 NisDrv - ok
03:05:21.0483 2624 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
03:05:21.0483 2624 NisSrv - ok
03:05:21.0623 2624 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
03:05:21.0639 2624 NlaSvc - ok
03:05:22.0450 2624 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
03:05:22.0528 2624 NOBU - ok
03:05:23.0058 2624 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
03:05:23.0058 2624 Npfs - ok
03:05:23.0090 2624 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
03:05:23.0105 2624 nsi - ok
03:05:23.0105 2624 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
03:05:23.0105 2624 nsiproxy - ok
03:05:24.0260 2624 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
03:05:24.0322 2624 Ntfs - ok
03:05:24.0556 2624 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
03:05:24.0556 2624 Null - ok
03:05:24.0634 2624 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
03:05:24.0634 2624 NVHDA - ok
03:05:26.0958 2624 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:05:27.0177 2624 nvlddmkm - ok
03:05:27.0660 2624 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
03:05:27.0676 2624 nvraid - ok
03:05:27.0723 2624 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
03:05:27.0723 2624 nvstor - ok
03:05:28.0191 2624 nvsvc (34e5498528bb3d5a951f889f8756ad26) C:\Windows\system32\nvvsvc.exe
03:05:28.0238 2624 nvsvc - ok
03:05:29.0673 2624 nvUpdatusService (cd0bfaa6872cfe38c908d313ae17c350) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
03:05:29.0766 2624 nvUpdatusService - ok
03:05:30.0078 2624 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
03:05:30.0094 2624 nv_agp - ok
03:05:30.0110 2624 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
03:05:30.0125 2624 ohci1394 - ok
03:05:30.0234 2624 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:05:30.0234 2624 ose - ok
03:05:31.0373 2624 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:05:31.0545 2624 osppsvc - ok
03:05:31.0732 2624 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
03:05:31.0732 2624 p2pimsvc - ok
03:05:31.0826 2624 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
03:05:31.0826 2624 p2psvc - ok
03:05:31.0888 2624 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
03:05:31.0888 2624 Parport - ok
03:05:32.0169 2624 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
03:05:32.0200 2624 partmgr - ok
03:05:32.0278 2624 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
03:05:32.0278 2624 PcaSvc - ok
03:05:32.0356 2624 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
03:05:32.0356 2624 pci - ok
03:05:32.0372 2624 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
03:05:32.0372 2624 pciide - ok
03:05:32.0403 2624 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
03:05:32.0403 2624 pcmcia - ok
03:05:32.0434 2624 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
03:05:32.0434 2624 pcw - ok
03:05:32.0543 2624 pdfcDispatcher - ok
03:05:32.0637 2624 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
03:05:32.0637 2624 PEAUTH - ok
03:05:33.0978 2624 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
03:05:33.0978 2624 PerfHost - ok
03:05:34.0462 2624 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
03:05:34.0540 2624 pla - ok
03:05:35.0382 2624 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
03:05:35.0414 2624 PlugPlay - ok
03:05:35.0492 2624 PnkBstrA - ok
03:05:35.0554 2624 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
03:05:35.0570 2624 PNRPAutoReg - ok
03:05:36.0350 2624 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
03:05:36.0350 2624 PNRPsvc - ok
03:05:37.0535 2624 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
03:05:37.0551 2624 PolicyAgent - ok
03:05:37.0910 2624 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
03:05:37.0910 2624 Power - ok
03:05:38.0253 2624 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
03:05:38.0331 2624 PptpMiniport - ok
03:05:38.0565 2624 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
03:05:38.0658 2624 Processor - ok
03:05:39.0501 2624 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
03:05:39.0532 2624 ProfSvc - ok
03:05:39.0828 2624 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
03:05:39.0828 2624 ProtectedStorage - ok
03:05:40.0156 2624 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
03:05:40.0172 2624 Psched - ok
03:05:44.0555 2624 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
03:05:44.0633 2624 ql2300 - ok
03:05:45.0429 2624 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
03:05:45.0444 2624 ql40xx - ok
03:05:45.0600 2624 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
03:05:45.0600 2624 QWAVE - ok
03:05:45.0647 2624 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
03:05:45.0647 2624 QWAVEdrv - ok
03:05:45.0678 2624 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
03:05:45.0710 2624 RasAcd - ok
03:05:45.0756 2624 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
03:05:45.0756 2624 RasAgileVpn - ok
03:05:45.0772 2624 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
03:05:45.0772 2624 RasAuto - ok
03:05:45.0803 2624 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
03:05:45.0803 2624 Rasl2tp - ok
03:05:45.0881 2624 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
03:05:45.0881 2624 RasMan - ok
03:05:46.0068 2624 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
03:05:46.0084 2624 RasPppoe - ok
03:05:46.0334 2624 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
03:05:46.0334 2624 RasSstp - ok
03:05:46.0490 2624 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
03:05:46.0490 2624 rdbss - ok
03:05:46.0536 2624 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
03:05:46.0552 2624 rdpbus - ok
03:05:46.0568 2624 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
03:05:46.0568 2624 RDPCDD - ok
03:05:46.0599 2624 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
03:05:46.0599 2624 RDPENCDD - ok
03:05:46.0614 2624 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
03:05:46.0614 2624 RDPREFMP - ok
03:05:46.0833 2624 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
03:05:46.0833 2624 RDPWD - ok
03:05:46.0880 2624 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
03:05:46.0880 2624 rdyboost - ok
03:05:46.0973 2624 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
03:05:46.0973 2624 RemoteAccess - ok
03:05:47.0020 2624 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
03:05:47.0020 2624 RemoteRegistry - ok
03:05:47.0207 2624 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
03:05:47.0223 2624 RoxioNow Service - ok
03:05:47.0254 2624 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
03:05:47.0254 2624 RpcEptMapper - ok
03:05:47.0301 2624 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
03:05:47.0301 2624 RpcLocator - ok
03:05:47.0644 2624 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
03:05:47.0660 2624 RpcSs - ok
03:05:47.0800 2624 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
03:05:47.0800 2624 rspndr - ok
03:05:47.0909 2624 RTL8167 (b15c021c2c9bb217a799d9532e8f04d4) C:\Windows\system32\DRIVERS\Rt64win7.sys
03:05:47.0925 2624 RTL8167 - ok
03:05:47.0940 2624 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
03:05:47.0940 2624 SamSs - ok
03:05:48.0003 2624 SbFw (cdb954c736d51dc5fa712c039af4f683) C:\Windows\system32\drivers\SbFw.sys
03:05:48.0003 2624 SbFw - ok
03:05:48.0018 2624 SBFWIMCL (5de22e3cb6140213da2e0599b08d525c) C:\Windows\system32\DRIVERS\sbfwim.sys
03:05:48.0018 2624 SBFWIMCL - ok
03:05:48.0050 2624 SBFWIMCLMP (5de22e3cb6140213da2e0599b08d525c) C:\Windows\system32\DRIVERS\SBFWIM.sys
03:05:48.0050 2624 SBFWIMCLMP - ok
03:05:48.0065 2624 sbhips (a5bc45f8c2f30350e7566799c86b2f5d) C:\Windows\system32\drivers\sbhips.sys
03:05:48.0065 2624 sbhips - ok
03:05:48.0112 2624 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
03:05:48.0112 2624 sbp2port - ok
03:05:48.0128 2624 SBRE - ok
03:05:48.0174 2624 SbTis (f9955774a6bf0a5ca696f591c7b80a79) C:\Windows\system32\drivers\sbtis.sys
03:05:48.0174 2624 SbTis - ok
03:05:48.0206 2624 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
03:05:48.0206 2624 SCardSvr - ok
03:05:48.0221 2624 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
03:05:48.0221 2624 scfilter - ok
03:05:48.0299 2624 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
03:05:48.0315 2624 Schedule - ok
03:05:48.0330 2624 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
03:05:48.0330 2624 SCPolicySvc - ok
03:05:48.0346 2624 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
03:05:48.0346 2624 SDRSVC - ok
03:05:48.0440 2624 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
03:05:48.0440 2624 SeaPort - ok
03:05:48.0502 2624 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
03:05:48.0502 2624 secdrv - ok
03:05:48.0533 2624 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
03:05:48.0533 2624 seclogon - ok
03:05:48.0549 2624 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
03:05:48.0549 2624 SENS - ok
03:05:48.0564 2624 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
03:05:48.0564 2624 SensrSvc - ok
03:05:48.0596 2624 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
03:05:48.0596 2624 Serenum - ok
03:05:48.0596 2624 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
03:05:48.0611 2624 Serial - ok
03:05:48.0627 2624 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
03:05:48.0627 2624 sermouse - ok
03:05:48.0674 2624 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
03:05:48.0674 2624 SessionEnv - ok
03:05:48.0689 2624 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
03:05:48.0689 2624 sffdisk - ok
03:05:48.0689 2624 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
03:05:48.0689 2624 sffp_mmc - ok
03:05:48.0705 2624 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
03:05:48.0705 2624 sffp_sd - ok
03:05:48.0720 2624 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
03:05:48.0736 2624 sfloppy - ok
03:05:48.0830 2624 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
03:05:48.0845 2624 Sftfs - ok
03:05:48.0923 2624 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
03:05:48.0939 2624 sftlist - ok
03:05:48.0954 2624 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
03:05:48.0954 2624 Sftplay - ok
03:05:48.0970 2624 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
03:05:48.0970 2624 Sftredir - ok
03:05:48.0986 2624 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
03:05:48.0986 2624 Sftvol - ok
03:05:49.0001 2624 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
03:05:49.0001 2624 sftvsa - ok
03:05:49.0064 2624 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
03:05:49.0079 2624 SharedAccess - ok
03:05:49.0110 2624 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
03:05:49.0110 2624 ShellHWDetection - ok
03:05:49.0157 2624 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
03:05:49.0157 2624 SiSRaid2 - ok
03:05:49.0157 2624 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
03:05:49.0173 2624 SiSRaid4 - ok
03:05:49.0235 2624 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
03:05:49.0251 2624 SkypeUpdate - ok
03:05:49.0266 2624 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
03:05:49.0266 2624 Smb - ok
03:05:49.0298 2624 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
03:05:49.0298 2624 SNMPTRAP - ok
03:05:49.0313 2624 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
03:05:49.0313 2624 spldr - ok
03:05:49.0360 2624 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
03:05:49.0360 2624 Spooler - ok
03:05:49.0563 2624 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
03:05:49.0594 2624 sppsvc - ok
03:05:49.0672 2624 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
03:05:49.0672 2624 sppuinotify - ok
03:05:49.0797 2624 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1207010.003\SRTSP64.SYS
03:05:49.0797 2624 SRTSP - ok
03:05:49.0812 2624 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS
03:05:49.0812 2624 SRTSPX - ok
03:05:49.0859 2624 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
03:05:49.0875 2624 srv - ok
03:05:49.0922 2624 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
03:05:49.0922 2624 srv2 - ok
03:05:49.0937 2624 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
03:05:49.0937 2624 srvnet - ok
03:05:50.0000 2624 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
03:05:50.0000 2624 SSDPSRV - ok
03:05:50.0015 2624 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
03:05:50.0015 2624 SstpSvc - ok
03:05:50.0062 2624 Steam Client Service - ok
03:05:50.0156 2624 Stereo Service (8544a200c40447e465f06e58687428bb) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
03:05:50.0171 2624 Stereo Service - ok
03:05:50.0187 2624 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
03:05:50.0187 2624 stexstor - ok
03:05:50.0249 2624 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
03:05:50.0265 2624 stisvc - ok
03:05:50.0296 2624 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
03:05:50.0296 2624 swenum - ok
03:05:50.0358 2624 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
03:05:50.0358 2624 swprv - ok
03:05:50.0436 2624 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS
03:05:50.0436 2624 SymDS - ok
03:05:50.0499 2624 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS
03:05:50.0514 2624 SymEFA - ok
03:05:50.0546 2624 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
03:05:50.0546 2624 SymEvent - ok
03:05:50.0577 2624 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS
03:05:50.0577 2624 SymIRON - ok
03:05:50.0608 2624 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS
03:05:50.0608 2624 SymNetS - ok
03:05:50.0717 2624 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
03:05:50.0733 2624 SysMain - ok
03:05:50.0889 2624 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
03:05:50.0889 2624 TabletInputService - ok
03:05:50.0936 2624 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
03:05:50.0936 2624 TapiSrv - ok
03:05:50.0967 2624 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
03:05:50.0967 2624 TBS - ok
03:05:51.0092 2624 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
03:05:51.0123 2624 Tcpip - ok
03:05:51.0294 2624 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
03:05:51.0310 2624 TCPIP6 - ok
03:05:51.0560 2624 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
03:05:51.0560 2624 tcpipreg - ok
03:05:51.0575 2624 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
03:05:51.0591 2624 TDPIPE - ok
03:05:51.0606 2624 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
03:05:51.0606 2624 TDTCP - ok
03:05:51.0638 2624 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
03:05:51.0638 2624 tdx - ok
03:05:51.0669 2624 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
03:05:51.0669 2624 TermDD - ok
03:05:51.0700 2624 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
03:05:51.0716 2624 TermService - ok
03:05:51.0731 2624 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
03:05:51.0731 2624 Themes - ok
03:05:51.0747 2624 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
03:05:51.0747 2624 THREADORDER - ok
03:05:51.0762 2624 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
03:05:51.0762 2624 TrkWks - ok
03:05:51.0794 2624 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
03:05:51.0794 2624 TrustedInstaller - ok
03:05:51.0825 2624 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
03:05:51.0825 2624 tssecsrv - ok
03:05:51.0872 2624 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
03:05:51.0872 2624 TsUsbFlt - ok
03:05:51.0903 2624 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
03:05:51.0903 2624 tunnel - ok
03:05:51.0918 2624 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
03:05:51.0918 2624 uagp35 - ok
03:05:51.0950 2624 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
03:05:51.0950 2624 udfs - ok
03:05:51.0981 2624 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
03:05:51.0981 2624 UI0Detect - ok
03:05:52.0028 2624 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
03:05:52.0028 2624 uliagpkx - ok
03:05:52.0043 2624 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
03:05:52.0043 2624 umbus - ok
03:05:52.0059 2624 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
03:05:52.0059 2624 UmPass - ok
03:05:52.0090 2624 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
03:05:52.0090 2624 upnphost - ok
03:05:52.0137 2624 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
03:05:52.0137 2624 USBAAPL64 - ok
03:05:52.0152 2624 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
03:05:52.0152 2624 usbccgp - ok
03:05:52.0168 2624 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
03:05:52.0168 2624 usbcir - ok
03:05:52.0168 2624 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
03:05:52.0168 2624 usbehci - ok
03:05:52.0199 2624 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
03:05:52.0199 2624 usbfilter - ok
03:05:52.0246 2624 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
03:05:52.0246 2624 usbhub - ok
03:05:52.0277 2624 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
03:05:52.0277 2624 usbohci - ok
03:05:52.0308 2624 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
03:05:52.0308 2624 usbprint - ok
03:05:52.0355 2624 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
03:05:52.0355 2624 usbscan - ok
03:05:52.0371 2624 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:05:52.0371 2624 USBSTOR - ok
03:05:52.0386 2624 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
03:05:52.0386 2624 usbuhci - ok
03:05:52.0418 2624 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
03:05:52.0418 2624 UxSms - ok
03:05:52.0449 2624 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
03:05:52.0449 2624 VaultSvc - ok
03:05:52.0464 2624 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
03:05:52.0464 2624 vdrvroot - ok
03:05:52.0527 2624 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
03:05:52.0527 2624 vds - ok
03:05:52.0558 2624 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
03:05:52.0558 2624 vga - ok
03:05:52.0574 2624 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
03:05:52.0574 2624 VgaSave - ok
03:05:52.0605 2624 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
03:05:52.0620 2624 vhdmp - ok
03:05:52.0636 2624 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
03:05:52.0636 2624 viaide - ok
03:05:52.0667 2624 VKbms (3b59bb6d10cf969dbe4db93d9ead7fb4) C:\Windows\system32\DRIVERS\VKbms.sys
03:05:52.0667 2624 VKbms - ok
03:05:52.0683 2624 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
03:05:52.0683 2624 volmgr - ok
03:05:52.0761 2624 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
03:05:52.0776 2624 volmgrx - ok
03:05:52.0792 2624 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
03:05:52.0808 2624 volsnap - ok
03:05:52.0886 2624 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
03:05:52.0886 2624 vsmraid - ok
03:05:53.0042 2624 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
03:05:53.0057 2624 VSS - ok
03:05:53.0135 2624 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
03:05:53.0135 2624 vwifibus - ok
03:05:53.0151 2624 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
03:05:53.0151 2624 vwififlt - ok
03:05:53.0182 2624 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
03:05:53.0198 2624 W32Time - ok
03:05:53.0213 2624 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
03:05:53.0213 2624 WacomPen - ok
03:05:53.0260 2624 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
03:05:53.0260 2624 WANARP - ok
03:05:53.0260 2624 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
03:05:53.0260 2624 Wanarpv6 - ok
03:05:53.0338 2624 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
03:05:53.0354 2624 WatAdminSvc - ok
03:05:53.0447 2624 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
03:05:53.0463 2624 wbengine - ok
03:05:53.0556 2624 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
03:05:53.0556 2624 WbioSrvc - ok
03:05:53.0603 2624 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
03:05:53.0603 2624 wcncsvc - ok
03:05:53.0619 2624 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
03:05:53.0619 2624 WcsPlugInService - ok
03:05:53.0634 2624 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
03:05:53.0634 2624 Wd - ok
03:05:53.0681 2624 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
03:05:53.0697 2624 Wdf01000 - ok
03:05:53.0697 2624 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
03:05:53.0712 2624 WdiServiceHost - ok
03:05:53.0712 2624 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
03:05:53.0712 2624 WdiSystemHost - ok
03:05:53.0728 2624 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
03:05:53.0744 2624 WebClient - ok
03:05:53.0759 2624 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
03:05:53.0775 2624 Wecsvc - ok
03:05:53.0790 2624 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
03:05:53.0790 2624 wercplsupport - ok
03:05:53.0822 2624 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
03:05:53.0822 2624 WerSvc - ok
03:05:53.0868 2624 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
03:05:53.0868 2624 WfpLwf - ok
03:05:53.0884 2624 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
03:05:53.0884 2624 WIMMount - ok
03:05:53.0946 2624 WinDefend - ok
03:05:53.0946 2624 WinHttpAutoProxySvc - ok
03:05:53.0993 2624 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
03:05:54.0009 2624 Winmgmt - ok
03:05:54.0134 2624 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
03:05:54.0149 2624 WinRM - ok
03:05:54.0243 2624 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
03:05:54.0243 2624 WinUsb - ok
03:05:54.0305 2624 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
03:05:54.0321 2624 Wlansvc - ok
03:05:54.0461 2624 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:05:54.0492 2624 wlidsvc - ok
03:05:54.0602 2624 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
03:05:54.0602 2624 WmiAcpi - ok
03:05:54.0648 2624 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
03:05:54.0648 2624 wmiApSrv - ok
03:05:54.0680 2624 WMPNetworkSvc - ok
03:05:54.0711 2624 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
03:05:54.0711 2624 WPCSvc - ok
03:05:54.0836 2624 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
03:05:57.0207 2624 WPDBusEnum - ok
03:05:57.0222 2624 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
03:05:57.0222 2624 ws2ifsl - ok
03:05:57.0269 2624 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
03:05:57.0269 2624 wscsvc - ok
03:05:57.0269 2624 WSearch - ok
03:05:57.0410 2624 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
03:05:57.0441 2624 wuauserv - ok
03:05:57.0534 2624 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
03:05:57.0534 2624 WudfPf - ok
03:05:57.0566 2624 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
03:05:57.0566 2624 WUDFRd - ok
03:05:57.0581 2624 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
03:05:57.0597 2624 wudfsvc - ok
03:05:57.0628 2624 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
03:05:57.0628 2624 WwanSvc - ok
03:05:57.0768 2624 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
03:05:57.0768 2624 YahooAUService - ok
03:05:57.0800 2624 MBR (0x1B8) (8b18fb034df713edd23fb362528e4afc) \Device\Harddisk0\DR0
03:05:58.0034 2624 \Device\Harddisk0\DR0 - ok
03:05:58.0034 2624 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk5\DR5
03:05:58.0392 2624 \Device\Harddisk5\DR5 - ok
03:05:58.0408 2624 Boot (0x1200) (5806cfc7808b35e46602cc6a467e3a02) \Device\Harddisk0\DR0\Partition0
03:05:58.0408 2624 \Device\Harddisk0\DR0\Partition0 - ok
03:05:58.0408 2624 Boot (0x1200) (dc2aa9b21cf5b889c4c1632dc9df6914) \Device\Harddisk0\DR0\Partition1
03:05:58.0408 2624 \Device\Harddisk0\DR0\Partition1 - ok
03:05:58.0455 2624 Boot (0x1200) (049c123c77a52c15d3d8504467839b69) \Device\Harddisk0\DR0\Partition2
03:05:58.0455 2624 \Device\Harddisk0\DR0\Partition2 - ok
03:05:58.0455 2624 Boot (0x1200) (015eb4f9d28b0fe7d85ac174d7874b20) \Device\Harddisk5\DR5\Partition0
03:05:58.0455 2624 \Device\Harddisk5\DR5\Partition0 - ok
03:05:58.0455 2624 ============================================================
03:05:58.0455 2624 Scan finished
03:05:58.0455 2624 ============================================================
03:05:58.0470 5400 Detected object count: 0
03:05:58.0470 5400 Actual detected object count: 0

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:55 AM

Posted 12 May 2012 - 03:53 AM

that looks good let me have the aswmbr report when complete


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 CALVIN1693

CALVIN1693
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 12 May 2012 - 08:30 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-12 03:17:17
-----------------------------
03:17:17.723 OS Version: Windows x64 6.1.7601 Service Pack 1
03:17:17.723 Number of processors: 4 586 0xA00
03:17:17.723 ComputerName: OWNER-HP UserName: Owner
03:17:21.857 Initialze error C000010E - driver not loaded
03:17:25.819 AVAST engine defs: 12051101
03:17:31.809 Service scanning
03:17:55.553 Modules scanning
03:17:55.553 Disk 0 trace - called modules:
03:17:55.553
03:17:59.780 AVAST engine scan C:\Windows
03:18:07.924 AVAST engine scan C:\Windows\system32
03:20:07.732 AVAST engine scan C:\Windows\system32\drivers
03:20:20.758 AVAST engine scan C:\Users\Owner
03:29:29.816 AVAST engine scan C:\ProgramData
03:32:19.732 Scan finished successfully
08:30:30.844 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:55 AM

Posted 12 May 2012 - 09:30 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\users\Owner\AppData\Roaming\SpeedyPC Software
c:\users\Owner\AppData\Roaming\DriverCure
c:\program files (x86)\Common Files\SpeedyPC Software
c:\programdata\SpeedyPC Software
c:\program files (x86)\SpeedyPC Software
c:\program files (x86)\BabylonToolbar
c:\program files (x86)\Vuze_Remote
c:\program files (x86)\ConduitEngine

File::
C:\user.js
c:\windows\system32\drivers\cydlbrdn.sys
c:\windows\system32\drivers\kbcihlpa.sys


FireFox::
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\604ddafg.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=108988&babsrc=HP_ss&mntrId=147f53a10000000000002c27d71a9a9f
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=108988&babsrc=KW_ss&mntrId=147f53a10000000000002c27d71a9a9f&q=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=108988
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 147f53a10000000000002c27d71a9a9f
FF - user.js: extensions.BabylonToolbar_i.hardId - 147f53a10000000000002c27d71a9a9f
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15461
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1713:16
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

Edited by gringo_pr, 12 May 2012 - 09:42 PM.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 CALVIN1693

CALVIN1693
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 14 May 2012 - 10:12 PM

ComboFix 12-05-14.02 - Owner 05/14/2012 8:00.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.4524 [GMT -5:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
Command switches used :: c:\users\Owner\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"C:\user.js"
"c:\windows\system32\drivers\cydlbrdn.sys"
"c:\windows\system32\drivers\kbcihlpa.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BabylonToolbar
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll
c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
c:\program files (x86)\Common Files\SpeedyPC Software
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\close.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\close_md.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\close_mo.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\close_pu.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\close_pu_md.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\close_pu_mo.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\Logo.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\min.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\min_md.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\min_mo.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\Images\topbar_gradient.png
c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\settings.xml
c:\program files (x86)\ConduitEngine
c:\program files (x86)\ConduitEngine\appContextMenu.xml
c:\program files (x86)\ConduitEngine\ConduitEngine.dll
c:\program files (x86)\ConduitEngine\ConduitEngineHelper.exe
c:\program files (x86)\ConduitEngine\ConduitEngineUninstall.exe
c:\program files (x86)\ConduitEngine\engineContextMenu.xml
c:\program files (x86)\ConduitEngine\EngineSettings.json
c:\program files (x86)\ConduitEngine\INSTALL.LOG
c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
c:\program files (x86)\ConduitEngine\toolbar.cfg
c:\program files (x86)\SpeedyPC Software
c:\program files (x86)\SpeedyPC Software\SpeedyPC\colors.xml
c:\program files (x86)\SpeedyPC Software\SpeedyPC\CommonLoggingExtension.pxt
c:\program files (x86)\SpeedyPC Software\SpeedyPC\CommonSpecialist.pxt
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\0_days.htm
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\1_days.htm
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\15_days.htm
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\2_days.htm
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\30_days.htm
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\5_days.htm
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\container_content_bkimg.gif
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\container_content_leftimg.gif
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\container_content_rightimg.gif
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\error_connect.html
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\10x10.gif
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\10x10tile.gif
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\contentwrapper.gif
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\error_internet.jpg
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\footerbarfill.gif
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\info_bubble.jpg
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\pcha_background.jpg
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\tile_footerbarbase.jpg
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\tile_subheadbarbase.jpg
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\images\tile_titlebarbase.jpg
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\main.css
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\main_error.css
c:\program files (x86)\SpeedyPC Software\SpeedyPC\HTML\package_titlebar_bkimg.jpg
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Audio\cancel.wav
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Audio\complete.wav
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\btn.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\btn_over.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_bho.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_defrag.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_file.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_generalsettings.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_ignore.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_junk.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_privacy.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_process.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_registry.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_schedule.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\button_startup.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\register.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\register_over.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\register_over_small.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\register_small.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\renew.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\renew_over.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\settings_button.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\settings_button_over.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\start.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\buttons\start_over.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\defrag\c_empty.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\defrag\c_frag.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\defrag\c_unfrag.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\defrag\c_unknown.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\defrag\c_unmove.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\bottom_logo.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\close.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\dlg_title.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\logo.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\max.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\min.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\register.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\register_close.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\register_close_over.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\register_over.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\renew.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\renew_over.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\restore.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\tab_bg.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\tabactive_bg.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\tabover_bg.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\tfn_bg.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\tfn_logo.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\title_bar.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Frame\upper_divider.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\general\collapse.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\general\delete.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\general\expand.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\general\progress_glow.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\bho.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\dup_audio.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\dup_doc.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\dup_image.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\dup_other.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\dup_video.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\ig_drivers.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\ig_proc.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\ig_reg.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\junk.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\priv_3rd.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\priv_browser.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\priv_email.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\priv_fs.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\priv_im.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\priv_multi.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\priv_office.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\priv_other.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\priv_windows.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_apppath.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_com.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_dll.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_empty.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_extensions.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_filepath.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_font.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_help.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_shortcut.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_startup.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\reg_uninstall.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\group\startup.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_about.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_bho.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_clean.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_defrag.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_file.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_junk.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_junk_settings.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_performance.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_privacy.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_process.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_registry.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_restore.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_settings.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_startup.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\header_tools.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\settings_general.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\settings_ignore.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\settings_privacy.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\settings_registry.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\headers\settings_schedule.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Icons\info.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Icons\warning.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\other.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\process\bho.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\process\process.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\process\startup.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_malware16.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_malware24.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_malware32.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_system16.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_system24.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_system32.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_unknown16.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_unknown24.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_unknown32.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_unwanted16.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_unwanted24.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_unwanted32.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_userapp16.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_userapp24.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\list\recommendations\rec_userapp32.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\animation\01.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\animation\02.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\animation\03.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\animation\04.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\animation\05.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\animation\06.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\animation\07.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\animation\08.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\animation\09.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\check.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\damage1.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\damage2.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\damage3.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\damage4.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\damage5.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\damage6.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\error.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\error_large.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\Fix.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\Fix_over.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\junk.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\malware.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\md5.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\privacy.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\process-animation.gif
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_h.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_h_scan.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_l.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_l_scan.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_m.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_m_scan.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_mh.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_mh_scan.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_ml.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\rating_ml_scan.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\registry.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\security_high.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\security_low.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Scan\warning.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Tabs\overview.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Tabs\restore.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Tabs\scan.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Tabs\settings.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Images\Tabs\tools.png
c:\program files (x86)\SpeedyPC Software\SpeedyPC\LogSettings.xml
c:\program files (x86)\SpeedyPC Software\SpeedyPC\privacy.db
c:\program files (x86)\SpeedyPC Software\SpeedyPC\RegHookSpecialist.pxt
c:\program files (x86)\SpeedyPC Software\SpeedyPC\settings.xml
c:\program files (x86)\SpeedyPC Software\SpeedyPC\tfn.xml
c:\program files (x86)\SpeedyPC Software\SpeedyPC\UNS.xml
c:\program files (x86)\SpeedyPC Software\SpeedyPC\Utility.pxt
c:\program files (x86)\SpeedyPC Software\SpeedyPC\whitelist.dat
c:\program files (x86)\Vuze_Remote
c:\program files (x86)\Vuze_Remote\GottenAppsContextMenu.xml
c:\program files (x86)\Vuze_Remote\OtherAppsContextMenu.xml
c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
c:\program files (x86)\Vuze_Remote\SharedAppsContextMenu.xml
c:\program files (x86)\Vuze_Remote\tbVuze.dll
c:\program files (x86)\Vuze_Remote\toolbar.cfg
c:\program files (x86)\Vuze_Remote\ToolbarContextMenu.xml
c:\program files (x86)\Vuze_Remote\uninstall.exe
c:\program files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe
c:\programdata\SpeedyPC Software
c:\programdata\SpeedyPC Software\SpeedyPC Pro\dc_db.db
c:\programdata\SpeedyPC Software\UUS3\Master.xml
c:\programdata\SpeedyPC Software\UUS3\Patch.xml
c:\programdata\SpeedyPC Software\UUS3\SpeedyPC\Database.xml
c:\programdata\SpeedyPC Software\UUS3\SpeedyPC\Master.xml
c:\programdata\SpeedyPC Software\UUS3\SpeedyPC\Patch.xml
c:\programdata\SpeedyPC Software\UUS3\SpeedyPC\Update.xml
c:\programdata\SpeedyPC Software\UUS3\Update.xml
C:\user.js
c:\users\Owner\AppData\Roaming\DriverCure
c:\users\Owner\AppData\Roaming\DriverCure\LogFile.txt
c:\users\Owner\AppData\Roaming\SpeedyPC Software
c:\windows\system32\drivers\cydlbrdn.sys
c:\windows\system32\drivers\kbcihlpa.sys
.
.
((((((((((((((((((((((((( Files Created from 2012-04-14 to 2012-05-14 )))))))))))))))))))))))))))))))
.
.
2012-05-14 13:16 . 2012-05-14 13:16 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DECECB55-7018-4ADD-9261-8C42D9E2AD57}\offreg.dll
2012-05-14 13:14 . 2012-05-14 13:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-05-14 13:14 . 2012-05-14 13:14 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2012-05-14 13:14 . 2012-05-14 13:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-14 02:10 . 2012-04-13 06:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DECECB55-7018-4ADD-9261-8C42D9E2AD57}\mpengine.dll
2012-05-12 13:41 . 2012-04-13 06:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-12 00:46 . 2012-05-12 00:47 -------- d-----w- C:\FRST
2012-05-11 22:40 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-11 22:40 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-11 22:39 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 22:39 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 22:39 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 22:39 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-11 22:39 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-11 22:38 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-11 22:38 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-11 22:38 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 22:38 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-11 22:38 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-11 22:38 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 05:59 . 2012-05-11 05:57 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6EEBAEA7-2455-42EF-AB7B-5B15AC93C432}\gapaengine.dll
2012-05-09 03:31 . 2012-05-09 03:31 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-05-09 03:31 . 2012-05-09 03:31 -------- d-----w- c:\programdata\Malwarebytes
2012-05-09 03:31 . 2012-05-11 07:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-08 23:32 . 2012-05-08 23:32 -------- d-----w- c:\users\Owner\AppData\Roaming\FixTDSS
2012-05-08 13:50 . 2012-05-08 23:26 -------- d-----w- c:\users\Owner\AppData\Local\NPE
2012-05-05 15:07 . 2012-05-05 17:18 -------- d-----w- c:\users\Owner\AppData\Roaming\Ad-Aware Antivirus
2012-05-05 15:07 . 2012-05-05 15:07 -------- d-----w- c:\programdata\Lavasoft
2012-05-05 00:10 . 2012-05-05 00:10 -------- d-----w- c:\users\Owner\AppData\Roaming\Tific
2012-05-05 00:10 . 2012-05-05 00:10 -------- d-----w- c:\users\Owner\AppData\Local\Symantec
2012-05-05 00:01 . 2012-05-05 18:11 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-05-05 00:01 . 2012-05-05 18:11 -------- d-----w- c:\program files\Microsoft Security Client
2012-05-02 01:24 . 2011-04-05 22:35 60504 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-05-02 01:24 . 2011-04-05 22:35 94296 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-05-02 01:23 . 2011-02-08 14:14 84568 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-05-02 01:23 . 2012-05-05 17:18 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2012-05-02 01:23 . 2011-04-05 22:35 253528 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-05-02 01:23 . 2012-05-12 01:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-05-02 01:23 . 2012-05-02 01:24 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-05-02 01:23 . 2012-05-02 01:23 -------- d-----w- c:\users\Owner\AppData\Local\adawarebp
2012-05-02 01:23 . 2012-05-02 01:23 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2012-05-01 19:43 . 2012-05-01 19:43 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-01 19:43 . 2012-05-01 19:43 -------- d-----w- c:\windows\system32\Macromed
2012-05-01 08:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-05-01 08:00 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-05-01 08:00 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-05-01 08:00 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-05-01 08:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-05-01 08:00 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-05-01 08:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-05-01 02:57 . 2012-05-11 08:54 -------- d-----w- c:\programdata\Recovery
2012-04-30 23:23 . 2012-05-01 03:02 -------- d-----w- c:\users\TEMP\AppData\Local\WinZip
2012-04-30 23:12 . 2012-04-30 23:12 -------- d-----we c:\windows\system64
2012-04-22 06:17 . 2012-04-22 06:17 -------- d-----w- c:\users\TEMP\AppData\Local\icall
2012-04-22 06:15 . 2012-05-01 03:02 -------- d-----w- c:\users\TEMP\AppData\Roaming\Skype
2012-04-19 17:36 . 2012-04-19 17:36 -------- d-----w- c:\users\TEMP\AppData\Local\SoftGrid Client
2012-04-19 17:36 . 2012-04-30 23:53 -------- d-----w- c:\users\TEMP\AppData\Roaming\SoftGrid Client
2012-04-16 02:28 . 2012-04-16 02:28 -------- d-----w- c:\users\TEMP\AppData\Roaming\Hewlett-Packard
2012-04-16 01:57 . 2012-04-30 01:58 -------- d-----w- c:\users\TEMP\AppData\Roaming\HP Support Assistant
2012-04-16 01:56 . 2012-04-30 01:58 -------- d-----w- c:\users\TEMP\AppData\Roaming\HpUpdate
2012-04-16 01:56 . 2012-04-16 01:56 -------- d-----w- c:\users\TEMP\AppData\Local\Hewlett-Packard
2012-04-15 04:59 . 2012-04-24 05:12 -------- d-----w- c:\users\TEMP\AppData\Local\CrashDumps
2012-04-14 20:36 . 2012-04-14 20:36 -------- d-----w- c:\users\TEMP\AppData\Local\Mozilla
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-01 19:43 . 2011-06-17 19:37 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-22 04:30 . 2011-10-31 00:20 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-03-22 04:30 . 2011-10-30 22:12 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-03-22 04:29 . 2011-10-30 22:12 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-03-21 01:44 . 2012-03-21 01:44 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 01:44 . 2012-03-21 01:44 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-03 06:22 . 2011-10-30 22:12 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-02-17 06:38 . 2012-03-15 23:20 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-15 23:20 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-15 23:20 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-15 23:20 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-12_01.45.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-05-14 13:14 . 2012-05-14 13:14 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-05-12 01:27 . 2012-05-12 01:27 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2011-06-11 12:16 . 2012-05-14 12:55 49002 c:\windows\system64\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2011-06-14 08:22 . 2012-05-14 12:50 10948 c:\windows\system64\wdi\ERCQueuedResolutions.dat
+ 2009-07-14 05:10 . 2012-05-14 12:55 35802 c:\windows\system64\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-05-11 22:39 . 2012-03-17 07:58 75120 c:\windows\system64\drivers\partmgr.sys
+ 2011-06-11 14:12 . 2012-05-14 12:54 16384 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-06-11 14:12 . 2012-05-11 08:31 16384 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-06-11 14:12 . 2012-05-14 12:54 32768 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-06-11 14:12 . 2012-05-11 08:31 32768 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-11 08:31 16384 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-14 12:54 16384 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-11 12:16 . 2012-05-14 12:55 49002 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2011-06-14 08:22 . 2012-05-14 12:50 10948 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2009-07-14 05:10 . 2012-05-14 12:55 35802 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-06-11 14:12 . 2012-05-14 12:54 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-06-11 14:12 . 2012-05-11 08:31 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-06-11 14:12 . 2012-05-11 08:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-06-11 14:12 . 2012-05-14 12:54 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-11 08:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-14 12:54 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-06-11 12:25 . 2012-05-12 01:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-06-11 12:25 . 2012-05-14 13:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-05-14 12:57 91680 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-06-11 12:25 . 2012-05-14 13:19 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-06-11 12:25 . 2012-05-12 01:31 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-06-11 12:25 . 2012-05-12 01:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-11 12:25 . 2012-05-14 13:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-12 00:06 . 2012-05-14 13:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-06-12 00:06 . 2012-05-12 01:31 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-06-12 00:06 . 2012-05-12 01:31 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-12 00:06 . 2012-05-14 13:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-11-22 04:57 . 2011-11-22 04:57 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
+ 2011-12-15 19:01 . 2011-12-15 19:01 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
- 2011-11-22 03:31 . 2011-11-22 03:31 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-03-13 08:02 . 2012-03-13 08:02 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-05-12 08:07 . 2012-05-12 08:07 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-03-18 18:18 . 2012-02-16 09:03 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-03-18 18:18 . 2012-05-12 08:01 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\054fce9466c6cef615b2f7cc9ff4e7f8\System.Windows.Presentation.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\ff78ec1b5bf38a8fb74c2d4f41bb308a\System.Web.ApplicationServices.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\e144d0028365c62178eb0662911ac910\System.AddIn.Contract.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\93295f3771dc9e5be2d49d5f5d76a7a6\Microsoft.VisualC.ni.dll
+ 2012-05-12 08:24 . 2012-05-12 08:24 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\5ea625ce2d6c08687f70cb81a003a28b\dfsvc.ni.exe
+ 2012-05-12 08:24 . 2012-05-12 08:24 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\061cbee19075e086d675a9e1f65725d7\Accessibility.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\f3a9c6e87bfa4bab3689ec1cdb56964f\System.Windows.Presentation.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\9b418f37f4594806e1f4b0ed6d083a95\System.Web.ApplicationServices.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\59be5fb54e018032511415f0b0523ee3\System.AddIn.Contract.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\fb4bc14964a1d415bdbe55b62ce73a52\System.Windows.Presentation.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\7a827b959d4714667a8b7ab0d2fa844b\System.Web.DynamicData.Design.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\78f495970511b726a0ca7b8119360e25\PresentationFontCache.ni.exe
+ 2012-05-14 12:56 . 2012-05-14 12:56 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\1a359e9b908a2565c546a8ca04b241c2\PresentationCFFRasterizer.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\9d57c4bbbc0b3243046fc7839da71b00\Microsoft.WSMan.Runtime.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\d6578432220dbabf2b15027681327bf8\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
- 2012-05-11 08:42 . 2012-05-11 08:42 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\66deb65a87750efddf62d1e0c0655352\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\66deb65a87750efddf62d1e0c0655352\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4b6402dc918e41b8de8c501f29833d91\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
- 2012-05-11 08:42 . 2012-05-11 08:42 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\28545d2b6a0aaef4aa168f9808603bc5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\28545d2b6a0aaef4aa168f9808603bc5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\1d8a17a2c1416a8ad4d6ad2a28b4c5fd\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
- 2012-05-11 08:42 . 2012-05-11 08:42 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0abc7256549c204f39af7dcc52c9e5d5\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0abc7256549c204f39af7dcc52c9e5d5\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-05-14 12:55 . 2012-05-14 12:55 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\3c3a6cce983114e7406e0a6e6116ecd8\Microsoft.VisualC.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6ab0575bf49b60fd4b697d47e1754072\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\1569a004b1f41193818e3b3777f2c73d\LoadMxf.ni.exe
+ 2012-05-14 13:10 . 2012-05-14 13:10 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\3ee98e8b2084e27d65953bbd7e362bf8\ehiUPnP.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\1cd9f92749d29b9fd61fcb1c4ae84294\ehiTVMSMusic.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\0811f67973c32efb2bfad62a4a2592b5\dfsvc.ni.exe
+ 2012-05-14 12:56 . 2012-05-14 12:56 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\ae9311dcb0e713330a2a86b04cf361dc\Accessibility.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\6b76f1794d51288a232bbfe7a3309890\WindowsLiveWriter.ni.exe
+ 2012-05-14 13:07 . 2012-05-14 13:07 81408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\20225dde0701a809f23364e1c3492449\WindowsLive.Writer.Passport.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\66d750f3f8dde0cc865f921497ab3545\System.Windows.Presentation.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2d750978368543e975665a7eec11015b\System.Web.DynamicData.Design.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\543b0e12423bcec010bdd2ac27c5dc04\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f34410ab8e82063735d876533db26c49\System.AddIn.Contract.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\d24744f15243e28ea541a459ff7ff5d5\PresentationFontCache.ni.exe
+ 2012-05-14 13:00 . 2012-05-14 13:00 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5a9d0ff936810991cedd098fe006a9be\PresentationCFFRasterizer.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\87a30ba337ed55d0905f19742e2985bc\napcrypt.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\9f2e8e0df9ff39ad21088f1d66cfadb1\Microsoft.WSMan.Runtime.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d797123d55bb7b823120d0a7ffbbc2a7\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb8ad29814d9e5589bd400d38e7a0b10\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb42a0f25b7608b2675080081b03f6e5\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\c6e9143be5afb36345875d56b61c444f\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\91767cf3facefe10e00734c815e925ad\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\66cd99d2f576cde047074e98bd5e1848\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\4308e1bdc640e1c3f1ea966e84e48900\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\06fcf2fbbe38d9425fc49d935498ec93\Microsoft.Vsa.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\55c57057dc81a5e8c5bde3a230f0bcb9\Microsoft.VisualC.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e3ef400b1f37e4d3b79a42a8a602ea02\Microsoft.Build.Framework.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\2095344bf8c40f8baa94ba53a993fb4c\Microsoft.Build.Framework.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\dc93539af5a961641a26ada75f730136\ehiUserXp.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\53d03b0e238c77cf7e5ac88e02aecd2c\dfsvc.ni.exe
+ 2012-05-14 13:00 . 2012-05-14 13:00 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
+ 2012-05-03 04:16 . 2012-05-14 02:09 2054 c:\windows\system64\wdi\{88d4896f-f553-446a-9c75-9dec124ff8b7}.bin
+ 2011-06-12 00:14 . 2012-05-14 12:55 9172 c:\windows\system64\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-326516807-3596904739-1954027703-1000_UserData.bin
+ 2012-05-03 04:16 . 2012-05-14 02:09 2054 c:\windows\system32\wdi\{88d4896f-f553-446a-9c75-9dec124ff8b7}.bin
+ 2011-06-12 00:14 . 2012-05-14 12:55 9172 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-326516807-3596904739-1954027703-1000_UserData.bin
+ 2012-05-14 12:57 . 2012-05-14 12:57 6712 c:\windows\SoftwareDistribution\EventCache\{BCABE8D7-4CE7-4B0F-A03E-1F83B360B4C6}.bin
+ 2012-05-14 13:16 . 2012-05-14 13:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-05-12 01:28 . 2012-05-12 01:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-05-12 01:28 . 2012-05-12 01:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-14 13:16 . 2012-05-14 13:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-12 08:32 . 2012-05-12 08:32 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fd866b4158c3bd2a26c875f2896c5573\dfsvc.ni.exe
- 2009-07-14 04:54 . 2012-05-12 01:29 196608 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-05-14 13:16 196608 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-05-14 13:16 655360 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-12 01:29 655360 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-13 05:59 . 2012-05-14 12:49 287678 c:\windows\system64\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2009-07-14 02:36 . 2012-05-12 08:07 626486 c:\windows\system64\perfh009.dat
+ 2009-07-14 02:36 . 2012-05-12 08:07 107504 c:\windows\system64\perfc009.dat
+ 2009-07-14 04:45 . 2012-05-14 12:53 303856 c:\windows\system64\FNTCACHE.DAT
- 2009-07-14 04:45 . 2012-03-16 08:21 303856 c:\windows\system64\FNTCACHE.DAT
+ 2011-06-13 05:59 . 2012-05-14 12:49 287678 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2009-07-14 02:36 . 2012-05-12 08:07 626486 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-05-12 08:07 107504 c:\windows\system32\perfc009.dat
+ 2009-07-14 04:45 . 2012-05-14 12:53 303856 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2012-03-16 08:21 303856 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:01 . 2012-05-12 01:27 281856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-05-14 13:14 281856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-15 19:01 . 2011-12-15 19:01 226600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 156440 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.AddIn.dll
+ 2011-12-15 19:01 . 2011-12-15 19:01 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
- 2011-11-22 04:57 . 2011-11-22 04:57 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2012-05-11 22:39 . 2012-02-10 23:29 172320 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationHostDLL.dll
+ 2012-05-11 22:39 . 2012-01-04 03:34 486144 c:\windows\Microsoft.NET\Framework64\v2.0.50727\SOS.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 182056 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 156440 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
- 2011-11-22 03:31 . 2011-11-22 03:31 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2011-11-22 03:31 . 2011-11-22 03:31 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 386824 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2012-05-11 22:39 . 2012-02-10 23:31 131360 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2012-05-11 22:39 . 2012-01-04 02:51 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2012-05-11 22:39 . 2012-01-04 02:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2012-05-11 22:39 . 2012-01-04 02:50 996624 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-05-12 08:07 . 2012-05-12 08:07 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-05-12 08:07 . 2012-05-12 08:07 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 181096 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_X86.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 225640 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_AMD64.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\342472450a587d22afebf6e7ecbbca5c\WindowsFormsIntegration.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\fb43d84bc59b21e8a7f3e36d616eea90\UIAutomationTypes.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\26f12a0a3baed2a227cf30aaeae03913\UIAutomationProvider.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\1c3c298326e9ac14796516ac1da09a16\UIAutomationClient.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\307eea660f877dc40ae90882ce554757\System.Xml.Linq.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\b4afa252d0f0e27b0b5e8fcb2cc5b3a7\System.Windows.Input.Manipulations.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\8c0ee7b970cc4e8c2986c7898af71661\System.Transactions.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\f67f5d2f51eecc45b68bf86d65a1624d\System.ServiceProcess.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\eb4fb369926faaffede7aaf317fd6532\System.ServiceModel.Channels.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e5ab3c37897bb578bdbfe6b7e0558ad8\System.ServiceModel.Routing.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\e48b6a8c491a96d1bc601795532af605\System.Security.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\21d5b44ef01ccfa69e79674a51707de0\System.Runtime.Remoting.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\5f2bfb0585061dc256ee9587d430959f\System.Numerics.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\6996a415485a84fef2d2556b0462336f\System.Net.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\6e886c2e732ff69ae9eb1dc121b767d8\System.Messaging.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\92d266f677605e5475b7f39c063c4a9d\System.Management.Instrumentation.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\07a0e1efc063042be3e8faf62b413a12\System.IO.Log.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\7fd39b9a208214e6e5eba4e9396409f1\System.IdentityModel.Selectors.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.Wrapper.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\521f5bccf74318a4777597b0c01fda1e\System.Dynamic.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\6a8bd7d373c988a585e90bb61c5ec8cc\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\78dd02d104bb15bc3820c06bd2876239\System.Device.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\97d1aaf3733b107ecdbecb9d21050ff4\System.Data.DataSetExtensions.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c3d7a7ff58ff502887d8f1b77e61adbc\System.Configuration.Install.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\a4f91f2dfd1656ef2e42917963f6bf50\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 871936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\b1c67ee2e0e6e78c31985069fbc82596\System.AddIn.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\c69fb0f955adc7ca80cd5f2fd730edea\System.Activities.DurableInstancing.ni.dll
+ 2012-05-12 08:24 . 2012-05-12 08:24 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\11fc863fa4f5092fca4f2ce25a9ac361\SMSvcHost.ni.exe
+ 2012-05-12 08:26 . 2012-05-12 08:26 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\50e8e826488639e549589ba34666933e\SMDiagnostics.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\722c0236432dd5ccc047481d3ebbd49e\PresentationFramework.Royale.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\6739c3715c9e38dbdfbfd57b424a3094\PresentationFramework.Aero.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\3e7359f5f0fb68565314f88f6ec2d67a\PresentationFramework.Luna.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\263748f3d18955b9e467710da1e8546f\PresentationFramework.Classic.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 289280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\74f2dff7290b51ec53e8d0ab537bf9dd\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\6480551111832c83ee88bcf756a72533\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-12 08:24 . 2012-05-12 08:24 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\0e81a3996f7cbff23fc01bea4185a918\CustomMarshalers.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c44ac264fef2a914248caa88a55d0c88\WindowsFormsIntegration.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\7a9f70fa774076a7ec19bc03e7064d0d\UIAutomationClient.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\c477bbff1e4662263255a1bf17bd9c2a\System.Windows.Input.Manipulations.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d96e221bdd83feea8740868125d7bf65\System.ServiceProcess.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd25ddcfa0417d40e3f1385e30abcd6f\System.Net.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\60f64e6d09e2c943944eded90b0514ad\System.Messaging.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\08397796343d5730a29f42e61c7f6ee7\System.Management.Instrumentation.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\ff1250d2409bd16283c423650d6fd3f6\System.IO.Log.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\e60675d3ba7fa94924489dc8466ebff5\System.IdentityModel.Selectors.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a9b1e597aaa263dea2cf8754440bd271\System.Dynamic.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e41e86da56bb60523251e0e08210a77b\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\94d45f7f28d81304d7fa83bcea849141\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4c50d8a951546d6dffdc8bcb23f47a7b\System.Device.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\7803f4398a527a87d5cace8023e93e8b\System.Data.DataSetExtensions.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\977c7c2badf6a9059ba8371a0f645fc8\System.Configuration.Install.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\877ef74350e6d374ca8f80b489a8cc8e\System.ComponentModel.Composition.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4330e93f9d0ef85f1a972e11c2ac5156\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 624128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0c67d9fc14856eb7d8b4e405aef79960\System.AddIn.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2b046f2d5f056b906d7b25b75ca23575\System.Activities.DurableInstancing.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\4847f66153121ec4ed532909f7c152be\SMSvcHost.ni.exe
+ 2012-05-12 08:31 . 2012-05-12 08:31 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ef6e3eb351fe12a5766be7c956c35d95\PresentationFramework.Classic.ni.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e49a124fdad0f1db135f03a49f18fb48\PresentationFramework.Royale.ni.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\141f0a8fbfb83604fa3dd43dbe8fa0f4\PresentationFramework.Luna.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\928ee3e798400934eb317c9b757ec52f\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\01c5ff7a1ea0463414736df5d449e0a9\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\ad7f43afb4f124acae4d503b40f591c1\WsatConfig.ni.exe
+ 2012-05-14 13:13 . 2012-05-14 13:13 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\01024669037c9183ddd64f15587f13de\WindowsFormsIntegration.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\bf634b0e2e28466c6ed6ae1eb602b09f\UIAutomationTypes.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\1ff8fb81d6f045f1dc6f50be95444292\UIAutomationProvider.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\1f36e020c3563e0ff414f13138e238e1\UIAutomationClient.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\d379960868e3ddf480e7cc8ef9bb5f16\TaskScheduler.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\de45d043775d8c805f6feca40d7a9ed2\System.Xml.Linq.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\d874c46671cd9abbf6a50771f0b9aa22\System.Web.Routing.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\76662ce36d2141e45513e64386073cc2\System.Web.RegularExpressions.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\7eff5db996d018d9073fa13194b834a6\System.Web.Entity.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\7efce2e6c76c9196cf654509f8ea0f64\System.Web.Entity.Design.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\4b28ba3615efb798884aeda107a19b8f\System.Web.DynamicData.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\8f989a07704d0266b9c3c94e77f6628d\System.Web.Abstractions.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ec95ad2463c5588fc8ef552b3f375ee6\System.Transactions.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\b2a7ad3a53b49e59be5b149d0f74b721\System.ServiceProcess.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\1875b50d0228f29aef00bed38ab594d6\System.Security.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\3b3581851a728bef36f319e9d4c72499\System.Net.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\43ec89b6e70b73d9757fc56abf89853e\System.Messaging.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\599954438a668c94dd38e8e7e506ac2a\System.Management.Instrumentation.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\fd51741bfd973ad507bbd141e98932f8\System.IO.Log.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\ef6abe121bb11bff2514bfdfb7e76b7a\System.IdentityModel.Selectors.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.Wrapper.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\94b0e6884a07226992608b41b71acc01\System.Drawing.Design.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\4bb1134d9b166434327385ddf3c5dd54\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\7c4ce1b8a2f83ef29aa6d5f126ab5b71\System.Data.Services.Design.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\19d1414f1ca718ce4d0c07e7305b3450\System.Data.DataSetExtensions.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\4aebed13b5309398cd809454cafe472f\System.Configuration.Install.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\9536bb262c4f1ea389d287ab669767d4\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 890880 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\84262138e2e9f34c88fd282caa82baa5\System.AddIn.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\176899be7b920fb20408ff49e636a776\System.AddIn.Contract.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\ee0608cd62dfb37016016884fc39e425\sysglobl.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\9fa1abf006689e262527ae50d452e97e\SMSvcHost.ni.exe
+ 2012-05-14 13:10 . 2012-05-14 13:10 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\2eac9c598de3341eba5c16787c74f220\SMDiagnostics.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\89de197bdde5984658045ade41c2c9b9\PresentationFramework.Classic.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\7ffb91db770d0b09921f623bc5d68b4f\PresentationFramework.Luna.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4f3567165e2a444fc9a62980c4d0ea82\PresentationFramework.Aero.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\205bb33cef9ae6b906ceadd6f2861c86\PresentationFramework.Royale.ni.dll
- 2012-05-11 08:42 . 2012-05-11 08:42 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\e6e34a15fae8dcd263837c44f0544775\napsnap.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\e6e34a15fae8dcd263837c44f0544775\napsnap.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\64b16629f316cac01ef383527b6f1700\napinit.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\5f0ae15f9d1cade37fbfaacff7e64bff\naphlpr.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\5346ceca518baf5e5fa3fed9f900f792\napcrypt.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\8f792883d0adad8c7beccf24aed65817\MSBuild.ni.exe
+ 2012-05-14 13:11 . 2012-05-14 13:11 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\fa8a9b4cb71f4c953f7d53de85e3d3cf\MMCFxCommon.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\b78beede8a3c9720095dde4a4a162acc\Microsoft.WSMan.Management.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\83222514e209f186ad3a1c3794168bfd\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
- 2012-05-11 08:42 . 2012-05-11 08:42 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\83222514e209f186ad3a1c3794168bfd\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\a843956bb452503139683304de4cc8f6\Microsoft.Vsa.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\c56d6513e4b239b1b1dbe29b0588321a\Microsoft.Transactions.Bridge.Dtc.ni.dll
- 2012-05-11 08:42 . 2012-05-11 08:42 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\c56d6513e4b239b1b1dbe29b0588321a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\fb0d102ca78bd05fe7064b9e6be30fc7\Microsoft.PowerShell.ConsoleHost.ni.dll
- 2012-05-11 08:42 . 2012-05-11 08:42 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\fb0d102ca78bd05fe7064b9e6be30fc7\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b21fa6ff448b99a97319e18c166c03e2\Microsoft.PowerShell.Security.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6c3fe42a14ac5b48ebd43be290973d24\Microsoft.PowerShell.GraphicalHost.ni.dll
- 2012-05-11 08:42 . 2012-05-11 08:42 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6c3fe42a14ac5b48ebd43be290973d24\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\2572e94f9d0b412cdc529c8d74fdb689\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f04ccbbf5199d2b264f1b1175be44686\Microsoft.MediaCenter.Mheg.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f015188310f7613f819fcf032f98705a\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e3746bf344cd668d2ad4e1d697f025ff\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\76e14a8d184f1722f80bc6a72513874d\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6dbd502a13b5e3caae0b1f2b4847612f\Microsoft.MediaCenter.Playback.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\514667153fd74307d21e7f50b79858c9\Microsoft.MediaCenter.Interop.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\18367b9a0b9e9261d1d9e371230af87c\Microsoft.MediaCenter.Sports.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\88ccabfe6c21211a07cafd298beba3cc\Microsoft.ManagementConsole.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\d68a27daca73749e4438a47e61643c3c\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\3151235c1c38db94fd44e3c6f290ff38\Microsoft.Build.Utilities.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 121344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\cf5e9b5d10682467a9e03358a6d6258f\Microsoft.Build.Framework.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\0f233d0eb396065719e83ab573a72cc5\Microsoft.Build.Framework.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\2416af06edb993f98a751acb69f67016\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\74e4adc90675c3b1365825c7e78b5ce9\Mcx2Dvcs.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\4a1f9a648a3928d42b77a91666d9aa8a\mcupdate.ni.exe
+ 2012-05-14 13:10 . 2012-05-14 13:10 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\40d70417c04f9ccb5fdecb5b9be5a6a3\mcstoredb.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\0313d55497bb7899e272458bbea0511d\mcplayerinterop.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\3fc113fe40d0145cd87afca2d107bf6d\MCESidebarCtrl.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\e8ddd4720d38a796259f0aade9f1caf0\EventViewer.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\584d419d4c837ea19f7f450a807b0273\ehRecObj.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\20c3505378a50f4859c9b2e7dcbb5fa2\ehiWUapi.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\2f9f48ad6496c9103043db1c21a651fd\ehiwmp.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\0955237aa3c1cb3a643248b8c58ec34c\ehiUserXp.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\7998173654fa518876cc97e37b86d465\ehiiTv.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\6c97aa6908f96ac9816ce74e4f6251ac\ehiExtens.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\a501747a95523297a8a1f119df8b1642\ehiBmlDataCarousel.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 125440 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\880c8b97f2b065a3bbe27b7c37581d17\ehiActivScp.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\d4f0d7fa581a8117efa5a2dc684d126f\ehExtHost.ni.exe
+ 2012-05-14 13:10 . 2012-05-14 13:10 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\ff7ef4caed03d6934669d1a39877a8ac\ehCIR.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\b7916689137fd0bc9ba1ba5a27e2a38a\CustomMarshalers.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\cc6e6febcd804604bf4d92d0eb8ec6ae\ComSvcConfig.ni.exe
+ 2012-05-14 13:09 . 2012-05-14 13:09 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\d18719c2df1334364cac199bb9c86adf\BDATunePIA.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\9d60139fdead64a892985181d663989f\WsatConfig.ni.exe
+ 2012-05-14 13:07 . 2012-05-14 13:07 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\89ef9ecbcf1f666b498c9ccc8632621d\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fee2240e46152269b2120db44aefd32a\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dbbb5914ff727ce0f6793177c4da31ba\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d7cc93a71fc723deff474273fcde836c\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cc96a49c561632f78b9a7c79e540fd84\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ca014739c9f5af294ad7f4a7c60a0e8b\WindowsLive.Writer.Controls.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c3902b80bdc944a554776f5d6c07cff9\WindowsLive.Writer.Instrumentation.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\af3f48ff5ef8c602162a3652c0c85f66\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aab0bad2dc60d6748745835dc38c52c6\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9c4c18aa84e43ffa11696d728777c58e\WindowsLive.Writer.Interop.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5c3cb7635798e90685d16e776c78ee44\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 374272 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\43f78ae7292b5d31b471b9ecf89430af\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\311ca0e85ee688d2598d5d159893217b\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\17a8647c2d500d6929a26d220cb8021d\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0159efe970e91422e3da4dfcdd33d376\WindowsLive.Writer.Api.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 223232 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\aa24c82b6c26f357aa2686883e18b464\WindowsLive.Client.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\994df404900182e0102d4c5dc9810a8d\WindowsFormsIntegration.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\779b08c46960a1824503aa6f089673fa\UIAutomationClient.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\a106c2f6597c4a80c1d3a75224d72402\TaskScheduler.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\0ad442240c6feafbc1dd0ef1cda57fc8\System.Web.Routing.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\2b129372a27469195acbe3b6b81786ef\System.Web.RegularExpressions.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e264ed8cae4b69017046686990537ea6\System.Web.Extensions.Design.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\a35ce57fcd882d809dd3d6c22af7d3c0\System.Web.Entity.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\bbab10e9c07bf9ffe2e1de6620ff40ab\System.Web.Entity.Design.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ee364fc0a904d8035cf21ed722602425\System.Web.DynamicData.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\e180769a4c85964760934226d795a5b2\System.Web.Abstractions.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\efb741df80921d51e0f19679751ebf55\System.ServiceProcess.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\0b5f082230e3486412e0fa333290e85a\System.Net.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\20d81596f0a78f61d0cfe7b1f75e052c\System.Messaging.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\8280490a2939075b726fd051d9010cc0\System.Management.Instrumentation.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\a03191ed937f6c1dc827b53d94ea0176\System.IO.Log.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\100d39c2f8985cb93e26feef86ba5212\System.IdentityModel.Selectors.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.Wrapper.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\00eb13ee45b1b1d9e1286b12b629732f\System.Drawing.Design.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\55545e89f96539ef93375524d1145a6f\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\4d73a7649876bb6e54a01ccbf235919b\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e36e03067b12bc35fcc3787dc81022c8\System.Data.Services.Design.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\5a29fff52e2c3d13ec15e8701027ab17\System.Data.Entity.Design.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\940f62a5d077405e0b324422afb6ff2c\System.Data.DataSetExtensions.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\d3325c6bced333a67122db7414c1fd1e\System.Configuration.Install.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\a90ec436f1d2c5cb0133a53c2e47d61a\System.AddIn.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\1ed79278fe139272e868e3a53d736f22\sysglobl.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\1b0b19607668635281fa260707f4352f\SMSvcHost.ni.exe
+ 2012-05-14 13:07 . 2012-05-14 13:07 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae55e761d480fe15781156d1311a1837\PresentationFramework.Classic.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7df1f379457aa5f39183903d115b5479\PresentationFramework.Royale.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\496bc57a53989bb83ec58865fa34be1d\PresentationFramework.Luna.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\dbe83f0466f3c15f2391432c46be4992\napsnap.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\a116c35c69449bbc7dbab2a7a4cf4b86\napinit.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\e0c40329b9cdd7f141a3702d79eb4bda\naphlpr.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\74a8b6419deb005337a1e43ec2502134\MSBuild.ni.exe
+ 2012-05-14 13:07 . 2012-05-14 13:07 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\ee856f5244b04ad8bff60614b09474a6\MMCFxCommon.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\070505350ec9daa3343b3cd2bc8cf59e\Microsoft.WSMan.Management.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1e639225ba30d7f182b893ddacea506b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d4c36b363fcd1ca494218e74ba606e99\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ba2ca86f5d270f493501848843d2f227\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\607324a312b1c6d7fbede8300e8cee91\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1f1185444c8a12ace85ba4c2d49f41f8\Microsoft.PowerShell.Security.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\12715b7e3e89758161053520b57764b2\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\0d6a371076a696788268aa5e78b2de39\Microsoft.ManagementConsole.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\7e59b3b84ca3c61adfc0dc74a65ea177\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\07e346ee0e3f7433f2de7a72fadd6713\Microsoft.Build.Utilities.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\8297305de86377d0070a983d99a7f943\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\541a5bb4d0f8490e506f885a4b435566\mcstoredb.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\464674d5e3ef52ffa0fccc2043c38e0e\EventViewer.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\5ae5c6732ef8e7115baaeb66fd69cdd2\ehRecObj.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\fbfc09fefc5a4d33f9a009f0157875f0\ehiVidCtl.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\cbf3a07d3ab873b19f47d6a24f06c796\ehiProxy.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\5cc4a5672758f4732ef430b3431f47fc\ehiExtens.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\83314c8ed8a90829fff41be1364833ef\ehExtHost32.ni.exe
+ 2012-05-14 13:07 . 2012-05-14 13:07 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\3912b69593af13d0922279a063e5af66\ComSvcConfig.ni.exe
+ 2012-05-14 13:07 . 2012-05-14 13:07 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\e1c3540ffb669448747187f76c6ebe82\BDATunePIA.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 241664 c:\windows\assembly\NativeImages_v2.0.50727_32\ArticleViewWindow\f9c5b575b643406f405a0c9acdb04683\ArticleViewWindow.ni.dll
+ 2012-05-11 22:39 . 2012-01-04 02:50 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-06-19 19:23 . 2010-11-05 01:53 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-06-19 19:23 . 2010-11-05 01:53 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-05-11 22:39 . 2012-02-10 23:31 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-05-11 22:39 . 2012-02-10 23:29 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-06-19 19:22 . 2010-11-05 01:52 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-06-19 19:24 . 2010-11-05 01:53 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-11 22:39 . 2012-02-10 23:31 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2009-07-14 04:54 . 2012-05-14 13:16 3833856 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-12 01:29 3833856 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-05-11 22:39 . 2012-03-31 03:10 3146240 c:\windows\system64\win32k.sys
- 2009-07-14 00:03 . 2009-07-14 01:41 1402880 c:\windows\system64\spool\drivers\x64\3\JNWDRV.dll
+ 2012-05-11 22:38 . 2012-03-31 05:40 1402880 c:\windows\system64\spool\drivers\x64\3\JNWDRV.dll
+ 2012-05-11 22:39 . 2012-03-31 06:05 5559664 c:\windows\system64\ntoskrnl.exe
+ 2012-05-11 22:40 . 2012-03-03 06:35 1544704 c:\windows\system64\DWrite.dll
+ 2012-05-11 22:38 . 2012-03-30 11:35 1918320 c:\windows\system64\drivers\tcpip.sys
+ 2012-05-11 22:38 . 2012-03-31 05:40 1402880 c:\windows\system32\spool\drivers\x64\3\JNWDRV.dll
- 2009-07-14 00:03 . 2009-07-14 01:41 1402880 c:\windows\system32\spool\drivers\x64\3\JNWDRV.dll
+ 2009-07-14 04:45 . 2012-05-14 12:56 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-05-11 22:35 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-06-12 00:11 . 2012-05-14 13:14 7556814 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-326516807-3596904739-1954027703-1000-8192.dat
- 2011-06-12 00:11 . 2012-05-12 01:27 7556814 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-326516807-3596904739-1954027703-1000-8192.dat
+ 2012-01-19 18:08 . 2012-01-19 18:08 1369872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsBase.dll
+ 2012-01-19 18:08 . 2012-01-19 18:08 6429992 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.dll
+ 2012-01-19 18:52 . 2012-01-19 18:52 3825952 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationCore.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 5029160 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
- 2011-11-22 03:31 . 2011-11-22 03:31 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
- 2011-11-22 04:57 . 2011-11-22 04:57 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
+ 2011-12-15 19:01 . 2011-12-15 19:01 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
+ 2011-12-15 19:01 . 2011-12-15 19:01 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
- 2011-11-22 04:57 . 2011-11-22 04:57 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
- 2011-11-22 04:57 . 2011-11-22 04:57 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
+ 2011-12-15 19:01 . 2011-12-15 19:01 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
+ 2011-12-15 19:01 . 2011-12-15 19:01 1512712 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
- 2011-11-22 04:57 . 2011-11-22 04:57 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
+ 2011-12-15 19:01 . 2011-12-15 19:01 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
+ 2012-05-11 22:39 . 2012-02-10 23:29 2256152 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
- 2011-08-13 16:18 . 2011-03-29 22:32 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
+ 2012-05-11 22:39 . 2012-01-04 03:34 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
+ 2012-05-11 22:39 . 2012-01-04 03:34 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
- 2012-02-15 13:20 . 2011-10-31 23:15 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
+ 2012-05-11 22:39 . 2012-01-04 03:34 9992464 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
- 2011-10-13 04:59 . 2011-07-08 22:31 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
+ 2012-05-11 22:39 . 2012-01-04 03:34 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
+ 2012-05-11 22:39 . 2012-01-04 03:34 1577232 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
+ 2012-05-11 22:39 . 2012-01-04 03:34 1756432 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscordacwks.dll
+ 2012-01-19 18:08 . 2012-01-19 18:08 1369872 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2012-01-19 18:08 . 2012-01-19 18:08 6429992 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2012-01-19 18:08 . 2012-01-19 18:08 3790112 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 5029160 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
- 2011-11-22 03:31 . 2011-11-22 03:31 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
- 2011-11-22 03:31 . 2011-11-22 03:31 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2011-11-22 03:31 . 2011-11-22 03:31 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
- 2011-11-22 03:31 . 2011-11-22 03:31 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2011-12-15 18:08 . 2011-12-15 18:08 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2012-05-11 22:39 . 2012-02-10 23:31 1737496 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2012-05-11 22:39 . 2012-01-04 02:51 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2011-08-13 16:18 . 2011-03-29 22:33 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-05-11 22:39 . 2012-01-04 02:51 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2012-02-15 13:20 . 2011-10-31 23:16 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-05-11 22:39 . 2012-01-04 02:51 5925136 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2012-05-11 22:39 . 2012-01-04 02:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2011-10-13 04:59 . 2011-07-08 22:33 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 5029160 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-12 08:07 . 2012-05-12 08:07 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-03-13 08:02 . 2012-03-13 08:02 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\4e962b1751cd3b039c5186963ad5f130\WindowsBase.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\6ee9d76d9f1e618cd6fb94b13355bcc9\UIAutomationClientsideProviders.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\28ca4f076264ab07f1d00a6c9623dc49\System.Xml.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\df013cbfec0defc7e9997cdaa90b89bc\System.Xaml.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\6003f51e67a2ae938571bf999135a05a\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\bc6df78c506c89659ab7be738179b2ba\System.Web.Services.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\cd7c3aed4408c3554c30a8f0236b90e1\System.Speech.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\94289b88c5b494f572cd7114fa995487\System.ServiceModel.Activities.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\2dbc7aabd92cc0d470acb455c498d919\System.ServiceModel.Discovery.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\b37e6f4b1d742031f328504eb99d0f6c\System.Runtime.DurableInstancing.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\e29ea726977686cc14c3a57e351e8661\System.Printing.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\b83f2453b4538b2e80fe09cfd94dce00\System.Management.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\60bf6251873ef465abcebeb9a24b7932\System.IdentityModel.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 2290176 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\97b0b093e73d3a40aa4fd72f38bd5070\System.Drawing.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\a68116468a194678fd04167067134712\System.DirectoryServices.AccountManagement.ni.dll

+ 2012-05-12 08:26 . 2012-05-12 08:26 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\3a737af86a6a819af97a6d1a04c0e944\System.DirectoryServices.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\c66de888fa426d24e6ff4c4725aef1b0\System.Deployment.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\0ec8effb7b9d03ae69d37922813bc880\System.Data.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\0eb72df497fad5c273ff16f88b0fb950\System.Data.SqlXml.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\536e12016ad3adc78e0708b77e6b9219\System.Data.Services.Client.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\86553c1d7f3e66c17fc3e0274de7a2de\System.Data.Linq.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\6aea67f24827961ce1d48356715389d8\System.Configuration.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\eac19ca5a18a6d08cd247e68b618ba68\System.ComponentModel.Composition.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\3869077874ba987242c791b3a18b2f8b\System.Activities.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\cffc381c37033e26f6aecc9de6f4f793\System.Activities.Presentation.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\96083298999a677341c98fc2bf01b248\System.Activities.Core.Presentation.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\36d8641ebc8601162adae65242087d85\ReachFramework.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 2056192 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\45b96dd6ea9eb2c7f16ea7b5a1ce6a94\PresentationUI.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\e8180bc4b9fe2cfc2c4378fc1b24ccd0\Microsoft.VisualBasic.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 1838080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\3af37ac9ef606248611ae6705aa2684e\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\16425c121db8083cbaa51f619c9e51e7\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\5284682fcf04815a86233bcaf696da66\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\4b1d24a96b3882f9e77445e48a7c59ee\Microsoft.JScript.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\1ff62486cdefbfc2dab41b686a9aa4e2\Microsoft.CSharp.ni.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\568a3f5fb8fba4184c0d60bfb40a205c\WindowsBase.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\24ed0e1df6a605cdb2088f87ae2ab8ff\UIAutomationClientsideProviders.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 9091584 c:\windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\dbf1ad6d474e9a53467a625d583df2ec\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\b37cc0aa41e7feaba9f290da4da91d71\System.Web.Services.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\f368c85283c4e6c9650dd1c8d369dcc5\System.Speech.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ec057796972ce41b751eaa3a8306fbcb\System.ServiceModel.Discovery.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5055b60e339143bbace5871f5fe4b114\System.ServiceModel.Activities.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\2a5d3d1de001807ca96c5853e8243df6\System.Printing.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 1653248 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ee7975d7a04786153df726008c62d44b\System.Drawing.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\0fe1e56d17858b6156a3a46330f75f27\System.DirectoryServices.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\fdbf117eb502bcf7ea9b4f5af98889ee\System.Deployment.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 2550272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\fdb98c6d783fe167c1dc0022f27b7cd6\System.Data.SqlXml.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\b894a1df3e6d58ada8f1aa303465ca23\System.Data.Services.Client.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\82c0c56ff8259e1440cfd0d5727a26d8\System.Data.Linq.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 7069184 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 4129280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\51025a1c89f6fd752a5396a059d608b2\System.Activities.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\b1ce26c14c922bdc5d45b0ab6b48e111\System.Activities.Presentation.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 1546752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\66893548d2b2cad29cabf3b3578f356f\System.Activities.Core.Presentation.ni.dll
+ 2012-05-12 08:31 . 2012-05-12 08:31 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\0b61a086e3bec9ddde1a1a4722a9142d\ReachFramework.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\6059daaa173546e091cb234a96132408\PresentationUI.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\75684af3794c47e8262049062eb0c8e8\Microsoft.VisualBasic.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 1136128 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\5de6646c16b1534682a9ff0311ed9f02\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\42a7f127f3fda82fb12c6a6e144d08c1\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-05-12 08:30 . 2012-05-12 08:30 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9a37f4e64ce5b856ac3892fef064c7de\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\cfcc92c125ddfaabad24abe61cfc0471\Microsoft.JScript.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 1616896 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\9912b6d76c1017b5af6ef24730f550ca\Microsoft.CSharp.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\783df1ee260d3df406fa80afa38502d4\UIAutomationClientsideProviders.ni.dll
+ 2012-05-14 12:55 . 2012-05-14 12:55 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\aaa06e50d7759bcdb538fe1588e3cd1e\System.WorkflowServices.ni.dll
+ 2012-05-14 12:59 . 2012-05-14 12:59 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\8ac687b7f43937c81f1c49d14975c740\System.Workflow.Runtime.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\f7e1338cdd7c906fc4af4e6320dd2970\System.Workflow.ComponentModel.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\d3d7ce2879969474edd8f2a8ccafb122\System.Workflow.Activities.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\6a0b589c4c1467f6b783991842a0f961\System.Web.Services.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\c14386b0da045e8341bde293735ce45e\System.Web.Mobile.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\f0485838bd18623d6a9b5ace539d42b7\System.Web.Extensions.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\e3c46a2aff3eceecad014e99eb67859d\System.Web.Extensions.Design.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\ca51f026916139f886519fdf6d6c73e9\System.Speech.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\56ee9b5f220583c1c7374a61ad904044\System.ServiceModel.Web.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\28369f16afd53bc91828e2397ba07024\System.Printing.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\d1f21a29e79e73b5401fae156f339f67\System.IdentityModel.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\bfa1c17fbc114509b7d1b8eac78ef6c1\System.Drawing.ni.dll
- 2012-05-11 08:43 . 2012-05-11 08:43 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\39d16229a3d5c6e7c1594ef10758bf75\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\39d16229a3d5c6e7c1594ef10758bf75\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\152ef61928f1c300fdad8fa6d5905880\System.DirectoryServices.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\d2ee0b1b8c3123f9bce9082d2b100278\System.Deployment.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\ea1848ec07c70f3d3c3445f4fbdae87a\System.Data.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\7f6f74f1cc0ea6c40a2d6707b12af818\System.Data.SqlXml.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\0679fe5f3f9164f499e50cdade962ba3\System.Data.Services.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\2e9de1acfb7974cad94b747442ca325f\System.Data.Services.Client.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\97429a1c70c94c49850be3f944a32a2e\System.Data.OracleClient.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\2ec3d436b861d35c586b710a570e170d\System.Data.Linq.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\b7b5364bc524988f7ca5b8c20a24119d\System.Data.Entity.Design.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\766ce7ee1a2e4f2a85fd90e7572f5d53\System.Core.ni.dll
+ 2012-05-14 12:55 . 2012-05-14 12:55 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\982d3214c1cfe6c01ccc78292911de20\ReachFramework.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\81fe7c2f2d8ee8e2389d6facfd0eae44\PresentationUI.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\4fbff79b8ebf082d08c0080923ff5036\PresentationBuildTasks.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\5580b3e21a01e35a31fde50daf47dd51\Narrator.ni.exe
- 2012-05-11 08:42 . 2012-05-11 08:42 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\5be0adfd971512081ef05f9f6945e4b6\MMCEx.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\5be0adfd971512081ef05f9f6945e4b6\MMCEx.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\5d0a616109f57e01b229b5198f65f9ce\MIGUIControls.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1a3d4874cecc47af7d14bce65624ddf9\Microsoft.VisualBasic.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\28ba52bc122353647f1b547506e2df7c\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f5790625975320b1ffad63b476da9132\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d36f839da1178e7b367865e129f2dd93\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\99049fd20c2a5e2779e879c2d95c96a2\Microsoft.PowerShell.GPowerShell.ni.dll
- 2012-05-11 08:42 . 2012-05-11 08:42 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\7db5caa649e2635ee1f0402908608c09\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\7db5caa649e2635ee1f0402908608c09\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c057be8bb6614cce013af3721fe34983\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b5fdd84429b629dea08f5381bfe7b07d\Microsoft.MediaCenter.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\71dde46ad3873a4ce4421dc2de899067\Microsoft.MediaCenter.UI.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\28cb98dff93468a23ee762f1c9fc0c7f\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\260d83ee2128a3388051cf416d4450b0\Microsoft.MediaCenter.Shell.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\094f6a515ca31504f96b4bad5848d692\Microsoft.JScript.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\c9039ca896a9b08f8d8e42c3e8ffaf56\Microsoft.Ink.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\c18a49c1a1ca763e94659c90dd1bdc5e\Microsoft.Build.Tasks.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\26b5aa922e962885da94235cb1775761\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\6b727c7aa69ae3e04a869908bfbae696\Microsoft.Build.Engine.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\e1d1dad222992080f8b5c875f7d497dd\mcstore.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\596902addad034f4df2caf291b12d61d\mcepg.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 2165248 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\dcabda0d241272e0e2f08eacbd15e0b1\ehiVidCtl.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\0423915e377ec85d71ac216fafa77ab0\ehiProxy.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c7e6a537f32763e54caba3a864967ac9\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bb272dbe9412176d974ee3c3b736573c\WindowsLive.Writer.Localization.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a9d90c10c3c9129f40a90c4e7df731d0\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 7026176 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8be4c1d26eb183065b6d57336506c22e\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\3b452cde57280624e1085699fe8beb03\UIAutomationClientsideProviders.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 7967232 c:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 5452800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c83ab416d2a2f3fa4f2d093963f46c3d\System.WorkflowServices.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\bfa1ffe928b4e3fd6701aabfee7df15e\System.Workflow.Runtime.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\d536897959cc07510569c6ddfe69aed0\System.Workflow.ComponentModel.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\a1976b3dc043730ad58f9693fc1fa462\System.Workflow.Activities.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\59a5af8e3ea07f7980e0476d2da234cd\System.Web.Services.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f6f655e69a1eec397e67cd87e095f404\System.Web.Mobile.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ab83e0de98f69306d49754a9174bf10a\System.Web.Extensions.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\83053c3eeb3255672d84c1ddc0ce8ef3\System.Speech.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\8c03c02eb6790704230bc067e943d344\System.Printing.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\a8495b797e6f7adddc5811a4e1f97db5\System.Management.Automation.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\1dce8ad4aa93ed395af726c0e510846e\System.Drawing.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ef0d8a4790c24a3a091170958bc7b976\System.DirectoryServices.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\11d24644241d3050868b947ecfa0b4a8\System.Deployment.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e9774272e9fc6ca49e6c616a31783040\System.Data.SqlXml.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\3285887b33030a7ce453573d3bed4e95\System.Data.Services.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\330d3ad45a00455b537047183e128def\System.Data.Services.Client.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\0f4e07fb8b1b7e7133a98f478856f70c\System.Data.OracleClient.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\2fe1658f05b0a96fe25c956a31d27b06\System.Data.Linq.ni.dll
+ 2012-05-14 13:09 . 2012-05-14 13:09 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\51a2589d5ee1c9c40fb6c56391570f9e\System.Data.Entity.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\e17b226e5d776b90abdda2bfe81a45b8\ReachFramework.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\deaef1aeea06eb68e6d4c7ba95d5a2ac\PresentationUI.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b3f13707cbd5d48aabaa9ef5264c8a30\PresentationBuildTasks.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\2765de8f1b3d8b1da336d3e70121e3b2\Narrator.ni.exe
+ 2012-05-14 13:08 . 2012-05-14 13:08 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\e7c74193104063352085477c2d866a93\MMCEx.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\922d749af286fccba928ccd4456ec222\MIGUIControls.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7046d73435e4cb840cc1afea22aba9a6\Microsoft.VisualBasic.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\cd9e47effec6549cdec61eb3aef99f7c\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fce19ef1694f4fc4db08ffb0237f4ac7\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\86ad0b271dc4905c82b11c21dc33b1a9\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7ee29045f76b1e9577bfc1e0fab723d8\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\c31b76610d07fcaa42a8eddcbca8bd30\Microsoft.MediaCenter.UI.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\28efe61ef266e48178a379a830623b20\Microsoft.MediaCenter.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\e3d2577e00aef6bc9b3e235eb83634f3\Microsoft.JScript.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\2ec9426778058b0a331acb9c12c08200\Microsoft.Ink.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a519a2c009c973846c3712038a0cd308\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-14 13:08 . 2012-05-14 13:08 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\24849ea16bc781c24452fddd856b31f2\Microsoft.Build.Tasks.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b66f52dbd8f87e53c3c9a1de7ca5bba\Microsoft.Build.Engine.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\d346e535d1caec5d4ed0dd2be5c193d3\mcstore.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\69b8de21b08c3412422c5918399ed702\mcepg.ni.dll
+ 2012-05-11 22:39 . 2012-02-10 23:31 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2011-06-19 19:23 . 2010-11-05 01:53 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-11 22:39 . 2012-01-04 02:51 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-02-15 13:20 . 2011-10-31 23:16 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-05-11 22:39 . 2012-01-04 02:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-13 16:18 . 2011-03-29 22:33 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-11 22:39 . 2012-02-10 23:31 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-11 22:39 . 2012-02-10 23:29 2256152 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
+ 2012-05-11 22:39 . 2012-02-10 23:29 3998208 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-11 22:39 . 2012-01-04 03:34 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-13 04:59 . 2011-07-08 22:31 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-11 22:39 . 2012-02-10 23:31 1737496 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
- 2011-06-19 19:24 . 2010-11-05 01:53 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-11 22:39 . 2012-02-10 23:31 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-11 22:39 . 2012-01-04 02:50 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-13 04:59 . 2011-07-08 22:33 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-07-14 02:34 . 2012-05-01 12:44 10747904 c:\windows\system64\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2012-05-14 12:50 10747904 c:\windows\system64\SMI\Store\Machine\schema.dat
+ 2011-08-12 14:10 . 2012-05-12 08:09 57848688 c:\windows\system64\MRT.exe
- 2009-07-14 02:34 . 2012-05-01 12:44 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2012-05-14 12:50 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2011-08-12 14:10 . 2012-05-12 08:09 57848688 c:\windows\system32\MRT.exe
+ 2012-01-19 19:20 . 2012-01-19 19:20 11997696 c:\windows\Installer\152dc01.msp
+ 2011-12-15 19:54 . 2011-12-15 19:54 39732736 c:\windows\Installer\152dbf3.msp
+ 2012-05-12 08:01 . 2012-05-12 08:01 20343808 c:\windows\Installer\152dbcf.msp
+ 2012-05-12 08:06 . 2012-05-12 08:06 11880448 c:\windows\assembly\NativeImages_v4.0.30319_64\System\935aea6e7eae16674abdd96a68ec97af\System.ni.dll
+ 2012-05-12 08:27 . 2012-05-12 08:27 17291264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3e1fa07a8e487acceef1c22275f08779\System.Windows.Forms.ni.dll
+ 2012-05-12 08:29 . 2012-05-12 08:29 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\c4cc7eb7733c4221c32caccfd66ae320\System.ServiceModel.ni.dll
+ 2012-05-12 08:28 . 2012-05-12 08:28 18479616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9df4e7ae75baa7bbb1af30c8061a6e9b\System.Data.Entity.ni.dll
+ 2012-05-12 08:25 . 2012-05-12 08:25 10440192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\b64f213e823a591607c45fac4997801e\System.Core.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\5eb97ad52c10035367b07021f1febe97\PresentationFramework.ni.dll
+ 2012-05-12 08:26 . 2012-05-12 08:26 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\c750a4d32ab6ff508c2a8825cc7c9e7d\PresentationCore.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 19353600 c:\windows\assembly\NativeImages_v4.0.30319_64\mscorlib\6087fce8f76d9af69af496cb10b7d1ee\mscorlib.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 13138432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\57a4cb79e5e78482ed20705145cdece9\System.Windows.Forms.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll
+ 2012-05-12 08:32 . 2012-05-12 08:32 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\7aa839fb16503243d6ae454ab334bcf4\System.Data.Entity.ni.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7e2238b8fa0f33ae39b63de73d5024a0\PresentationFramework.ni.dll
+ 2012-05-12 08:08 . 2012-05-12 08:08 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e5b4cfcb67e63b4fc7119c4ac1072603\PresentationCore.ni.dll
+ 2012-05-12 08:06 . 2012-05-12 08:06 14412800 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
+ 2012-05-14 12:55 . 2012-05-14 12:55 10624512 c:\windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\7d606847fa9fa9d94ff3d5e9f945a4ba\System.Windows.Forms.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\2240b63bf8a32f78aa3691c7fda6a78d\System.Web.ni.dll
+ 2012-05-14 13:10 . 2012-05-14 13:10 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f74b2d1b8cf279ff6bfe479f79e70fe9\System.ServiceModel.ni.dll
+ 2012-05-14 13:12 . 2012-05-14 13:12 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\00c4a761d0a5cafc00f34d763fe76ac4\System.Management.Automation.ni.dll
+ 2012-05-14 12:58 . 2012-05-14 12:58 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\430e51e72ccb0fcddd6cf5df792ef0f4\System.Design.ni.dll
+ 2012-05-14 13:13 . 2012-05-14 13:13 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\daaff9fe9c85fc171d426a3cb6766dbb\System.Data.Entity.ni.dll
+ 2012-05-14 12:57 . 2012-05-14 12:57 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\dfc517e38f8be151b8c7de922f34709f\PresentationFramework.ni.dll
+ 2012-05-14 12:56 . 2012-05-14 12:56 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4facdf84a9b2e961dd6ff97d40c6469a\PresentationCore.ni.dll
+ 2012-05-14 12:55 . 2012-05-14 12:55 15570944 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
+ 2012-05-14 13:11 . 2012-05-14 13:11 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\4196726740ff1568fa3de5dac3a64513\ehshell.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\79b487ba3d893f59ce7e697d06721dd0\System.Windows.Forms.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3aa966e818d35f094e23bbbdcf1b4297\System.Web.ni.dll
+ 2012-05-14 13:07 . 2012-05-14 13:07 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\4fe5471456fef11742180706a67d6d7f\System.Design.ni.dll
+ 2012-05-14 13:01 . 2012-05-14 13:01 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b1a95b0145ac26d9637b894ee38d5eac\PresentationFramework.ni.dll
+ 2012-05-14 13:00 . 2012-05-14 13:00 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\35652d0f564409d493f4f2053d40154d\PresentationCore.ni.dll
+ 2012-05-14 12:59 . 2012-05-14 13:00 11492864 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2011-08-06 1242448]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 6276408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-12 102400]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2011-08-08 273544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"DeathAdder"="c:\program files (x86)\Razer\DeathAdder\razerhid.exe" [2012-01-14 248832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snagit 10.lnk - c:\program files (x86)\TechSmith\Snagit 10\Snagit32.exe [2011-11-8 7070608]
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-06 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 253088]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-06 136176]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [x]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111014.001\BHDrvx64.sys [2011-10-14 1155704]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111021.030\IDSvia64.sys [2011-08-23 488568]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [x]
S1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-21 92216]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe [2011-04-17 130008]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-10 382272]
S3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 VKbms;Razer Gaming Device;c:\windows\system32\DRIVERS\VKbms.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 19:43]
.
2012-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-06 15:03]
.
2012-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-06 15:03]
.
2012-05-01 c:\windows\Tasks\HPCeeScheduleForOWNER-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-05-11 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"SBRegRebootCleaner"="c:\program files (x86)\Ad-Aware Antivirus\Engine\SBRC.exe" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
authsyssvc
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\604ddafg.default\
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
BHO-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
BHO-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
Toolbar-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
Toolbar-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
AddRemove-conduitEngine - c:\progra~2\CONDUI~1\ConduitEngineUninstall.exe
AddRemove-Vuze_Remote Toolbar - c:\progra~2\VUZE_R~1\UNINST~1.EXE
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.1.3\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\07\05\01\16\0c\14?"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
.
**************************************************************************
.
Completion time: 2012-05-14 08:33:16 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-14 13:33
ComboFix2.txt 2012-05-12 01:49
.
Pre-Run: 834,979,704,832 bytes free
Post-Run: 835,825,557,504 bytes free
.
- - End Of File - - 97CA580E14E53E577DD1DC06FD7702BD

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:55 AM

Posted 15 May 2012 - 08:43 AM

Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 CALVIN1693

CALVIN1693
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 16 May 2012 - 09:28 AM

7-Zip 9.22beta
ActiveCheck component for HP Active Support Library
Ad-Aware Browsing Protection
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.0)
Agatha Christie - Peril at End House
Apple Application Support
Apple Software Update
Battlefield 3™
Battlelog Web Plugins
Bejeweled 2 Deluxe
Bing Bar
Bing Bar Platform
Bing Rewards Client Installer
Blackhawk Striker 2
Blasterball 3
Blio
Bounce Symphony
Build-a-lot 2
Cake Mania
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Citrix XenApp Web Plugin
Conduit Engine
Counter-Strike: Source
CyberLink DVD Suite Deluxe
D3DX10
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
DVD Menu Pack for HP MediaSmart Video
Escape Rosecliff Island
ESN Sonar
Farm Frenzy
FATE
FileZilla Client 3.5.3
Final Drive Nitro
Google Toolbar for Internet Explorer
Google Update Helper
Heroes of Hellas 2 - Olympia
HP Customer Experience Enhancements
HP Game Console
HP Games
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart Video
HP MediaSmart/TouchSmart Netflix
HP MovieStore
HP Odometer
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP Update
HPAsset component for HP Active Support Library
Hulu Desktop
Java Auto Updater
Java™ 6 Update 22
Jewel Quest Solitaire 2
Junk Mail filter update
Kobo
LabelPrint
LightScribe System Software
Macromedia Fireworks MX 2004
Microsoft Default Manager
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Home and Student 2010 - English
Microsoft Office Live Meeting 2007
Microsoft Office Starter 2010 - English
Microsoft PowerPoint Viewer
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 10.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mumble 1.2.3
Mystery P.I. - The London Caper
Norton Internet Security
Norton Online Backup
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenOffice.org 3.3
Origin
PDF Complete Special Edition
Penguins!
PhotoNow!
PictureMover
Plants vs. Zombies
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
PressReader
PunkBuster Services
QuickTime
Ralink RT2860 Wireless LAN Card
Razer DeathAdder™ Mouse
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recovery Manager
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Skype Click to Call
Skype™ 5.8
Snagit 10.0.2
Spybot - Search & Destroy
Steam
The Witcher 2
Ultima Online Classic Client
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Ventrilo Client
Virtual Families
Virtual Villagers 4 - The Tree of Life
Vuze
Vuze Remote Toolbar
Wheel of Fortune 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinZip 15.0
World of Tanks v.0.6.7
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zinio Reader 4
Zuma Deluxe




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users