Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hacktool:win32/patched.y - internet explorer can not open page - HELP!!! I can't remove it


  • This topic is locked This topic is locked
30 replies to this topic

#1 jdeuel

jdeuel

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 11 May 2012 - 03:02 PM

hello,

i downloaded a game with a virus in it. hacktool:win32/patched.Y.
restarted computer than said that i had a system error and that i needed to do a restore.

i keep getting "internet explorer cannot open page".

here is my dss log

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by dooley at 12:18:18 on 2012-05-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.4980 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\System32\nvraidservice.exe
C:\Windows\system32\taskeng.exe
C:\Users\dooley\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\PROGRA~1\HEWLET~1\HPREMO~1\HPREMO~1.EXE
C:\Program Files\Windows Home Server\esClient.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files (x86)\Seagate\Seagate_Media\Sync\MediaAggreService.exe
C:\Users\dooley\AppData\Local\Audiogalaxy\Audiogalaxy.exe
C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Free Ride Games\GPlayer.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Ralink\Common\RaUI.exe
C:\Program Files\Windows Home Server\WHSTrayApp.exe
C:\Users\dooley\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\dooley\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\iWin Games\iWinTrusted.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Home Server\WHSConnector.exe
C:\Program Files (x86)\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files (x86)\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\alg.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Seagate\Seagate_Media\AgrregationStatus\stxmediamenumgr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.125.1581.0.exe
C:\Windows\system32\MpSigStub.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uDefault_Page_URL = hxxp://everythingy.com/ie/home
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: IEHlprObj Class: {8ca5ed52-f3fb-4414-a105-2e3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: Updater For My.Freeze.com Toolbar: {c26cd490-5f01-41e3-b150-eb29f19da056} - C:\Program Files (x86)\myfreezetoolbar\auxi\myfreezetoolbAu.dll
BHO: {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - No File
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Ask Toolbar: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - C:\Program Files (x86)\AskSBar\bar\1.bin\ASKSBAR.DLL
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [Audiogalaxy] "C:\Users\dooley\AppData\Local\Audiogalaxy\Audiogalaxy.exe" /startup
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
mRun: [NWEReboot]
mRun: [<NO NAME>]
mRun: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [FreeAgentTheaterTrayIcon] "C:\Program Files (x86)\Seagate\Seagate_Media\AgrregationStatus\StxMediaMenuMgr.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
StartupFolder: C:\Users\dooley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\dooley\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\dooley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HPSIMP~1.LNK - C:\Users\dooley\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
StartupFolder: C:\Users\dooley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\SEAGAT~1.LNK - C:\Users\dooley\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GE6HGP0 Product Registration.exe
StartupFolder: C:\Users\dooley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\SPOONS~1.LNK - C:\Users\dooley\AppData\Local\Spoon\3.24.0.9\Spoon-Sandbox-Native.exe
StartupFolder: C:\Users\dooley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\SPOONS~2.LNK - C:\Users\dooley\AppData\Local\Spoon\3.25.0.15\Spoon-Sandbox-Native.exe
StartupFolder: C:\Users\dooley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\SPOONS~3.LNK - C:\Users\dooley\AppData\Local\Spoon\3.26.0.6\Spoon-Sandbox-Native.exe
StartupFolder: C:\Users\dooley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\SPOONS~4.LNK - C:\Users\dooley\AppData\Local\Spoon\3.30.0.25\Spoon-Sandbox-Native.exe
StartupFolder: C:\Users\dooley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\SP08F8~1.LNK - C:\Users\dooley\AppData\Local\Spoon\3.31.2.6\Spoon-Sandbox-Native.exe
StartupFolder: C:\Users\dooley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\SP2361~1.LNK - C:\Users\dooley\AppData\Local\Spoon\3.32.0.3\Spoon-Sandbox-Native.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RALINK~1.LNK - C:\Program Files (x86)\Ralink\Common\RaUI.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\Launchy.lnk - C:\Program Files (x86)\Launchy\Launchy.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: intuit.com\ttlc
Trusted Zone: jacobs.com\prolog
Trusted Zone: jacobs.com\prologtn
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {36299202-09EF-4ABF-ADB9-47C599DBE778} - hxxps://www.hpwindows7upgrade.arvato.com/north_america/Endcustomer/HPProdDetect.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} - hxxp://offers.e-centives.com/cif/download/bin/actxcab.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{154F3292-0E2D-412C-B441-A0515111993C} : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: IEHlprObj Class: {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-X64: Vuze Remote - No File
BHO-X64: Updater For My.Freeze.com Toolbar: {C26CD490-5F01-41E3-B150-EB29F19DA056} - C:\Program Files (x86)\myfreezetoolbar\auxi\myfreezetoolbAu.dll
BHO-X64: Updater For My.Freeze.com Toolbar - No File
BHO-X64: {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - No File
BHO-X64: FrostWire Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: FrostWire Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Ask Toolbar: {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files (x86)\AskSBar\bar\1.bin\ASKSBAR.DLL
TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [NWEReboot]
mRun-x64: [(Default)]
mRun-x64: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [FreeAgentTheaterTrayIcon] "C:\Program Files (x86)\Seagate\Seagate_Media\AgrregationStatus\StxMediaMenuMgr.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7e044986-3d09-46d5-8b2c-c55f7dc6a108%7D&mid=3283b2fbb0abc2baed9e8661a86d5f4e-36ea7ca117ec4916501c8afcada094dbe3938727&ds=AVG&v=8.0.0.40&lang=en&pr=fr&d=2011-11-

01%2015%3A50%3A23&sap=ku&q=
FF - component: C:\Program Files (x86)\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll
FF - plugin: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: C:\Users\dooley\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\dooley\AppData\Local\Spoon\3.24.0.9\npMozillaSpoonPlugin.dll
FF - plugin: C:\Users\dooley\AppData\Local\Spoon\3.25.0.15\npMozillaSpoonPlugin.dll
FF - plugin: C:\Users\dooley\AppData\Local\Spoon\3.26.0.6\npMozillaSpoonPlugin.dll
FF - plugin: C:\Users\dooley\AppData\Local\Spoon\3.30.0.25\npMozillaSpoonPlugin.dll
FF - plugin: C:\Users\dooley\AppData\Local\Spoon\3.31.2.6\npMozillaSpoonPlugin.dll
FF - plugin: C:\Users\dooley\AppData\Local\Spoon\3.32.0.3\npMozillaSpoonPlugin.dll
FF - plugin: C:\Users\dooley\AppData\Roaming\Mozilla\plugins\npicaN.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 BackupService;BackupService;C:\Users\dooley\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2011-12-22 83512]
R2 esClient;Windows Media Center Client Service;C:\Program Files\Windows Home Server\esClient.exe [2009-10-7 109928]
R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-12-18 189736]
R2 FreeAgentTheater Service;Seagate Media;C:\Program Files (x86)\Seagate\Seagate_Media\Sync\MediaAggreService.exe [2010-2-17 169256]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2011-4-8 176848]
R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [2011-2-16 193888]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [2011-2-16 211296]
R2 SSPORT;SSPORT;\??\C:\Windows\system32\Drivers\SSPORT.sys --> C:\Windows\system32\Drivers\SSPORT.sys [?]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-7-9 248936]
R2 Virtual CDAudio Service;Virtual CDAudio Service;C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe [2011-9-9 178528]
R2 WHSConnector;Windows Home Server Connector Service;C:\Program Files\Windows Home Server\WHSConnector.exe [2009-10-7 489832]
R2 X5XSEx;X5XSEx;C:\Program Files (x86)\Free Ride Games\X5XSEx.sys [2012-4-23 55400]
R3 rsvcdwdr;rsvcdwdr;C:\Windows\system32\DRIVERS\rsvcdwdr.sys --> C:\Windows\system32\DRIVERS\rsvcdwdr.sys [?]
R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2009-10-7 231272]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-9 135664]
S2 HPMSSConnectorSvc;HPMSSConnectorService;C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe [2009-10-5 20992]
S2 MediaCollectorService;MediaCollectorService;C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe [2009-10-5 81920]
S2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-4-6 25824]
S2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-4-13 14088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-9 257696]
S3 athrusb;Atheros Wireless LAN USB device driver;C:\Windows\system32\DRIVERS\athrxusb.sys --> C:\Windows\system32\DRIVERS\athrxusb.sys [?]
S3 BGTAGps;COBRA GPS USB Driver;C:\Windows\system32\DRIVERS\Cobra_GPSx64.sys --> C:\Windows\system32\DRIVERS\Cobra_GPSx64.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-11-9 135664]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 129976]
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 Pcouffin64;Low level access layer for CD devices;C:\Windows\system32\Drivers\pcouffin64a.sys --> C:\Windows\system32\Drivers\pcouffin64a.sys [?]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
S3 RRNetCap;RRNetCap Service;C:\Windows\system32\DRIVERS\rrnetcap.sys --> C:\Windows\system32\DRIVERS\rrnetcap.sys [?]
S3 RRNetCapMP;RRNetCapMP;C:\Windows\system32\DRIVERS\rrnetcap.sys --> C:\Windows\system32\DRIVERS\rrnetcap.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 ZDPSp50a64;ZDPSp50a64 NDIS Protocol Driver;C:\Windows\system32\Drivers\ZDPSp50a64.sys --> C:\Windows\system32\Drivers\ZDPSp50a64.sys [?]
S4 Samsung UPD Service;Samsung UPD Service;"C:\Windows\System32\SUPDSvc.exe" --> C:\Windows\System32\SUPDSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-05-11 15:51:42 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B5A865C4-B013-4EF9-A924-AAFF467E7104}\mpengine.dll
2012-05-10 19:56:17 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AB3A7597-63E0-423B-A384-56B8FA11F399}\offreg.dll
2012-05-10 15:37:14 8917360 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AB3A7597-63E0-423B-A384-56B8FA11F399}\mpengine.dll
2012-05-09 22:59:05 -------- d-----w- C:\Users\dooley\AppData\Roaming\Aisle 5 Games, Inc
2012-05-09 22:51:45 -------- d-----w- C:\Program Files (x86)\Mirror Magic Deluxe
2012-05-09 22:51:45 -------- d-----w- C:\Program Files (x86)\BFG
2012-05-09 16:30:45 -------- d-----w- C:\Users\dooley\AppData\Roaming\MagicIndie
2012-05-09 16:01:05 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-05-09 15:34:53 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-09 13:30:57 8917360 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-07 16:29:58 -------- d-----w- C:\Users\dooley\AppData\Roaming\HiT-MM
2012-05-07 16:27:43 -------- d-----w- C:\Program Files (x86)\Games
2012-05-06 19:07:57 -------- d-----w- C:\Users\dooley\AppData\Roaming\PassionFruit Games
2012-05-06 19:02:06 -------- d-----w- C:\Program Files (x86)\Mystery Trackers - The Void
2012-05-06 17:00:25 -------- d-----w- C:\Users\dooley\AppData\Roaming\Artogon
2012-05-06 16:59:10 -------- d-----w- C:\Program Files (x86)\Treasure Seekers - The Time Has Come
2012-05-02 13:55:49 -------- d-----w- C:\Users\dooley\AppData\Roaming\GAMGO
2012-05-01 07:01:41 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-04-27 23:58:50 -------- d-----w- C:\Users\dooley\AppData\Roaming\PoBros
2012-04-27 23:58:50 -------- d-----w- C:\ProgramData\PoBros
2012-04-26 18:26:44 -------- d-----w- C:\Users\dooley\AppData\Roaming\Friday's games
2012-04-25 14:28:22 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-25 14:28:18 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-25 14:28:18 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-24 23:40:37 -------- d-----w- C:\ProgramData\Alawar Stargaze
2012-04-24 20:34:13 -------- d-----w- C:\ProgramData\Meridian93
2012-04-23 19:57:00 -------- d-----w- C:\Users\dooley\AppData\Roaming\MysteryStudio
2012-04-23 18:29:20 -------- d-----w- C:\Users\dooley\AppData\Roaming\Exent Technologies
2012-04-23 16:30:24 -------- d-----w- C:\Users\dooley\AppData\Local\Chronicles of Albian
2012-04-23 16:25:23 -------- d-----w- C:\Remote Programs
2012-04-23 16:25:22 -------- d-----w- C:\ProgramData\Free Ride Games
2012-04-23 16:25:18 53314 ------w- C:\Windows\ExentInfo.exe
2012-04-23 16:09:57 -------- d-----w- C:\Program Files (x86)\Free Ride Games
2012-04-22 18:45:14 -------- d-----w- C:\Users\dooley\AppData\Roaming\LegacyInteractive
2012-04-22 16:56:33 258048 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfppw73.dll
2012-04-22 16:55:10 -------- d-----w- C:\Program Files\Bonjour Print Services
2012-04-18 23:34:06 -------- d-----w- C:\Program Files (x86)\Jewel Quest - The Sleepless Star
2012-04-18 17:24:12 -------- d-----w- C:\Users\dooley\AppData\Roaming\Orneon
2012-04-17 16:28:02 -------- d-----w- C:\Users\dooley\AppData\Roaming\Freeze Tag
2012-04-16 19:26:36 -------- d-----w- C:\Users\dooley\AppData\Roaming\Boomzap
2012-04-16 19:25:49 -------- d-----w- C:\Program Files (x86)\Awakening - The Dreamless Castle
2012-04-13 16:27:13 -------- d-----w- C:\Program Files (x86)\iWin Games
.
==================== Find3M ====================
.
2012-05-09 16:01:42 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-28 15:18:11 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-03-22 19:12:12 4435968 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2012-03-21 00:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-21 00:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-03-06 06:53:37 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-06 05:59:47 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-06 05:59:41 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-15 15:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 15:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll
.
============= FINISH: 12:24:21.34 ===============

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 AM

Posted 11 May 2012 - 11:59 PM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

:multiple Anti Virus programs:

It looks like you are operating your computer with multiple Anti Virus programs running in memory at once:

AV: AVG Anti-Virus Free Edition 2012
AV: Microsoft Security Essentials


Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

Please remove all but one of them.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 jdeuel

jdeuel
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 12 May 2012 - 10:53 AM

ComboFix 12-05-12.01 - dooley 05/12/2012 11:00:11.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.5113 [GMT -4:00]
Running from: c:\users\dooley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8U904O3B\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\iWin Games\iWINgameshookie.dll
c:\program files (x86)\StartNow Toolbar
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files (x86)\StartNow Toolbar\Resources\installer.xml
c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml
c:\program files (x86)\StartNow Toolbar\Resources\update.xml
c:\program files (x86)\StartNow Toolbar\uninstall.dat
c:\users\dooley\AppData\Roaming\.#
c:\users\dooley\AppData\Roaming\BD1A07
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\bar.xul
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_images.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_maps.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_news.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_videos.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_web.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_amazon.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_ebay.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_facebook.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_games.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_msn.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_shopping.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_travel.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_twitter.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\startnow_logo.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\installer.xml
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\chevron_button.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_hover.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_normal.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_dropdown_button_normal.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_background.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_left.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_middle.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\separator.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\splitter.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ff_hover_c.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_c.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_l.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_r.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_c.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_l.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_r.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\toolbar.xml
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\locale\en-US\{5911488E-9D1E-40ec-8CBB-06B231CC153F}.dtd
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\skin\overlay.css
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\install.rdf
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_RkHit
.
.
((((((((((((((((((((((((( Files Created from 2012-04-12 to 2012-05-12 )))))))))))))))))))))))))))))))
.
.
2012-05-12 15:11 . 2012-05-12 15:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-09 22:59 . 2012-05-09 22:59 -------- d-----w- c:\users\dooley\AppData\Roaming\Aisle 5 Games, Inc
2012-05-09 22:51 . 2012-05-09 22:52 -------- d-----w- c:\program files (x86)\Mirror Magic Deluxe
2012-05-09 22:51 . 2012-05-09 22:51 -------- d-----w- c:\program files (x86)\BFG
2012-05-09 21:14 . 2012-05-09 21:14 -------- d-----w- c:\users\dooley\AppData\Roaming\Games
2012-05-09 16:30 . 2012-05-09 16:30 -------- d-----w- c:\users\dooley\AppData\Roaming\MagicIndie
2012-05-09 16:01 . 2012-05-09 16:01 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-09 15:34 . 2012-05-09 16:01 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-07 16:29 . 2012-05-07 16:30 -------- d-----w- c:\users\dooley\AppData\Roaming\HiT-MM
2012-05-07 16:27 . 2012-05-10 18:41 -------- d-----w- c:\program files (x86)\Games
2012-05-06 19:07 . 2012-05-06 19:07 -------- d-----w- c:\users\dooley\AppData\Roaming\PassionFruit Games
2012-05-06 19:02 . 2012-05-06 19:04 -------- d-----w- c:\program files (x86)\Mystery Trackers - The Void
2012-05-06 17:00 . 2012-05-06 17:00 -------- d-----w- c:\users\dooley\AppData\Roaming\Artogon
2012-05-06 16:59 . 2012-05-06 17:00 -------- d-----w- c:\program files (x86)\Treasure Seekers - The Time Has Come
2012-05-02 13:55 . 2012-05-02 13:55 -------- d-----w- c:\users\dooley\AppData\Roaming\GAMGO
2012-05-01 07:01 . 2012-05-01 07:01 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-04-27 23:58 . 2012-04-27 23:58 -------- d-----w- c:\users\dooley\AppData\Roaming\PoBros
2012-04-27 23:58 . 2012-04-27 23:58 -------- d-----w- c:\programdata\PoBros
2012-04-26 18:26 . 2012-04-26 18:26 -------- d-----w- c:\users\dooley\AppData\Roaming\Friday's games
2012-04-25 14:28 . 2012-04-25 14:28 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-04-25 14:28 . 2012-04-25 14:28 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-25 14:28 . 2012-04-25 14:28 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-24 23:40 . 2012-04-24 23:40 -------- d-----w- c:\programdata\Alawar Stargaze
2012-04-24 20:34 . 2012-04-24 20:34 -------- d-----w- c:\programdata\Meridian93
2012-04-23 19:57 . 2012-04-24 00:23 -------- d-----w- c:\users\dooley\AppData\Roaming\MysteryStudio
2012-04-23 18:29 . 2012-04-23 18:29 -------- d-----w- c:\users\dooley\AppData\Roaming\Exent Technologies
2012-04-23 16:30 . 2012-04-23 16:30 -------- d-----w- c:\users\dooley\AppData\Local\Chronicles of Albian
2012-04-23 16:25 . 2012-04-27 23:27 -------- d-----w- C:\Remote Programs
2012-04-23 16:25 . 2012-04-23 16:25 -------- d-----w- c:\programdata\Free Ride Games
2012-04-23 16:25 . 2012-03-21 20:12 53314 ------w- c:\windows\ExentInfo.exe
2012-04-23 16:09 . 2012-04-23 16:25 -------- d-----w- c:\program files (x86)\Free Ride Games
2012-04-22 18:45 . 2012-04-22 21:01 -------- d-----w- c:\users\dooley\AppData\Roaming\LegacyInteractive
2012-04-22 16:56 . 2009-07-14 01:41 258048 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2012-04-22 16:55 . 2012-04-22 16:55 -------- d-----w- c:\program files\Bonjour Print Services
2012-04-18 23:34 . 2012-04-18 23:34 -------- d-----w- c:\program files (x86)\Jewel Quest - The Sleepless Star
2012-04-18 17:24 . 2012-04-18 17:24 -------- d-----w- c:\users\dooley\AppData\Roaming\Orneon
2012-04-17 16:28 . 2012-04-17 16:28 -------- d-----w- c:\users\dooley\AppData\Roaming\Freeze Tag
2012-04-16 19:26 . 2012-04-16 19:26 -------- d-----w- c:\users\dooley\AppData\Roaming\Boomzap
2012-04-16 19:25 . 2012-04-16 19:26 -------- d-----w- c:\program files (x86)\Awakening - The Dreamless Castle
2012-04-13 16:27 . 2012-05-12 15:10 -------- d-----w- c:\program files (x86)\iWin Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-09 16:01 . 2011-06-21 04:19 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-13 08:46 . 2012-05-11 15:51 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B5A865C4-B013-4EF9-A924-AAFF467E7104}\mpengine.dll
2012-04-13 08:46 . 2012-05-10 15:37 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-04 19:56 . 2010-08-03 15:17 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-28 15:18 . 2010-06-02 18:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-03-21 00:44 . 2010-10-25 02:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 00:44 . 2010-03-26 01:30 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-06 06:53 . 2012-04-11 07:05 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-06 05:59 . 2012-04-11 07:05 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-06 05:59 . 2012-04-11 07:05 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-01 06:46 . 2012-04-11 07:00 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-11 07:00 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-11 07:00 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-11 07:00 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-11 07:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-11 07:00 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-11 07:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-11 07:06 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-11 07:06 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-11 07:06 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-11 07:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-11 07:06 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-11 07:06 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-11 07:06 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-11 07:06 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-17 06:38 . 2012-03-14 08:34 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 08:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 08:34 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 08:34 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 15:01 . 2012-02-15 15:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 15:01 . 2012-02-15 15:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-29 02:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-30 1689144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 163328]
"Audiogalaxy"="c:\users\dooley\AppData\Local\Audiogalaxy\Audiogalaxy.exe" [2011-12-18 2955496]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2012-04-04 981680]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-12-18 197928]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"FreeAgentTheaterTrayIcon"="c:\program files (x86)\Seagate\Seagate_Media\AgrregationStatus\StxMediaMenuMgr.exe" [2010-02-17 202024]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
c:\users\dooley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\dooley\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
HP SimpleSave Monitor.lnk - c:\users\dooley\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [2011-12-22 477080]
.
c:\users\dooley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
Seagate 2GE6HGP0 Product Registration.lnk - c:\users\dooley\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GE6HGP0 Product Registration.exe [N/A]
Spoon Sandbox Manager 3.24.lnk - c:\users\dooley\AppData\Local\Spoon\3.24.0.9\Spoon-Sandbox-Native.exe [2011-2-8 232696]
Spoon Sandbox Manager 3.25.lnk - c:\users\dooley\AppData\Local\Spoon\3.25.0.15\Spoon-Sandbox-Native.exe [2011-4-4 310008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Ralink Wireless Utility.lnk - c:\program files (x86)\Ralink\Common\RaUI.exe [2011-2-16 6479712]
Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2011-12-20 666984]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
Launchy.lnk - c:\program files (x86)\Launchy\Launchy.exe [2011-9-7 405504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2009-10-07 231272]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 135664]
R2 HPMSSConnectorSvc;HPMSSConnectorService;c:\program files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe [2009-10-05 20992]
R2 MediaCollectorService;MediaCollectorService;c:\program files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe [2009-10-05 81920]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-04-06 25824]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-04-13 14088]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 257696]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
R3 BGTAGps;COBRA GPS USB Driver;c:\windows\system32\DRIVERS\Cobra_GPSx64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 135664]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28ux.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 Pcouffin64;Low level access layer for CD devices;c:\windows\system32\Drivers\pcouffin64a.sys [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 ZDPSp50a64;ZDPSp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\ZDPSp50a64.sys [x]
R4 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 BackupService;BackupService;c:\users\dooley\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe [2009-10-07 109928]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-12-18 189736]
S2 FreeAgentTheater Service;Seagate Media;c:\program files (x86)\Seagate\Seagate_Media\Sync\MediaAggreService.exe [2010-02-17 169256]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 iWinTrusted;iWinTrusted;c:\program files (x86)\iWin Games\iWinTrusted.exe [2011-04-08 176848]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [2010-06-01 211296]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe [2011-09-09 178528]
S2 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [2009-10-07 489832]
S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [2010-11-22 55400]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys [x]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeapfk
*Deregistered* - mfeavfk
*Deregistered* - mfehidk
*Deregistered* - mferkdet
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-17 00:02 114688 ----a-w- c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 16:01]
.
2012-05-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1694425350-3873671160-743166481-1000Core.job
- c:\users\dooley\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-30 16:46]
.
2012-05-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1694425350-3873671160-743166481-1000UA.job
- c:\users\dooley\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-30 16:46]
.
2012-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 15:22]
.
2012-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 15:22]
.
2012-05-06 c:\windows\Tasks\HPCeeScheduleFordooley.job
- c:\program files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-05-06 01:17]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-08-19 333344]
"HP Remote Software"="c:\program files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe" [2009-02-06 172032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"combofix"="c:\combofix\CF22635.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
Trusted Zone: jacobs.com\prolog
Trusted Zone: jacobs.com\prologtn
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
DPF: {36299202-09EF-4ABF-ADB9-47C599DBE778} - hxxps://www.hpwindows7upgrade.arvato.com/north_america/Endcustomer/HPProdDetect.cab
FF - ProfilePath - c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7e044986-3d09-46d5-8b2c-c55f7dc6a108%7D&mid=3283b2fbb0abc2baed9e8661a86d5f4e-36ea7ca117ec4916501c8afcada094dbe3938727&ds=AVG&v=8.0.0.40&lang=en&pr=fr&d=2011-11-01%2015%3A50%3A23&sap=ku&q=
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-NWEReboot - (no file)
Wow6432Node-HKLM-Run-Wondershare Helper Compact.exe - c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"ASMLicenseKey"="00000-0003"
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Network Associates]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Kodak\KODAK Share Button App\Listener.exe
c:\program files (x86)\Ralink\Common\RaRegistry.exe
c:\program files (x86)\Sony\VAIO Media Integrated Server\VMISrv.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files (x86)\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
c:\program files (x86)\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
.
**************************************************************************
.
Completion time: 2012-05-12 11:28:04 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-12 15:28
.
Pre-Run: 182,050,910,208 bytes free
Post-Run: 184,861,425,664 bytes free
.
- - End Of File - - C5B349CE7B6B0AB72B0F211A9E9C3E95

ComboFix 12-05-12.01 - dooley 05/12/2012 11:00:11.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.5113 [GMT -4:00]
Running from: c:\users\dooley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8U904O3B\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\iWin Games\iWINgameshookie.dll
c:\program files (x86)\StartNow Toolbar
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files (x86)\StartNow Toolbar\Resources\installer.xml
c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml
c:\program files (x86)\StartNow Toolbar\Resources\update.xml
c:\program files (x86)\StartNow Toolbar\uninstall.dat
c:\users\dooley\AppData\Roaming\.#
c:\users\dooley\AppData\Roaming\BD1A07
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\bar.xul
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_images.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_maps.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_news.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_videos.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_web.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_amazon.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_ebay.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_facebook.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_games.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_msn.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_shopping.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_travel.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_twitter.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\startnow_logo.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\installer.xml
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\chevron_button.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_hover.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_normal.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_dropdown_button_normal.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_background.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_left.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_middle.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\separator.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\splitter.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ff_hover_c.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_c.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_l.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_r.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_c.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_l.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_r.png
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\toolbar.xml
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\locale\en-US\{5911488E-9D1E-40ec-8CBB-06B231CC153F}.dtd
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\skin\overlay.css
c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\install.rdf
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_RkHit
.
.
((((((((((((((((((((((((( Files Created from 2012-04-12 to 2012-05-12 )))))))))))))))))))))))))))))))
.
.
2012-05-12 15:11 . 2012-05-12 15:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-09 22:59 . 2012-05-09 22:59 -------- d-----w- c:\users\dooley\AppData\Roaming\Aisle 5 Games, Inc
2012-05-09 22:51 . 2012-05-09 22:52 -------- d-----w- c:\program files (x86)\Mirror Magic Deluxe
2012-05-09 22:51 . 2012-05-09 22:51 -------- d-----w- c:\program files (x86)\BFG
2012-05-09 21:14 . 2012-05-09 21:14 -------- d-----w- c:\users\dooley\AppData\Roaming\Games
2012-05-09 16:30 . 2012-05-09 16:30 -------- d-----w- c:\users\dooley\AppData\Roaming\MagicIndie
2012-05-09 16:01 . 2012-05-09 16:01 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-09 15:34 . 2012-05-09 16:01 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-07 16:29 . 2012-05-07 16:30 -------- d-----w- c:\users\dooley\AppData\Roaming\HiT-MM
2012-05-07 16:27 . 2012-05-10 18:41 -------- d-----w- c:\program files (x86)\Games
2012-05-06 19:07 . 2012-05-06 19:07 -------- d-----w- c:\users\dooley\AppData\Roaming\PassionFruit Games
2012-05-06 19:02 . 2012-05-06 19:04 -------- d-----w- c:\program files (x86)\Mystery Trackers - The Void
2012-05-06 17:00 . 2012-05-06 17:00 -------- d-----w- c:\users\dooley\AppData\Roaming\Artogon
2012-05-06 16:59 . 2012-05-06 17:00 -------- d-----w- c:\program files (x86)\Treasure Seekers - The Time Has Come
2012-05-02 13:55 . 2012-05-02 13:55 -------- d-----w- c:\users\dooley\AppData\Roaming\GAMGO
2012-05-01 07:01 . 2012-05-01 07:01 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-04-27 23:58 . 2012-04-27 23:58 -------- d-----w- c:\users\dooley\AppData\Roaming\PoBros
2012-04-27 23:58 . 2012-04-27 23:58 -------- d-----w- c:\programdata\PoBros
2012-04-26 18:26 . 2012-04-26 18:26 -------- d-----w- c:\users\dooley\AppData\Roaming\Friday's games
2012-04-25 14:28 . 2012-04-25 14:28 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-04-25 14:28 . 2012-04-25 14:28 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-25 14:28 . 2012-04-25 14:28 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-24 23:40 . 2012-04-24 23:40 -------- d-----w- c:\programdata\Alawar Stargaze
2012-04-24 20:34 . 2012-04-24 20:34 -------- d-----w- c:\programdata\Meridian93
2012-04-23 19:57 . 2012-04-24 00:23 -------- d-----w- c:\users\dooley\AppData\Roaming\MysteryStudio
2012-04-23 18:29 . 2012-04-23 18:29 -------- d-----w- c:\users\dooley\AppData\Roaming\Exent Technologies
2012-04-23 16:30 . 2012-04-23 16:30 -------- d-----w- c:\users\dooley\AppData\Local\Chronicles of Albian
2012-04-23 16:25 . 2012-04-27 23:27 -------- d-----w- C:\Remote Programs
2012-04-23 16:25 . 2012-04-23 16:25 -------- d-----w- c:\programdata\Free Ride Games
2012-04-23 16:25 . 2012-03-21 20:12 53314 ------w- c:\windows\ExentInfo.exe
2012-04-23 16:09 . 2012-04-23 16:25 -------- d-----w- c:\program files (x86)\Free Ride Games
2012-04-22 18:45 . 2012-04-22 21:01 -------- d-----w- c:\users\dooley\AppData\Roaming\LegacyInteractive
2012-04-22 16:56 . 2009-07-14 01:41 258048 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2012-04-22 16:55 . 2012-04-22 16:55 -------- d-----w- c:\program files\Bonjour Print Services
2012-04-18 23:34 . 2012-04-18 23:34 -------- d-----w- c:\program files (x86)\Jewel Quest - The Sleepless Star
2012-04-18 17:24 . 2012-04-18 17:24 -------- d-----w- c:\users\dooley\AppData\Roaming\Orneon
2012-04-17 16:28 . 2012-04-17 16:28 -------- d-----w- c:\users\dooley\AppData\Roaming\Freeze Tag
2012-04-16 19:26 . 2012-04-16 19:26 -------- d-----w- c:\users\dooley\AppData\Roaming\Boomzap
2012-04-16 19:25 . 2012-04-16 19:26 -------- d-----w- c:\program files (x86)\Awakening - The Dreamless Castle
2012-04-13 16:27 . 2012-05-12 15:10 -------- d-----w- c:\program files (x86)\iWin Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-09 16:01 . 2011-06-21 04:19 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-13 08:46 . 2012-05-11 15:51 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B5A865C4-B013-4EF9-A924-AAFF467E7104}\mpengine.dll
2012-04-13 08:46 . 2012-05-10 15:37 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-04 19:56 . 2010-08-03 15:17 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-28 15:18 . 2010-06-02 18:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-03-21 00:44 . 2010-10-25 02:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 00:44 . 2010-03-26 01:30 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-06 06:53 . 2012-04-11 07:05 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-06 05:59 . 2012-04-11 07:05 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-06 05:59 . 2012-04-11 07:05 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-01 06:46 . 2012-04-11 07:00 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-11 07:00 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-11 07:00 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-11 07:00 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-11 07:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-11 07:00 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-11 07:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-11 07:06 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-11 07:06 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-11 07:06 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-11 07:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-11 07:06 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-11 07:06 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-11 07:06 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-11 07:06 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-17 06:38 . 2012-03-14 08:34 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 08:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 08:34 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 08:34 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 15:01 . 2012-02-15 15:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 15:01 . 2012-02-15 15:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-29 02:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-30 1689144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 163328]
"Audiogalaxy"="c:\users\dooley\AppData\Local\Audiogalaxy\Audiogalaxy.exe" [2011-12-18 2955496]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2012-04-04 981680]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-12-18 197928]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"FreeAgentTheaterTrayIcon"="c:\program files (x86)\Seagate\Seagate_Media\AgrregationStatus\StxMediaMenuMgr.exe" [2010-02-17 202024]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
c:\users\dooley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\dooley\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
HP SimpleSave Monitor.lnk - c:\users\dooley\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [2011-12-22 477080]
.
c:\users\dooley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
Seagate 2GE6HGP0 Product Registration.lnk - c:\users\dooley\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GE6HGP0 Product Registration.exe [N/A]
Spoon Sandbox Manager 3.24.lnk - c:\users\dooley\AppData\Local\Spoon\3.24.0.9\Spoon-Sandbox-Native.exe [2011-2-8 232696]
Spoon Sandbox Manager 3.25.lnk - c:\users\dooley\AppData\Local\Spoon\3.25.0.15\Spoon-Sandbox-Native.exe [2011-4-4 310008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Ralink Wireless Utility.lnk - c:\program files (x86)\Ralink\Common\RaUI.exe [2011-2-16 6479712]
Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2011-12-20 666984]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
Launchy.lnk - c:\program files (x86)\Launchy\Launchy.exe [2011-9-7 405504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2009-10-07 231272]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 135664]
R2 HPMSSConnectorSvc;HPMSSConnectorService;c:\program files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe [2009-10-05 20992]
R2 MediaCollectorService;MediaCollectorService;c:\program files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe [2009-10-05 81920]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-04-06 25824]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-04-13 14088]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 257696]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
R3 BGTAGps;COBRA GPS USB Driver;c:\windows\system32\DRIVERS\Cobra_GPSx64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 135664]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28ux.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 Pcouffin64;Low level access layer for CD devices;c:\windows\system32\Drivers\pcouffin64a.sys [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 ZDPSp50a64;ZDPSp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\ZDPSp50a64.sys [x]
R4 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 BackupService;BackupService;c:\users\dooley\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe [2009-10-07 109928]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-12-18 189736]
S2 FreeAgentTheater Service;Seagate Media;c:\program files (x86)\Seagate\Seagate_Media\Sync\MediaAggreService.exe [2010-02-17 169256]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 iWinTrusted;iWinTrusted;c:\program files (x86)\iWin Games\iWinTrusted.exe [2011-04-08 176848]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [2010-06-01 211296]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe [2011-09-09 178528]
S2 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [2009-10-07 489832]
S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [2010-11-22 55400]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys [x]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeapfk
*Deregistered* - mfeavfk
*Deregistered* - mfehidk
*Deregistered* - mferkdet
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-17 00:02 114688 ----a-w- c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 16:01]
.
2012-05-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1694425350-3873671160-743166481-1000Core.job
- c:\users\dooley\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-30 16:46]
.
2012-05-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1694425350-3873671160-743166481-1000UA.job
- c:\users\dooley\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-30 16:46]
.
2012-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 15:22]
.
2012-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 15:22]
.
2012-05-06 c:\windows\Tasks\HPCeeScheduleFordooley.job
- c:\program files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-05-06 01:17]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-08-19 333344]
"HP Remote Software"="c:\program files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe" [2009-02-06 172032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"combofix"="c:\combofix\CF22635.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
Trusted Zone: jacobs.com\prolog
Trusted Zone: jacobs.com\prologtn
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
DPF: {36299202-09EF-4ABF-ADB9-47C599DBE778} - hxxps://www.hpwindows7upgrade.arvato.com/north_america/Endcustomer/HPProdDetect.cab
FF - ProfilePath - c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7e044986-3d09-46d5-8b2c-c55f7dc6a108%7D&mid=3283b2fbb0abc2baed9e8661a86d5f4e-36ea7ca117ec4916501c8afcada094dbe3938727&ds=AVG&v=8.0.0.40&lang=en&pr=fr&d=2011-11-01%2015%3A50%3A23&sap=ku&q=
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-NWEReboot - (no file)
Wow6432Node-HKLM-Run-Wondershare Helper Compact.exe - c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"ASMLicenseKey"="00000-0003"
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Network Associates]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Kodak\KODAK Share Button App\Listener.exe
c:\program files (x86)\Ralink\Common\RaRegistry.exe
c:\program files (x86)\Sony\VAIO Media Integrated Server\VMISrv.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files (x86)\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
c:\program files (x86)\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
.
**************************************************************************
.
Completion time: 2012-05-12 11:28:04 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-12 15:28
.
Pre-Run: 182,050,910,208 bytes free
Post-Run: 184,861,425,664 bytes free
.
- - End Of File - - C5B349CE7B6B0AB72B0F211A9E9C3E95

CHECKUP LOG

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

CCleaner
Java™ 6 Update 31
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
``````````End of Log````````````

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 AM

Posted 12 May 2012 - 05:43 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 jdeuel

jdeuel
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 12 May 2012 - 06:59 PM

19:34:46.0534 7256 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
19:34:46.0824 7256 ============================================================
19:34:46.0824 7256 Current date / time: 2012/05/12 19:34:46.0824
19:34:46.0824 7256 SystemInfo:
19:34:46.0824 7256
19:34:46.0824 7256 OS Version: 6.1.7601 ServicePack: 1.0
19:34:46.0824 7256 Product type: Workstation
19:34:46.0824 7256 ComputerName: DOOLEY-PC
19:34:46.0824 7256 UserName: dooley
19:34:46.0824 7256 Windows directory: C:\Windows
19:34:46.0824 7256 System windows directory: C:\Windows
19:34:46.0824 7256 Running under WOW64
19:34:46.0824 7256 Processor architecture: Intel x64
19:34:46.0824 7256 Number of processors: 4
19:34:46.0824 7256 Page size: 0x1000
19:34:46.0824 7256 Boot type: Normal boot
19:34:46.0824 7256 ============================================================
19:34:47.0984 7256 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:34:48.0004 7256 ============================================================
19:34:48.0004 7256 \Device\Harddisk0\DR0:
19:34:48.0004 7256 MBR partitions:
19:34:48.0004 7256 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48C9FCB1
19:34:48.0004 7256 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x48C9FCF0, BlocksNum 0x1BB71D1
19:34:48.0004 7256 ============================================================
19:34:48.0024 7256 C: <-> \Device\Harddisk0\DR0\Partition0
19:34:48.0075 7256 D: <-> \Device\Harddisk0\DR0\Partition1
19:34:48.0075 7256 ============================================================
19:34:48.0075 7256 Initialize success
19:34:48.0075 7256 ============================================================
19:34:58.0153 7436 ============================================================
19:34:58.0153 7436 Scan started
19:34:58.0153 7436 Mode: Manual;
19:34:58.0153 7436 ============================================================
19:34:59.0416 7436 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:34:59.0416 7436 1394ohci - ok
19:34:59.0572 7436 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:34:59.0588 7436 ACDaemon - ok
19:34:59.0650 7436 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:34:59.0650 7436 ACPI - ok
19:34:59.0713 7436 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:34:59.0713 7436 AcpiPmi - ok
19:34:59.0916 7436 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:34:59.0916 7436 AdobeFlashPlayerUpdateSvc - ok
19:34:59.0994 7436 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:35:00.0009 7436 adp94xx - ok
19:35:00.0087 7436 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:35:00.0103 7436 adpahci - ok
19:35:00.0118 7436 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:35:00.0134 7436 adpu320 - ok
19:35:00.0181 7436 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:35:00.0181 7436 AeLookupSvc - ok
19:35:00.0321 7436 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
19:35:00.0321 7436 Afc - ok
19:35:00.0415 7436 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:35:00.0430 7436 AFD - ok
19:35:00.0508 7436 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:35:00.0508 7436 agp440 - ok
19:35:00.0540 7436 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:35:00.0540 7436 ALG - ok
19:35:00.0602 7436 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:35:00.0602 7436 aliide - ok
19:35:00.0602 7436 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:35:00.0602 7436 amdide - ok
19:35:00.0649 7436 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:35:00.0664 7436 AmdK8 - ok
19:35:00.0711 7436 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:35:00.0711 7436 AmdPPM - ok
19:35:00.0758 7436 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:35:00.0758 7436 amdsata - ok
19:35:00.0805 7436 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:35:00.0836 7436 amdsbs - ok
19:35:00.0852 7436 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:35:00.0852 7436 amdxata - ok
19:35:01.0008 7436 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
19:35:01.0008 7436 AOL ACS - ok
19:35:01.0070 7436 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:35:01.0070 7436 AppID - ok
19:35:01.0086 7436 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:35:01.0086 7436 AppIDSvc - ok
19:35:01.0132 7436 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:35:01.0132 7436 Appinfo - ok
19:35:01.0242 7436 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:35:01.0242 7436 Apple Mobile Device - ok
19:35:01.0304 7436 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:35:01.0320 7436 arc - ok
19:35:01.0335 7436 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:35:01.0335 7436 arcsas - ok
19:35:01.0522 7436 arXfrSvc (a25b431cfa6349d024b02b36feb1a02d) C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
19:35:01.0522 7436 arXfrSvc - ok
19:35:01.0569 7436 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:35:01.0569 7436 AsyncMac - ok
19:35:01.0616 7436 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:35:01.0616 7436 atapi - ok
19:35:01.0756 7436 athrusb (788914c42ad8318f1dd7a565eaffb049) C:\Windows\system32\DRIVERS\athrxusb.sys
19:35:01.0788 7436 athrusb - ok
19:35:01.0881 7436 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:35:01.0897 7436 AudioEndpointBuilder - ok
19:35:01.0912 7436 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:35:01.0912 7436 AudioSrv - ok
19:35:02.0302 7436 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
19:35:02.0365 7436 AVGIDSAgent - ok
19:35:02.0427 7436 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:35:02.0443 7436 avgwd - ok
19:35:02.0630 7436 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:35:02.0630 7436 AxInstSV - ok
19:35:02.0755 7436 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:35:02.0786 7436 b06bdrv - ok
19:35:02.0880 7436 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:35:02.0895 7436 b57nd60a - ok
19:35:03.0238 7436 BackupService (68b86dd9d455a6a8de6d13c84fb5ce31) C:\Users\dooley\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
19:35:03.0238 7436 BackupService - ok
19:35:03.0316 7436 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:35:03.0316 7436 BDESVC - ok
19:35:03.0332 7436 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:35:03.0332 7436 Beep - ok
19:35:03.0441 7436 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:35:03.0457 7436 BFE - ok
19:35:03.0535 7436 BGTAGps (899b897f2d20485838e3fd74f116fb21) C:\Windows\system32\DRIVERS\Cobra_GPSx64.sys
19:35:03.0535 7436 BGTAGps - ok
19:35:03.0644 7436 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
19:35:03.0675 7436 BITS - ok
19:35:03.0738 7436 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:35:03.0738 7436 blbdrive - ok
19:35:03.0862 7436 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:35:03.0862 7436 Bonjour Service - ok
19:35:03.0909 7436 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:35:03.0909 7436 bowser - ok
19:35:03.0956 7436 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:35:03.0956 7436 BrFiltLo - ok
19:35:03.0972 7436 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:35:03.0972 7436 BrFiltUp - ok
19:35:04.0018 7436 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:35:04.0034 7436 BridgeMP - ok
19:35:04.0096 7436 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:35:04.0112 7436 Browser - ok
19:35:04.0128 7436 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:35:04.0143 7436 Brserid - ok
19:35:04.0159 7436 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:35:04.0159 7436 BrSerWdm - ok
19:35:04.0159 7436 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:35:04.0159 7436 BrUsbMdm - ok
19:35:04.0174 7436 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:35:04.0174 7436 BrUsbSer - ok
19:35:04.0237 7436 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:35:04.0237 7436 BTHMODEM - ok
19:35:04.0315 7436 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:35:04.0315 7436 bthserv - ok
19:35:04.0455 7436 catchme - ok
19:35:04.0502 7436 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:35:04.0502 7436 cdfs - ok
19:35:04.0580 7436 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:35:04.0596 7436 cdrom - ok
19:35:04.0658 7436 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:35:04.0658 7436 CertPropSvc - ok
19:35:04.0689 7436 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:35:04.0689 7436 circlass - ok
19:35:04.0720 7436 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:35:04.0736 7436 CLFS - ok
19:35:04.0861 7436 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:35:04.0861 7436 clr_optimization_v2.0.50727_32 - ok
19:35:04.0954 7436 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:35:04.0954 7436 clr_optimization_v2.0.50727_64 - ok
19:35:05.0032 7436 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:35:05.0048 7436 clr_optimization_v4.0.30319_32 - ok
19:35:05.0079 7436 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:35:05.0095 7436 clr_optimization_v4.0.30319_64 - ok
19:35:05.0126 7436 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:35:05.0126 7436 CmBatt - ok
19:35:05.0173 7436 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:35:05.0173 7436 cmdide - ok
19:35:05.0251 7436 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:35:05.0251 7436 CNG - ok
19:35:05.0266 7436 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:35:05.0282 7436 Compbatt - ok
19:35:05.0329 7436 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:35:05.0344 7436 CompositeBus - ok
19:35:05.0360 7436 COMSysApp - ok
19:35:05.0376 7436 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:35:05.0376 7436 crcdisk - ok
19:35:05.0438 7436 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:35:05.0454 7436 CryptSvc - ok
19:35:05.0532 7436 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:35:05.0532 7436 DcomLaunch - ok
19:35:05.0610 7436 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:35:05.0625 7436 defragsvc - ok
19:35:05.0688 7436 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:35:05.0688 7436 DfsC - ok
19:35:05.0750 7436 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys
19:35:05.0750 7436 DgiVecp - ok
19:35:05.0828 7436 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:35:05.0844 7436 Dhcp - ok
19:35:05.0859 7436 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:35:05.0859 7436 discache - ok
19:35:05.0906 7436 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:35:05.0906 7436 Disk - ok
19:35:05.0953 7436 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:35:05.0968 7436 Dnscache - ok
19:35:06.0031 7436 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:35:06.0031 7436 dot3svc - ok
19:35:06.0093 7436 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
19:35:06.0109 7436 Dot4 - ok
19:35:06.0156 7436 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
19:35:06.0156 7436 Dot4Print - ok
19:35:06.0187 7436 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
19:35:06.0202 7436 dot4usb - ok
19:35:06.0265 7436 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:35:06.0265 7436 DPS - ok
19:35:06.0343 7436 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:35:06.0343 7436 drmkaud - ok
19:35:06.0436 7436 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:35:06.0468 7436 DXGKrnl - ok
19:35:06.0499 7436 EagleX64 - ok
19:35:06.0561 7436 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:35:06.0561 7436 EapHost - ok
19:35:06.0780 7436 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:35:06.0842 7436 ebdrv - ok
19:35:07.0029 7436 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:35:07.0029 7436 EFS - ok
19:35:07.0154 7436 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:35:07.0170 7436 ehRecvr - ok
19:35:07.0232 7436 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:35:07.0232 7436 ehSched - ok
19:35:07.0372 7436 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:35:07.0388 7436 elxstor - ok
19:35:07.0435 7436 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:35:07.0435 7436 ErrDev - ok
19:35:07.0606 7436 esClient (2e18621a748b44d426b3f088f710e34f) C:\Program Files\Windows Home Server\esClient.exe
19:35:07.0622 7436 esClient - ok
19:35:07.0700 7436 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:35:07.0716 7436 EventSystem - ok
19:35:07.0747 7436 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:35:07.0747 7436 exfat - ok
19:35:07.0778 7436 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:35:07.0794 7436 fastfat - ok
19:35:07.0872 7436 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:35:07.0887 7436 Fax - ok
19:35:07.0903 7436 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:35:07.0903 7436 fdc - ok
19:35:07.0918 7436 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:35:07.0918 7436 fdPHost - ok
19:35:07.0934 7436 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:35:07.0934 7436 FDResPub - ok
19:35:07.0950 7436 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:35:07.0950 7436 FileInfo - ok
19:35:07.0965 7436 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:35:07.0965 7436 Filetrace - ok
19:35:07.0965 7436 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:35:07.0981 7436 flpydisk - ok
19:35:08.0043 7436 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:35:08.0043 7436 FltMgr - ok
19:35:08.0152 7436 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:35:08.0184 7436 FontCache - ok
19:35:08.0402 7436 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:35:08.0402 7436 FontCache3.0.0.0 - ok
19:35:08.0792 7436 FreeAgentGoNext Service (81b4a2c6c9bd17ffb6031a0a61c09764) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
19:35:08.0792 7436 FreeAgentGoNext Service - ok
19:35:08.0979 7436 FreeAgentTheater Service (1acbbc5f1198c34be461f7f4e29d5a68) C:\Program Files (x86)\Seagate\Seagate_Media\Sync\MediaAggreService.exe
19:35:08.0995 7436 FreeAgentTheater Service - ok
19:35:09.0166 7436 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:35:09.0166 7436 FsDepends - ok
19:35:09.0213 7436 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:35:09.0213 7436 Fs_Rec - ok
19:35:09.0276 7436 FTDIBUS (ed07200cff78facfb66ebb0b89f503a4) C:\Windows\system32\drivers\ftdibus.sys
19:35:09.0276 7436 FTDIBUS - ok
19:35:09.0291 7436 FTSER2K (9980e7584484a009e77e9bfa14c0c18a) C:\Windows\system32\drivers\ftser2k.sys
19:35:09.0307 7436 FTSER2K - ok
19:35:09.0385 7436 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:35:09.0400 7436 fvevol - ok
19:35:09.0447 7436 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:35:09.0463 7436 gagp30kx - ok
19:35:09.0494 7436 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:35:09.0494 7436 GEARAspiWDM - ok
19:35:09.0588 7436 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:35:09.0603 7436 gpsvc - ok
19:35:09.0806 7436 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:35:09.0822 7436 gupdate - ok
19:35:09.0853 7436 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:35:09.0853 7436 gupdatem - ok
19:35:09.0915 7436 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:35:09.0931 7436 gusvc - ok
19:35:09.0946 7436 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:35:09.0946 7436 hcw85cir - ok
19:35:10.0009 7436 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:35:10.0009 7436 HDAudBus - ok
19:35:10.0024 7436 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:35:10.0024 7436 HidBatt - ok
19:35:10.0040 7436 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:35:10.0056 7436 HidBth - ok
19:35:10.0071 7436 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:35:10.0071 7436 HidIr - ok
19:35:10.0134 7436 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
19:35:10.0134 7436 hidserv - ok
19:35:10.0196 7436 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:35:10.0196 7436 HidUsb - ok
19:35:10.0243 7436 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:35:10.0258 7436 hkmsvc - ok
19:35:10.0336 7436 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:35:10.0336 7436 HomeGroupListener - ok
19:35:10.0399 7436 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:35:10.0414 7436 HomeGroupProvider - ok
19:35:10.0492 7436 HP Health Check Service (aa9ef0b395097f24d289f64445b2fd2e) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
19:35:10.0492 7436 HP Health Check Service - ok
19:35:10.0695 7436 HPMSSConnectorSvc (4092496c2e1b1438665b086548512b13) C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe
19:35:10.0695 7436 HPMSSConnectorSvc - ok
19:35:10.0804 7436 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:35:10.0820 7436 hpqcxs08 - ok
19:35:10.0836 7436 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:35:10.0836 7436 hpqddsvc - ok
19:35:10.0898 7436 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:35:10.0898 7436 HpSAMD - ok
19:35:11.0007 7436 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:35:11.0038 7436 HPSLPSVC - ok
19:35:11.0132 7436 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:35:11.0163 7436 HTTP - ok
19:35:11.0210 7436 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:35:11.0210 7436 hwpolicy - ok
19:35:11.0257 7436 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:35:11.0257 7436 i8042prt - ok
19:35:11.0335 7436 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:35:11.0350 7436 iaStorV - ok
19:35:11.0553 7436 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:35:11.0553 7436 IDriverT - ok
19:35:11.0787 7436 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:35:11.0803 7436 idsvc - ok
19:35:11.0990 7436 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:35:11.0990 7436 iirsp - ok
19:35:12.0068 7436 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:35:12.0099 7436 IKEEXT - ok
19:35:12.0271 7436 IntcAzAudAddService (bfbabcb231628a4551dbb10d0ea25d62) C:\Windows\system32\drivers\RTKVHD64.sys
19:35:12.0302 7436 IntcAzAudAddService - ok
19:35:12.0442 7436 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:35:12.0442 7436 intelide - ok
19:35:12.0458 7436 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:35:12.0458 7436 intelppm - ok
19:35:12.0614 7436 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
19:35:12.0614 7436 IntuitUpdateService - ok
19:35:12.0754 7436 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
19:35:12.0754 7436 IntuitUpdateServiceV4 - ok
19:35:12.0832 7436 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:35:12.0848 7436 IPBusEnum - ok
19:35:12.0895 7436 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:35:12.0895 7436 IpFilterDriver - ok
19:35:12.0988 7436 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:35:13.0020 7436 iphlpsvc - ok
19:35:13.0066 7436 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:35:13.0066 7436 IPMIDRV - ok
19:35:13.0082 7436 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:35:13.0082 7436 IPNAT - ok
19:35:13.0269 7436 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:35:13.0285 7436 iPod Service - ok
19:35:13.0347 7436 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:35:13.0347 7436 IRENUM - ok
19:35:13.0363 7436 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:35:13.0363 7436 isapnp - ok
19:35:13.0425 7436 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:35:13.0425 7436 iScsiPrt - ok
19:35:13.0612 7436 iWinTrusted (fe1a970e7ce330bb844e333c374c6599) C:\Program Files (x86)\iWin Games\iWinTrusted.exe
19:35:13.0628 7436 iWinTrusted - ok
19:35:13.0659 7436 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:35:13.0675 7436 kbdclass - ok
19:35:13.0768 7436 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:35:13.0768 7436 kbdhid - ok
19:35:13.0815 7436 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:35:13.0815 7436 KeyIso - ok
19:35:13.0831 7436 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:35:13.0831 7436 KSecDD - ok
19:35:13.0862 7436 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:35:13.0862 7436 KSecPkg - ok
19:35:13.0878 7436 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:35:13.0878 7436 ksthunk - ok
19:35:13.0940 7436 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:35:13.0956 7436 KtmRm - ok
19:35:14.0018 7436 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
19:35:14.0018 7436 LanmanServer - ok
19:35:14.0080 7436 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:35:14.0080 7436 LanmanWorkstation - ok
19:35:14.0158 7436 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:35:14.0158 7436 lltdio - ok
19:35:14.0205 7436 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:35:14.0221 7436 lltdsvc - ok
19:35:14.0236 7436 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:35:14.0252 7436 lmhosts - ok
19:35:14.0299 7436 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:35:14.0299 7436 LSI_FC - ok
19:35:14.0330 7436 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:35:14.0330 7436 LSI_SAS - ok
19:35:14.0346 7436 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:35:14.0361 7436 LSI_SAS2 - ok
19:35:14.0377 7436 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:35:14.0392 7436 LSI_SCSI - ok
19:35:14.0439 7436 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:35:14.0439 7436 luafv - ok
19:35:14.0517 7436 LVRS64 (986c1cb787a007baa5f74e7d316d7246) C:\Windows\system32\DRIVERS\lvrs64.sys
19:35:14.0533 7436 LVRS64 - ok
19:35:14.0923 7436 LVUVC64 (5747bc465abea2858c5d037252aed84e) C:\Windows\system32\DRIVERS\lvuvc64.sys
19:35:14.0985 7436 LVUVC64 - ok
19:35:15.0172 7436 MCSTRM - ok
19:35:15.0219 7436 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:35:15.0235 7436 Mcx2Svc - ok
19:35:15.0406 7436 MediaCollectorService (75e31d760ff9a57da66cb2e336c40316) C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe
19:35:15.0406 7436 MediaCollectorService - ok
19:35:15.0453 7436 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:35:15.0453 7436 megasas - ok
19:35:15.0484 7436 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:35:15.0500 7436 MegaSR - ok
19:35:15.0703 7436 MemeoBackgroundService (5757f4347b2ed82ee13dd45d0f4829c3) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
19:35:15.0703 7436 MemeoBackgroundService - ok
19:35:15.0765 7436 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:35:15.0765 7436 MMCSS - ok
19:35:15.0781 7436 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:35:15.0781 7436 Modem - ok
19:35:15.0828 7436 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:35:15.0828 7436 monitor - ok
19:35:15.0890 7436 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
19:35:15.0890 7436 mouclass - ok
19:35:15.0890 7436 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:35:15.0906 7436 mouhid - ok
19:35:15.0952 7436 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:35:15.0952 7436 mountmgr - ok
19:35:16.0030 7436 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:35:16.0046 7436 MozillaMaintenance - ok
19:35:16.0140 7436 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:35:16.0140 7436 MpFilter - ok
19:35:16.0202 7436 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:35:16.0202 7436 mpio - ok
19:35:16.0233 7436 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:35:16.0233 7436 mpsdrv - ok
19:35:16.0327 7436 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:35:16.0342 7436 MpsSvc - ok
19:35:16.0389 7436 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:35:16.0405 7436 MRxDAV - ok
19:35:16.0467 7436 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:35:16.0467 7436 mrxsmb - ok
19:35:16.0545 7436 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:35:16.0545 7436 mrxsmb10 - ok
19:35:16.0576 7436 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:35:16.0576 7436 mrxsmb20 - ok
19:35:16.0639 7436 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:35:16.0639 7436 msahci - ok
19:35:16.0857 7436 MSCSPTISRV (3421b35e19f63c0e6bb326aaf59e4634) C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
19:35:16.0873 7436 MSCSPTISRV - ok
19:35:16.0888 7436 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:35:16.0904 7436 msdsm - ok
19:35:16.0951 7436 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:35:16.0966 7436 MSDTC - ok
19:35:16.0982 7436 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:35:16.0982 7436 Msfs - ok
19:35:16.0998 7436 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:35:16.0998 7436 mshidkmdf - ok
19:35:17.0013 7436 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:35:17.0013 7436 msisadrv - ok
19:35:17.0076 7436 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:35:17.0091 7436 MSiSCSI - ok
19:35:17.0091 7436 msiserver - ok
19:35:17.0154 7436 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:35:17.0154 7436 MSKSSRV - ok
19:35:17.0232 7436 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:35:17.0232 7436 MsMpSvc - ok
19:35:17.0278 7436 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:35:17.0278 7436 MSPCLOCK - ok
19:35:17.0294 7436 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:35:17.0294 7436 MSPQM - ok
19:35:17.0372 7436 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:35:17.0372 7436 MsRPC - ok
19:35:17.0403 7436 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:35:17.0403 7436 mssmbios - ok
19:35:17.0450 7436 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:35:17.0450 7436 MSTEE - ok
19:35:17.0466 7436 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:35:17.0466 7436 MTConfig - ok
19:35:17.0528 7436 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:35:17.0528 7436 Mup - ok
19:35:17.0606 7436 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:35:17.0622 7436 napagent - ok
19:35:17.0684 7436 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:35:17.0700 7436 NativeWifiP - ok
19:35:17.0793 7436 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:35:17.0809 7436 NDIS - ok
19:35:17.0871 7436 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:35:17.0871 7436 NdisCap - ok
19:35:17.0918 7436 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:35:17.0918 7436 NdisTapi - ok
19:35:17.0980 7436 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:35:17.0980 7436 Ndisuio - ok
19:35:18.0043 7436 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:35:18.0043 7436 NdisWan - ok
19:35:18.0105 7436 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:35:18.0121 7436 NDProxy - ok
19:35:18.0214 7436 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
19:35:18.0214 7436 Net Driver HPZ12 - ok
19:35:18.0261 7436 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:35:18.0261 7436 NetBIOS - ok
19:35:18.0339 7436 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:35:18.0339 7436 NetBT - ok
19:35:18.0386 7436 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:35:18.0402 7436 Netlogon - ok
19:35:18.0480 7436 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:35:18.0495 7436 Netman - ok
19:35:18.0526 7436 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:35:18.0558 7436 netprofm - ok
19:35:18.0682 7436 netr28ux (c9e9017ac2291e96ed3376b72bc7cf8d) C:\Windows\system32\DRIVERS\netr28ux.sys
19:35:18.0698 7436 netr28ux - ok
19:35:19.0104 7436 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:35:19.0104 7436 NetTcpPortSharing - ok
19:35:19.0166 7436 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:35:19.0166 7436 nfrd960 - ok
19:35:19.0213 7436 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:35:19.0228 7436 NisDrv - ok
19:35:19.0353 7436 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:35:19.0369 7436 NisSrv - ok
19:35:19.0462 7436 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:35:19.0478 7436 NlaSvc - ok
19:35:19.0494 7436 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:35:19.0494 7436 Npfs - ok
19:35:19.0540 7436 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:35:19.0540 7436 nsi - ok
19:35:19.0556 7436 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:35:19.0556 7436 nsiproxy - ok
19:35:19.0681 7436 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:35:19.0712 7436 Ntfs - ok
19:35:19.0899 7436 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:35:19.0899 7436 Null - ok
19:35:19.0977 7436 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
19:35:19.0993 7436 NVENETFD - ok
19:35:20.0601 7436 nvlddmkm (1d135cc25b5ac1b9d2b6004d9de28df3) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:35:20.0788 7436 nvlddmkm - ok
19:35:21.0007 7436 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
19:35:21.0022 7436 NVNET - ok
19:35:21.0100 7436 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:35:21.0100 7436 nvraid - ok
19:35:21.0163 7436 nvrd64 (78b96ec0352c6bb4788ebc200a2cadbf) C:\Windows\system32\DRIVERS\nvrd64.sys
19:35:21.0163 7436 nvrd64 - ok
19:35:21.0210 7436 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys
19:35:21.0210 7436 nvsmu - ok
19:35:21.0272 7436 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:35:21.0288 7436 nvstor - ok
19:35:21.0319 7436 nvstor64 (4d9aba962d7ece81866f96d5f69fb2b8) C:\Windows\system32\DRIVERS\nvstor64.sys
19:35:21.0334 7436 nvstor64 - ok
19:35:21.0366 7436 nvsvc (9dfc3de793a130592a5a579d611d412e) C:\Windows\system32\nvvsvc.exe
19:35:21.0381 7436 nvsvc - ok
19:35:21.0397 7436 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:35:21.0412 7436 nv_agp - ok
19:35:21.0568 7436 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:35:21.0584 7436 odserv - ok
19:35:21.0646 7436 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:35:21.0646 7436 ohci1394 - ok
19:35:21.0709 7436 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:35:21.0709 7436 ose - ok
19:35:21.0787 7436 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:35:21.0802 7436 p2pimsvc - ok
19:35:21.0865 7436 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:35:21.0896 7436 p2psvc - ok
19:35:22.0052 7436 PACSPTISVR (3a5dcd91483821e4cf3cf294dab6e56b) C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
19:35:22.0052 7436 PACSPTISVR - ok
19:35:22.0099 7436 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:35:22.0099 7436 Parport - ok
19:35:22.0146 7436 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:35:22.0161 7436 partmgr - ok
19:35:22.0177 7436 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:35:22.0177 7436 PcaSvc - ok
19:35:22.0255 7436 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:35:22.0255 7436 pci - ok
19:35:22.0270 7436 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:35:22.0270 7436 pciide - ok
19:35:22.0302 7436 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:35:22.0302 7436 pcmcia - ok
19:35:22.0364 7436 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
19:35:22.0364 7436 pcouffin - ok
19:35:22.0411 7436 Pcouffin64 (8b45fc1eb90119d9ef46b46a89864189) C:\Windows\system32\Drivers\pcouffin64a.sys
19:35:22.0411 7436 Pcouffin64 - ok
19:35:22.0442 7436 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:35:22.0442 7436 pcw - ok
19:35:22.0489 7436 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:35:22.0489 7436 PEAUTH - ok
19:35:22.0645 7436 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:35:22.0645 7436 PerfHost - ok
19:35:22.0863 7436 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:35:22.0926 7436 pla - ok
19:35:22.0988 7436 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:35:23.0004 7436 PlugPlay - ok
19:35:23.0082 7436 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
19:35:23.0082 7436 Pml Driver HPZ12 - ok
19:35:23.0144 7436 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:35:23.0144 7436 PNRPAutoReg - ok
19:35:23.0175 7436 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:35:23.0175 7436 PNRPsvc - ok
19:35:23.0222 7436 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:35:23.0238 7436 PolicyAgent - ok
19:35:23.0300 7436 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:35:23.0316 7436 Power - ok
19:35:23.0425 7436 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:35:23.0440 7436 PptpMiniport - ok
19:35:23.0487 7436 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:35:23.0487 7436 Processor - ok
19:35:23.0550 7436 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:35:23.0550 7436 ProfSvc - ok
19:35:23.0612 7436 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:35:23.0612 7436 ProtectedStorage - ok
19:35:23.0674 7436 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:35:23.0690 7436 Psched - ok
19:35:23.0737 7436 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
19:35:23.0737 7436 PxHlpa64 - ok
19:35:23.0862 7436 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:35:23.0908 7436 ql2300 - ok
19:35:24.0049 7436 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:35:24.0064 7436 ql40xx - ok
19:35:24.0158 7436 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:35:24.0174 7436 QWAVE - ok
19:35:24.0189 7436 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:35:24.0189 7436 QWAVEdrv - ok
19:35:24.0376 7436 RalinkRegistryWriter (d319343661f7febfb6f43c453c26e779) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
19:35:24.0392 7436 RalinkRegistryWriter - ok
19:35:24.0423 7436 RalinkRegistryWriter64 (c0e618f5a0d643f71fdd96cdc0c561c3) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
19:35:24.0423 7436 RalinkRegistryWriter64 - ok
19:35:24.0439 7436 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:35:24.0439 7436 RasAcd - ok
19:35:24.0501 7436 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:35:24.0517 7436 RasAgileVpn - ok
19:35:24.0532 7436 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:35:24.0548 7436 RasAuto - ok
19:35:24.0595 7436 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:35:24.0610 7436 Rasl2tp - ok
19:35:24.0673 7436 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:35:24.0673 7436 RasMan - ok
19:35:24.0688 7436 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:35:24.0704 7436 RasPppoe - ok
19:35:24.0751 7436 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:35:24.0766 7436 RasSstp - ok
19:35:24.0829 7436 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:35:24.0844 7436 rdbss - ok
19:35:24.0844 7436 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:35:24.0844 7436 rdpbus - ok
19:35:24.0860 7436 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:35:24.0860 7436 RDPCDD - ok
19:35:24.0922 7436 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:35:24.0922 7436 RDPENCDD - ok
19:35:24.0938 7436 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:35:24.0938 7436 RDPREFMP - ok
19:35:24.0985 7436 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:35:25.0000 7436 RDPWD - ok
19:35:25.0047 7436 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:35:25.0063 7436 rdyboost - ok
19:35:25.0110 7436 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:35:25.0125 7436 RemoteAccess - ok
19:35:25.0141 7436 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:35:25.0156 7436 RemoteRegistry - ok
19:35:25.0406 7436 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
19:35:25.0437 7436 RoxMediaDB10 - ok
19:35:25.0593 7436 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:35:25.0609 7436 RpcEptMapper - ok
19:35:25.0656 7436 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:35:25.0656 7436 RpcLocator - ok
19:35:25.0734 7436 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:35:25.0734 7436 RpcSs - ok
19:35:25.0827 7436 RRNetCap (2abd2b3ba2ef0c3ba82284c2a5e28675) C:\Windows\system32\DRIVERS\rrnetcap.sys
19:35:25.0827 7436 RRNetCap - ok
19:35:25.0858 7436 RRNetCapMP (2abd2b3ba2ef0c3ba82284c2a5e28675) C:\Windows\system32\DRIVERS\rrnetcap.sys
19:35:25.0858 7436 RRNetCapMP - ok
19:35:25.0905 7436 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:35:25.0905 7436 rspndr - ok
19:35:25.0921 7436 rsvcdwdr (c8d0ca461d647165dd5c8de1ff5ea822) C:\Windows\system32\DRIVERS\rsvcdwdr.sys
19:35:25.0921 7436 rsvcdwdr - ok
19:35:25.0968 7436 RxFilter - ok
19:35:26.0014 7436 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:35:26.0014 7436 SamSs - ok
19:35:26.0046 7436 Samsung UPD Service (c259a8b9bcd38988bd71f8f9c9927cdb) C:\Windows\System32\SUPDSvc.exe
19:35:26.0061 7436 Samsung UPD Service - ok
19:35:26.0108 7436 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:35:26.0108 7436 sbp2port - ok
19:35:26.0139 7436 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:35:26.0155 7436 SCardSvr - ok
19:35:26.0202 7436 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:35:26.0217 7436 scfilter - ok
19:35:26.0311 7436 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:35:26.0342 7436 Schedule - ok
19:35:26.0389 7436 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:35:26.0389 7436 SCPolicySvc - ok
19:35:26.0451 7436 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:35:26.0467 7436 SDRSVC - ok
19:35:26.0654 7436 SeagateDashboardService (4ac81391f3cb5ccf5daac23f9e18295b) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
19:35:26.0654 7436 SeagateDashboardService - ok
19:35:26.0750 7436 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:35:26.0766 7436 secdrv - ok
19:35:26.0797 7436 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:35:26.0813 7436 seclogon - ok
19:35:26.0859 7436 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
19:35:26.0859 7436 SENS - ok
19:35:26.0906 7436 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:35:26.0922 7436 SensrSvc - ok
19:35:26.0937 7436 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:35:26.0937 7436 Serenum - ok
19:35:26.0953 7436 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:35:26.0953 7436 Serial - ok
19:35:27.0015 7436 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:35:27.0015 7436 sermouse - ok
19:35:27.0109 7436 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:35:27.0109 7436 SessionEnv - ok
19:35:27.0156 7436 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:35:27.0156 7436 sffdisk - ok
19:35:27.0171 7436 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:35:27.0171 7436 sffp_mmc - ok
19:35:27.0187 7436 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:35:27.0187 7436 sffp_sd - ok
19:35:27.0187 7436 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:35:27.0203 7436 sfloppy - ok
19:35:27.0281 7436 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:35:27.0296 7436 SharedAccess - ok
19:35:27.0359 7436 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:35:27.0374 7436 ShellHWDetection - ok
19:35:27.0421 7436 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:35:27.0421 7436 SiSRaid2 - ok
19:35:27.0437 7436 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:35:27.0437 7436 SiSRaid4 - ok
19:35:27.0499 7436 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:35:27.0499 7436 Smb - ok
19:35:27.0561 7436 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:35:27.0561 7436 SNMPTRAP - ok
19:35:27.0577 7436 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:35:27.0577 7436 spldr - ok
19:35:27.0624 7436 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:35:27.0639 7436 Spooler - ok
19:35:27.0873 7436 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:35:27.0936 7436 sppsvc - ok
19:35:28.0061 7436 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:35:28.0076 7436 sppuinotify - ok
19:35:28.0217 7436 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\System32\Drivers\sptd.sys
19:35:28.0248 7436 sptd - ok
19:35:28.0466 7436 SPTISRV (09eedfd8e748dcfd742ec37638c99a59) C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
19:35:28.0466 7436 SPTISRV - ok
19:35:28.0544 7436 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:35:28.0560 7436 srv - ok
19:35:28.0591 7436 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:35:28.0591 7436 srv2 - ok
19:35:28.0622 7436 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:35:28.0622 7436 srvnet - ok
19:35:28.0685 7436 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:35:28.0685 7436 SSDPSRV - ok
19:35:28.0731 7436 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
19:35:28.0747 7436 SSPORT - ok
19:35:28.0825 7436 SSScsiSV (f5e903dc33898d1c8a15626bd1964de3) C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe
19:35:28.0825 7436 SSScsiSV - ok
19:35:28.0841 7436 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:35:28.0856 7436 SstpSvc - ok
19:35:28.0919 7436 Stereo Service (29662881a46db66730c62a4f1bfa3dc2) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:35:28.0934 7436 Stereo Service - ok
19:35:28.0981 7436 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:35:28.0981 7436 stexstor - ok
19:35:29.0043 7436 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
19:35:29.0043 7436 StillCam - ok
19:35:29.0121 7436 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:35:29.0137 7436 stisvc - ok
19:35:29.0231 7436 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:35:29.0231 7436 stllssvr - ok
19:35:29.0293 7436 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:35:29.0293 7436 swenum - ok
19:35:29.0324 7436 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:35:29.0340 7436 swprv - ok
19:35:29.0480 7436 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:35:29.0511 7436 SysMain - ok
19:35:29.0683 7436 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:35:29.0699 7436 TabletInputService - ok
19:35:29.0761 7436 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:35:29.0761 7436 TapiSrv - ok
19:35:29.0839 7436 tbhsd (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
19:35:29.0839 7436 tbhsd - ok
19:35:29.0886 7436 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:35:29.0901 7436 TBS - ok
19:35:30.0057 7436 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:35:30.0073 7436 Tcpip - ok
19:35:30.0229 7436 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:35:30.0245 7436 TCPIP6 - ok
19:35:30.0323 7436 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:35:30.0323 7436 tcpipreg - ok
19:35:30.0385 7436 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:35:30.0385 7436 TDPIPE - ok
19:35:30.0432 7436 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:35:30.0447 7436 TDTCP - ok
19:35:30.0494 7436 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:35:30.0510 7436 tdx - ok
19:35:30.0557 7436 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:35:30.0557 7436 TermDD - ok
19:35:30.0635 7436 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:35:30.0666 7436 TermService - ok
19:35:30.0728 7436 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:35:30.0744 7436 Themes - ok
19:35:30.0775 7436 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:35:30.0791 7436 THREADORDER - ok
19:35:30.0853 7436 TIEHDUSB (199c2e87d9a5ec58d0bcd94e893bf629) C:\Windows\system32\DRIVERS\tiehdusb.sys
19:35:30.0869 7436 TIEHDUSB - ok
19:35:30.0900 7436 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:35:30.0900 7436 TrkWks - ok
19:35:31.0009 7436 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:35:31.0009 7436 TrustedInstaller - ok
19:35:31.0071 7436 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:35:31.0071 7436 tssecsrv - ok
19:35:31.0134 7436 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:35:31.0134 7436 TsUsbFlt - ok
19:35:31.0196 7436 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:35:31.0212 7436 tunnel - ok
19:35:31.0259 7436 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:35:31.0274 7436 uagp35 - ok
19:35:31.0337 7436 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:35:31.0352 7436 udfs - ok
19:35:31.0383 7436 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:35:31.0383 7436 UI0Detect - ok
19:35:31.0430 7436 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:35:31.0446 7436 uliagpkx - ok
19:35:31.0493 7436 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:35:31.0493 7436 umbus - ok
19:35:31.0539 7436 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:35:31.0539 7436 UmPass - ok
19:35:31.0571 7436 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:35:31.0571 7436 upnphost - ok
19:35:31.0664 7436 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:35:31.0664 7436 USBAAPL64 - ok
19:35:31.0680 7436 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:35:31.0680 7436 usbaudio - ok
19:35:31.0711 7436 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:35:31.0727 7436 usbccgp - ok
19:35:31.0773 7436 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:35:31.0773 7436 usbcir - ok
19:35:31.0789 7436 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:35:31.0789 7436 usbehci - ok
19:35:31.0820 7436 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:35:31.0836 7436 usbhub - ok
19:35:31.0851 7436 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
19:35:31.0851 7436 usbohci - ok
19:35:31.0883 7436 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:35:31.0883 7436 usbprint - ok
19:35:31.0945 7436 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:35:31.0945 7436 usbscan - ok
19:35:31.0961 7436 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:35:31.0976 7436 USBSTOR - ok
19:35:31.0992 7436 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:35:31.0992 7436 usbuhci - ok
19:35:32.0039 7436 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:35:32.0039 7436 UxSms - ok
19:35:32.0288 7436 VAIO Entertainment TV Device Arbitration Service (fb1a8f8cbd361fc1f0d144d5018c97f3) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
19:35:32.0288 7436 VAIO Entertainment TV Device Arbitration Service - ok
19:35:32.0553 7436 VAIOMediaPlatform-IntegratedServer-AppServer (42cdded334d0f7e7e2558a4b4b36dd8b) C:\Program Files (x86)\Sony\VAIO Media Integrated Server\VMISrv.exe
19:35:32.0600 7436 VAIOMediaPlatform-IntegratedServer-AppServer - ok
19:35:32.0678 7436 VAIOMediaPlatform-IntegratedServer-HTTP (56e33aaa46cba8431e72486196afb3a1) C:\Program Files (x86)\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
19:35:32.0694 7436 VAIOMediaPlatform-IntegratedServer-HTTP - ok
19:35:32.0787 7436 VAIOMediaPlatform-IntegratedServer-UPnP (76ffd36fa9a7156f9537d8ad351839e9) C:\Program Files (x86)\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
19:35:32.0803 7436 VAIOMediaPlatform-IntegratedServer-UPnP - ok
19:35:32.0990 7436 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:35:32.0990 7436 VaultSvc - ok
19:35:33.0021 7436 Vcsw - ok
19:35:33.0115 7436 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:35:33.0115 7436 vdrvroot - ok
19:35:33.0193 7436 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:35:33.0224 7436 vds - ok
19:35:33.0271 7436 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:35:33.0271 7436 vga - ok
19:35:33.0318 7436 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:35:33.0318 7436 VgaSave - ok
19:35:33.0380 7436 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:35:33.0380 7436 vhdmp - ok
19:35:33.0411 7436 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:35:33.0411 7436 viaide - ok
19:35:33.0536 7436 Virtual CDAudio Service (a4efb6ef401d79ce60d5d25a2c638dc1) C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe
19:35:33.0552 7436 Virtual CDAudio Service - ok
19:35:33.0567 7436 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:35:33.0567 7436 volmgr - ok
19:35:33.0645 7436 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:35:33.0645 7436 volmgrx - ok
19:35:33.0677 7436 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:35:33.0677 7436 volsnap - ok
19:35:33.0739 7436 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:35:33.0755 7436 vsmraid - ok
19:35:33.0895 7436 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:35:33.0942 7436 VSS - ok
19:35:34.0129 7436 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:35:34.0129 7436 vwifibus - ok
19:35:34.0176 7436 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:35:34.0191 7436 vwififlt - ok
19:35:34.0379 7436 VzCdbSvc (af9ebc7cf22a18e2369346067f555953) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
19:35:34.0379 7436 VzCdbSvc - ok
19:35:34.0410 7436 VzFw (37d04941a5b52027ee32d2685f0f72ba) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
19:35:34.0425 7436 VzFw - ok
19:35:34.0488 7436 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:35:34.0488 7436 W32Time - ok
19:35:34.0519 7436 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:35:34.0519 7436 WacomPen - ok
19:35:34.0581 7436 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:35:34.0597 7436 WANARP - ok
19:35:34.0613 7436 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:35:34.0613 7436 Wanarpv6 - ok
19:35:34.0675 7436 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys
19:35:34.0675 7436 wanatw - ok
19:35:34.0815 7436 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:35:34.0847 7436 WatAdminSvc - ok
19:35:34.0987 7436 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:35:35.0049 7436 wbengine - ok
19:35:35.0237 7436 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:35:35.0252 7436 WbioSrvc - ok
19:35:35.0330 7436 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:35:35.0330 7436 wcncsvc - ok
19:35:35.0346 7436 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:35:35.0361 7436 WcsPlugInService - ok
19:35:35.0455 7436 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:35:35.0455 7436 Wd - ok
19:35:35.0502 7436 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:35:35.0517 7436 Wdf01000 - ok
19:35:35.0533 7436 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:35:35.0533 7436 WdiServiceHost - ok
19:35:35.0549 7436 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:35:35.0549 7436 WdiSystemHost - ok
19:35:35.0611 7436 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:35:35.0627 7436 WebClient - ok
19:35:35.0642 7436 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:35:35.0658 7436 Wecsvc - ok
19:35:35.0673 7436 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:35:35.0689 7436 wercplsupport - ok
19:35:35.0736 7436 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:35:35.0751 7436 WerSvc - ok
19:35:35.0798 7436 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:35:35.0798 7436 WfpLwf - ok
19:35:35.0970 7436 WHSConnector (236ecaf0e14b39a71de14f756b0ebdd5) C:\Program Files\Windows Home Server\WHSConnector.exe
19:35:35.0985 7436 WHSConnector - ok
19:35:36.0001 7436 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:35:36.0001 7436 WIMMount - ok
19:35:36.0110 7436 WinDefend - ok
19:35:36.0110 7436 WinHttpAutoProxySvc - ok
19:35:36.0219 7436 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:35:36.0235 7436 Winmgmt - ok
19:35:36.0391 7436 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:35:36.0422 7436 WinRM - ok
19:35:36.0641 7436 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:35:36.0641 7436 WinUsb - ok
19:35:36.0734 7436 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:35:36.0765 7436 Wlansvc - ok
19:35:36.0968 7436 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:35:36.0999 7436 wlidsvc - ok
19:35:37.0124 7436 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:35:37.0124 7436 WmiAcpi - ok
19:35:37.0233 7436 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:35:37.0233 7436 wmiApSrv - ok
19:35:37.0343 7436 WMPNetworkSvc - ok
19:35:37.0405 7436 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:35:37.0405 7436 WPCSvc - ok
19:35:37.0467 7436 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:35:37.0483 7436 WPDBusEnum - ok
19:35:37.0530 7436 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:35:37.0530 7436 ws2ifsl - ok
19:35:37.0592 7436 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
19:35:37.0608 7436 wscsvc - ok
19:35:37.0670 7436 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
19:35:37.0670 7436 WSDPrintDevice - ok
19:35:37.0670 7436 WSearch - ok
19:35:37.0857 7436 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:35:37.0904 7436 wuauserv - ok
19:35:38.0123 7436 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:35:38.0123 7436 WudfPf - ok
19:35:38.0185 7436 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:35:38.0201 7436 WUDFRd - ok
19:35:38.0263 7436 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:35:38.0263 7436 wudfsvc - ok
19:35:38.0279 7436 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:35:38.0294 7436 WwanSvc - ok
19:35:38.0466 7436 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
19:35:38.0466 7436 X5XSEx - ok
19:35:38.0544 7436 ZDPSp50a64 (e11183b2f02ae38915982d10d717c6c6) C:\Windows\system32\Drivers\ZDPSp50a64.sys
19:35:38.0544 7436 ZDPSp50a64 - ok
19:35:38.0622 7436 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
19:35:38.0825 7436 \Device\Harddisk0\DR0 - ok
19:35:38.0840 7436 Boot (0x1200) (256903f95f4a89500b6456d6ef921b2e) \Device\Harddisk0\DR0\Partition0
19:35:38.0840 7436 \Device\Harddisk0\DR0\Partition0 - ok
19:35:38.0840 7436 Boot (0x1200) (a93ac739b8f05a63e47fb097e8408048) \Device\Harddisk0\DR0\Partition1
19:35:38.0856 7436 \Device\Harddisk0\DR0\Partition1 - ok
19:35:38.0856 7436 ============================================================
19:35:38.0856 7436 Scan finished
19:35:38.0856 7436 ============================================================
19:35:38.0871 7428 Detected object count: 0
19:35:38.0871 7428 Actual detected object count: 0



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-12 19:42:54
-----------------------------
19:42:54.155 OS Version: Windows x64 6.1.7601 Service Pack 1
19:42:54.155 Number of processors: 4 586 0x203
19:42:54.155 ComputerName: DOOLEY-PC UserName: dooley
19:42:55.665 Initialize success
19:43:49.655 AVAST engine defs: 12051201
19:44:50.230 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007a
19:44:50.230 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 8
19:44:50.246 Disk 0 MBR read successfully
19:44:50.246 Disk 0 MBR scan
19:44:50.261 Disk 0 unknown MBR code
19:44:50.261 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 596287 MB offset 63
19:44:50.308 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 14190 MB offset 1221197040
19:44:50.339 Disk 0 scanning C:\Windows\system32\drivers
19:45:03.038 Service scanning
19:45:34.973 Modules scanning
19:45:34.973 Disk 0 trace - called modules:
19:45:34.989 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
19:45:35.005 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80073c3060]
19:45:35.005 3 CLASSPNP.SYS[fffff880010e743f] -> nt!IofCallDriver -> [0xfffffa8006816710]
19:45:35.005 5 ACPI.sys[fffff88000eff7a1] -> nt!IofCallDriver -> \Device\0000007a[0xfffffa8006816060]
19:45:36.799 AVAST engine scan C:\Windows
19:45:42.071 AVAST engine scan C:\Windows\system32
19:49:43.825 AVAST engine scan C:\Windows\system32\drivers
19:50:04.788 AVAST engine scan C:\Users\dooley
19:57:49.241 Disk 0 MBR has been saved successfully to "C:\Users\dooley\Desktop\MBR.dat"
19:57:49.288 The log file has been saved successfully to "C:\Users\dooley\Desktop\aswMBR.txt"

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 AM

Posted 12 May 2012 - 08:14 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\program files (x86)\Vuze_Remote
c:\program files (x86)\Ask.com

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 jdeuel

jdeuel
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 13 May 2012 - 10:20 AM

where do i run the cfscript? it this a program that i need to download. sorry for my ignorance!!!

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 AM

Posted 13 May 2012 - 11:56 AM

Greetings


In my instructions start at where it says Open Notepad after you open notepad the you copy and paste the text that I put in the clear box....
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 jdeuel

jdeuel
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 13 May 2012 - 01:13 PM

ComboFix 12-05-13.03 - dooley 05/13/2012 13:09:08.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.5703 [GMT -4:00]
Running from: c:\users\dooley\Downloads\ComboFix.exe
Command switches used :: c:\users\dooley\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_abda.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files (x86)\Vuze_Remote
c:\program files (x86)\Vuze_Remote\GottenAppsContextMenu.xml
c:\program files (x86)\Vuze_Remote\ldrtbVuze.dll
c:\program files (x86)\Vuze_Remote\OtherAppsContextMenu.xml
c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
c:\program files (x86)\Vuze_Remote\SharedAppsContextMenu.xml
c:\program files (x86)\Vuze_Remote\tbVuze.dll
c:\program files (x86)\Vuze_Remote\toolbar.cfg
c:\program files (x86)\Vuze_Remote\ToolbarContextMenu.xml
c:\program files (x86)\Vuze_Remote\uninstall.exe
c:\program files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-04-13 to 2012-05-13 )))))))))))))))))))))))))))))))
.
.
2012-05-13 17:21 . 2012-05-13 17:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-12 11:33 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-12 11:33 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-12 11:33 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-12 11:33 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-12 11:33 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-12 11:33 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-12 11:33 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-12 11:32 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-12 11:32 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-12 11:32 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-12 11:32 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-12 11:32 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-12 11:32 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 22:59 . 2012-05-09 22:59 -------- d-----w- c:\users\dooley\AppData\Roaming\Aisle 5 Games, Inc
2012-05-09 22:51 . 2012-05-09 22:52 -------- d-----w- c:\program files (x86)\Mirror Magic Deluxe
2012-05-09 22:51 . 2012-05-09 22:51 -------- d-----w- c:\program files (x86)\BFG
2012-05-09 21:14 . 2012-05-09 21:14 -------- d-----w- c:\users\dooley\AppData\Roaming\Games
2012-05-09 16:30 . 2012-05-09 16:30 -------- d-----w- c:\users\dooley\AppData\Roaming\MagicIndie
2012-05-09 16:01 . 2012-05-09 16:01 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-09 15:34 . 2012-05-09 16:01 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-07 16:29 . 2012-05-07 16:30 -------- d-----w- c:\users\dooley\AppData\Roaming\HiT-MM
2012-05-07 16:27 . 2012-05-10 18:41 -------- d-----w- c:\program files (x86)\Games
2012-05-06 19:07 . 2012-05-06 19:07 -------- d-----w- c:\users\dooley\AppData\Roaming\PassionFruit Games
2012-05-06 19:02 . 2012-05-06 19:04 -------- d-----w- c:\program files (x86)\Mystery Trackers - The Void
2012-05-06 17:00 . 2012-05-06 17:00 -------- d-----w- c:\users\dooley\AppData\Roaming\Artogon
2012-05-06 16:59 . 2012-05-06 17:00 -------- d-----w- c:\program files (x86)\Treasure Seekers - The Time Has Come
2012-05-02 13:55 . 2012-05-02 13:55 -------- d-----w- c:\users\dooley\AppData\Roaming\GAMGO
2012-05-01 07:01 . 2012-05-01 07:01 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-04-27 23:58 . 2012-04-27 23:58 -------- d-----w- c:\users\dooley\AppData\Roaming\PoBros
2012-04-27 23:58 . 2012-04-27 23:58 -------- d-----w- c:\programdata\PoBros
2012-04-26 18:26 . 2012-04-26 18:26 -------- d-----w- c:\users\dooley\AppData\Roaming\Friday's games
2012-04-25 14:28 . 2012-04-25 14:28 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-04-25 14:28 . 2012-04-25 14:28 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-25 14:28 . 2012-04-25 14:28 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-24 23:40 . 2012-04-24 23:40 -------- d-----w- c:\programdata\Alawar Stargaze
2012-04-24 20:34 . 2012-04-24 20:34 -------- d-----w- c:\programdata\Meridian93
2012-04-23 19:57 . 2012-04-24 00:23 -------- d-----w- c:\users\dooley\AppData\Roaming\MysteryStudio
2012-04-23 18:29 . 2012-04-23 18:29 -------- d-----w- c:\users\dooley\AppData\Roaming\Exent Technologies
2012-04-23 16:30 . 2012-04-23 16:30 -------- d-----w- c:\users\dooley\AppData\Local\Chronicles of Albian
2012-04-23 16:25 . 2012-04-27 23:27 -------- d-----w- C:\Remote Programs
2012-04-23 16:25 . 2012-04-23 16:25 -------- d-----w- c:\programdata\Free Ride Games
2012-04-23 16:25 . 2012-03-21 20:12 53314 ------w- c:\windows\ExentInfo.exe
2012-04-23 16:09 . 2012-04-23 16:25 -------- d-----w- c:\program files (x86)\Free Ride Games
2012-04-22 18:45 . 2012-04-22 21:01 -------- d-----w- c:\users\dooley\AppData\Roaming\LegacyInteractive
2012-04-22 16:56 . 2009-07-14 01:41 258048 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2012-04-22 16:55 . 2012-04-22 16:55 -------- d-----w- c:\program files\Bonjour Print Services
2012-04-18 23:34 . 2012-04-18 23:34 -------- d-----w- c:\program files (x86)\Jewel Quest - The Sleepless Star
2012-04-18 17:24 . 2012-04-18 17:24 -------- d-----w- c:\users\dooley\AppData\Roaming\Orneon
2012-04-17 16:28 . 2012-04-17 16:28 -------- d-----w- c:\users\dooley\AppData\Roaming\Freeze Tag
2012-04-16 19:26 . 2012-04-16 19:26 -------- d-----w- c:\users\dooley\AppData\Roaming\Boomzap
2012-04-16 19:25 . 2012-04-16 19:26 -------- d-----w- c:\program files (x86)\Awakening - The Dreamless Castle
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-13 06:22 . 2012-05-13 06:22 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CBFBB712-901A-433D-BD5C-0991794E905C}\offreg.dll
2012-05-09 16:01 . 2011-06-21 04:19 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-13 08:46 . 2012-05-13 06:20 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CBFBB712-901A-433D-BD5C-0991794E905C}\mpengine.dll
2012-04-13 08:46 . 2012-05-11 15:51 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-04 19:56 . 2010-08-03 15:17 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-28 15:18 . 2010-06-02 18:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-03-21 00:44 . 2010-10-25 02:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 00:44 . 2010-03-26 01:30 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-01 06:46 . 2012-04-11 07:00 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-11 07:00 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-11 07:00 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-11 07:00 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-11 07:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-11 07:00 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-11 07:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-11 07:06 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-11 07:06 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-11 07:06 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-11 07:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-11 07:06 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-11 07:06 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-11 07:06 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-11 07:06 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-17 06:38 . 2012-03-14 08:34 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 08:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 08:34 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 08:34 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 15:01 . 2012-02-15 15:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 15:01 . 2012-02-15 15:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-12_15.14.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-11-22 03:57 . 2011-11-22 03:57 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-04-11 07:09 . 2012-04-11 07:09 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-12-15 08:08 . 2011-12-15 08:08 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
+ 2012-05-13 07:03 . 2012-05-13 07:03 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
+ 2010-11-16 00:13 . 2012-05-13 07:12 35088 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-11-16 00:13 . 2012-04-11 07:07 35088 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-11-16 00:13 . 2012-05-13 07:12 18704 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-11-16 00:13 . 2012-04-11 07:07 18704 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-11-16 00:13 . 2012-05-13 07:12 20240 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-11-16 00:13 . 2012-04-11 07:07 20240 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\cagicon.exe
- 2011-12-15 08:08 . 2011-12-15 08:08 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2012-05-13 07:12 . 2012-05-13 07:12 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-06-05 07:01 . 2012-05-13 07:02 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-06-05 07:01 . 2012-02-16 08:08 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 81248 c:\windows\assembly\temp\RD4M0XLJGU\CustomMarshalers.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\054fce9466c6cef615b2f7cc9ff4e7f8\System.Windows.Presentation.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\ff78ec1b5bf38a8fb74c2d4f41bb308a\System.Web.ApplicationServices.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\e144d0028365c62178eb0662911ac910\System.AddIn.Contract.ni.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\93295f3771dc9e5be2d49d5f5d76a7a6\Microsoft.VisualC.ni.dll
+ 2012-05-13 07:13 . 2012-05-13 07:13 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\5ea625ce2d6c08687f70cb81a003a28b\dfsvc.ni.exe
+ 2012-05-13 07:13 . 2012-05-13 07:13 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\061cbee19075e086d675a9e1f65725d7\Accessibility.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 14848 c:\windows\assembly\NativeImages_v4.0.30319_32\TVM\055c3ec2bbb8ee0b72677c7d2179cf3b\TVM.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\f3a9c6e87bfa4bab3689ec1cdb56964f\System.Windows.Presentation.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\9b418f37f4594806e1f4b0ed6d083a95\System.Web.ApplicationServices.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll
+ 2012-05-13 07:24 . 2012-05-13 07:24 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\59be5fb54e018032511415f0b0523ee3\System.AddIn.Contract.ni.dll
+ 2012-05-13 07:21 . 2012-05-13 07:21 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll
+ 2012-05-13 07:21 . 2012-05-13 07:21 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\fb4bc14964a1d415bdbe55b62ce73a52\System.Windows.Presentation.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\acd8bdefdcae0ce7c27b5ec016ef865c\System.Web.DynamicData.Design.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\ee709a01b51c82626f4b2c1173f2db28\stdole.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\78f495970511b726a0ca7b8119360e25\PresentationFontCache.ni.exe
+ 2012-05-13 07:41 . 2012-05-13 07:41 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\1a359e9b908a2565c546a8ca04b241c2\PresentationCFFRasterizer.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\9d57c4bbbc0b3243046fc7839da71b00\Microsoft.WSMan.Runtime.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\d6578432220dbabf2b15027681327bf8\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\66deb65a87750efddf62d1e0c0655352\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4b6402dc918e41b8de8c501f29833d91\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\28545d2b6a0aaef4aa168f9808603bc5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\1d8a17a2c1416a8ad4d6ad2a28b4c5fd\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0abc7256549c204f39af7dcc52c9e5d5\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-05-13 07:38 . 2012-05-13 07:38 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\3c3a6cce983114e7406e0a6e6116ecd8\Microsoft.VisualC.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6ab0575bf49b60fd4b697d47e1754072\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\1569a004b1f41193818e3b3777f2c73d\LoadMxf.ni.exe
+ 2012-05-13 07:59 . 2012-05-13 07:59 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\3ee98e8b2084e27d65953bbd7e362bf8\ehiUPnP.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\1cd9f92749d29b9fd61fcb1c4ae84294\ehiTVMSMusic.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\0811f67973c32efb2bfad62a4a2592b5\dfsvc.ni.exe
+ 2012-05-13 07:40 . 2012-05-13 07:40 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\ae9311dcb0e713330a2a86b04cf361dc\Accessibility.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 26112 c:\windows\assembly\NativeImages_v2.0.50727_32\TVM\c25901e0ae3f874d891fa9932a3b02e5\TVM.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\TVM\8a3e53e0eccc1b550ee28e5e1ee8bab8\TVM.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\66d750f3f8dde0cc865f921497ab3545\System.Windows.Presentation.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c1ea7869d01b1b668de2181be6ebca56\System.Web.DynamicData.Design.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\543b0e12423bcec010bdd2ac27c5dc04\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-13 07:49 . 2012-05-13 07:49 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f34410ab8e82063735d876533db26c49\System.AddIn.Contract.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\d246780b91fd9f6393e85fb13bde94a6\stdole.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\d24744f15243e28ea541a459ff7ff5d5\PresentationFontCache.ni.exe
+ 2012-05-13 07:47 . 2012-05-13 07:47 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5a9d0ff936810991cedd098fe006a9be\PresentationCFFRasterizer.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\eb6bab4c488b520e3eeea660fcfde0e9\napcrypt.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\87a30ba337ed55d0905f19742e2985bc\napcrypt.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\9f2e8e0df9ff39ad21088f1d66cfadb1\Microsoft.WSMan.Runtime.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d797123d55bb7b823120d0a7ffbbc2a7\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb8ad29814d9e5589bd400d38e7a0b10\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb42a0f25b7608b2675080081b03f6e5\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\c6e9143be5afb36345875d56b61c444f\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\91767cf3facefe10e00734c815e925ad\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\66cd99d2f576cde047074e98bd5e1848\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\4308e1bdc640e1c3f1ea966e84e48900\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\06fcf2fbbe38d9425fc49d935498ec93\Microsoft.Vsa.ni.dll
+ 2012-05-13 07:46 . 2012-05-13 07:46 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\55c57057dc81a5e8c5bde3a230f0bcb9\Microsoft.VisualC.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e3ef400b1f37e4d3b79a42a8a602ea02\Microsoft.Build.Framework.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\2095344bf8c40f8baa94ba53a993fb4c\Microsoft.Build.Framework.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 68608 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Inte#\f99c523b5e24741dd2e2c2d9aae0a4b8\Intuit.Ctg.Wte.InterviewControlLibrary.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\dc93539af5a961641a26ada75f730136\ehiUserXp.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\53d03b0e238c77cf7e5ac88e02aecd2c\dfsvc.ni.exe
+ 2012-05-13 07:47 . 2012-05-13 07:47 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
- 2012-05-12 15:13 . 2012-05-12 15:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-13 17:23 . 2012-05-13 17:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-05-12 15:13 . 2012-05-12 15:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-13 17:23 . 2012-05-13 17:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-13 07:26 . 2012-05-13 07:26 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fd866b4158c3bd2a26c875f2896c5573\dfsvc.ni.exe
- 2009-07-14 05:01 . 2012-05-12 15:11 493388 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-05-13 17:22 493388 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-15 18:01 . 2011-12-15 18:01 226600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 156440 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.AddIn.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2012-05-12 11:32 . 2012-02-10 23:29 172320 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationHostDLL.dll
+ 2012-05-12 11:33 . 2012-01-04 03:34 486144 c:\windows\Microsoft.NET\Framework64\v2.0.50727\SOS.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 182056 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 156440 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 386824 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2012-05-12 11:32 . 2012-02-10 23:31 131360 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2012-05-12 11:33 . 2012-01-04 02:51 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2012-05-12 11:33 . 2012-01-04 02:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2012-05-12 11:33 . 2012-01-04 02:50 996624 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 616216 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 616216 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-04-11 07:10 . 2012-04-11 07:10 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-11-16 00:13 . 2012-05-13 07:12 888080 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-11-16 00:13 . 2012-04-11 07:07 888080 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-11-16 00:13 . 2012-05-13 07:12 922384 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\pptico.exe
- 2010-11-16 00:13 . 2012-04-11 07:07 922384 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\pptico.exe
- 2010-11-16 00:13 . 2012-04-11 07:07 845584 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-11-16 00:13 . 2012-05-13 07:12 845584 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\outicon.exe
- 2010-11-16 00:13 . 2012-04-11 07:07 217864 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\misc.exe
+ 2010-11-16 00:13 . 2012-05-13 07:12 217864 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\misc.exe
+ 2010-03-18 17:16 . 2010-03-18 17:16 181096 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_X86.dll
+ 2010-03-18 18:27 . 2010-03-18 18:27 225640 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_AMD64.dll
+ 2011-09-16 00:41 . 2011-09-16 00:41 408936 c:\windows\Installer\$PatchCache$\Managed\00002119210000000000000000F01FEC\12.0.6612\WINWORD.EXE
+ 2012-04-11 07:09 . 2012-04-11 07:09 857960 c:\windows\assembly\temp\ZLT1MLF977\System.Web.Services.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 261472 c:\windows\assembly\temp\TFPD4S7B73\System.Security.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 113512 c:\windows\assembly\temp\NNJ07AW7L0\System.ServiceProcess.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 291184 c:\windows\assembly\temp\GCZ4QANK5A\System.Runtime.Remoting.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 616216 c:\windows\assembly\temp\FRBMKG5XO7\System.Drawing.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 138592 c:\windows\assembly\temp\53KTU0IKWN\System.Xml.Linq.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 409448 c:\windows\assembly\temp\4IFDFV8JIE\System.configuration.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 109568 c:\windows\assembly\temp\3XUZDAU6XY\System.EnterpriseServices.Wrapper.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 246128 c:\windows\assembly\temp\3XUZDAU6XY\System.EnterpriseServices.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 269672 c:\windows\assembly\temp\39JQEK741M\System.Transactions.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\65f25960625d91ca79a40f9067adc021\WindowsFormsIntegration.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\fb43d84bc59b21e8a7f3e36d616eea90\UIAutomationTypes.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\26f12a0a3baed2a227cf30aaeae03913\UIAutomationProvider.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\1c3c298326e9ac14796516ac1da09a16\UIAutomationClient.ni.dll
+ 2012-05-13 07:15 . 2012-05-13 07:15 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\307eea660f877dc40ae90882ce554757\System.Xml.Linq.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\b4afa252d0f0e27b0b5e8fcb2cc5b3a7\System.Windows.Input.Manipulations.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\8c0ee7b970cc4e8c2986c7898af71661\System.Transactions.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\85810fe277a718273eb946a460ae8010\System.ServiceProcess.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\eb4fb369926faaffede7aaf317fd6532\System.ServiceModel.Channels.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e5ab3c37897bb578bdbfe6b7e0558ad8\System.ServiceModel.Routing.ni.dll
+ 2012-05-13 07:13 . 2012-05-13 07:13 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\e48b6a8c491a96d1bc601795532af605\System.Security.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\21d5b44ef01ccfa69e79674a51707de0\System.Runtime.Remoting.ni.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\5f2bfb0585061dc256ee9587d430959f\System.Numerics.ni.dll
+ 2012-05-13 07:19 . 2012-05-13 07:19 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\6996a415485a84fef2d2556b0462336f\System.Net.ni.dll
+ 2012-05-13 07:19 . 2012-05-13 07:19 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\a3849a373beeb3509d8c22d5751dfad3\System.Messaging.ni.dll
+ 2012-05-13 07:19 . 2012-05-13 07:19 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\92d266f677605e5475b7f39c063c4a9d\System.Management.Instrumentation.ni.dll
+ 2012-05-13 07:19 . 2012-05-13 07:19 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\07a0e1efc063042be3e8faf62b413a12\System.IO.Log.ni.dll
+ 2012-05-13 07:19 . 2012-05-13 07:19 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\7fd39b9a208214e6e5eba4e9396409f1\System.IdentityModel.Selectors.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.Wrapper.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\521f5bccf74318a4777597b0c01fda1e\System.Dynamic.ni.dll
+ 2012-05-13 07:18 . 2012-05-13 07:18 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\6a8bd7d373c988a585e90bb61c5ec8cc\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-13 07:18 . 2012-05-13 07:18 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\78dd02d104bb15bc3820c06bd2876239\System.Device.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\97d1aaf3733b107ecdbecb9d21050ff4\System.Data.DataSetExtensions.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c3d7a7ff58ff502887d8f1b77e61adbc\System.Configuration.Install.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\a4f91f2dfd1656ef2e42917963f6bf50\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 871936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\b1c67ee2e0e6e78c31985069fbc82596\System.AddIn.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\c69fb0f955adc7ca80cd5f2fd730edea\System.Activities.DurableInstancing.ni.dll
+ 2012-05-13 07:13 . 2012-05-13 07:13 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\11fc863fa4f5092fca4f2ce25a9ac361\SMSvcHost.ni.exe
+ 2012-05-13 07:16 . 2012-05-13 07:16 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\50e8e826488639e549589ba34666933e\SMDiagnostics.ni.dll
+ 2012-05-13 07:15 . 2012-05-13 07:15 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\722c0236432dd5ccc047481d3ebbd49e\PresentationFramework.Royale.ni.dll
+ 2012-05-13 07:15 . 2012-05-13 07:15 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\6739c3715c9e38dbdfbfd57b424a3094\PresentationFramework.Aero.ni.dll
+ 2012-05-13 07:15 . 2012-05-13 07:15 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\3e7359f5f0fb68565314f88f6ec2d67a\PresentationFramework.Luna.ni.dll
+ 2012-05-13 07:15 . 2012-05-13 07:15 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\263748f3d18955b9e467710da1e8546f\PresentationFramework.Classic.ni.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6493bbb60833072904ad141a5a4d08ac\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\6480551111832c83ee88bcf756a72533\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-13 07:13 . 2012-05-13 07:13 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\0e81a3996f7cbff23fc01bea4185a918\CustomMarshalers.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ede3b9144bc31da0eaaf86c7b6a9eaaa\WindowsFormsIntegration.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\7a9f70fa774076a7ec19bc03e7064d0d\UIAutomationClient.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 121856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inte#\4f9665a468eef3bf93435d09780f76be\System.Windows.Interactivity.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\c477bbff1e4662263255a1bf17bd9c2a\System.Windows.Input.Manipulations.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\35da2da22db8fde344d9e17b20a91816\System.ServiceProcess.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd25ddcfa0417d40e3f1385e30abcd6f\System.Net.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\87f2fdf92547c337644f4db30caa63e3\System.Messaging.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\08397796343d5730a29f42e61c7f6ee7\System.Management.Instrumentation.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\ff1250d2409bd16283c423650d6fd3f6\System.IO.Log.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\e60675d3ba7fa94924489dc8466ebff5\System.IdentityModel.Selectors.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a9b1e597aaa263dea2cf8754440bd271\System.Dynamic.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e41e86da56bb60523251e0e08210a77b\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\94d45f7f28d81304d7fa83bcea849141\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4c50d8a951546d6dffdc8bcb23f47a7b\System.Device.ni.dll
+ 2012-05-13 07:24 . 2012-05-13 07:24 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\7803f4398a527a87d5cace8023e93e8b\System.Data.DataSetExtensions.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
+ 2012-05-13 07:24 . 2012-05-13 07:24 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\977c7c2badf6a9059ba8371a0f645fc8\System.Configuration.Install.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\877ef74350e6d374ca8f80b489a8cc8e\System.ComponentModel.Composition.ni.dll
+ 2012-05-13 07:24 . 2012-05-13 07:24 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4330e93f9d0ef85f1a972e11c2ac5156\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-13 07:24 . 2012-05-13 07:24 624128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0c67d9fc14856eb7d8b4e405aef79960\System.AddIn.ni.dll
+ 2012-05-13 07:24 . 2012-05-13 07:24 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2b046f2d5f056b906d7b25b75ca23575\System.Activities.DurableInstancing.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\4847f66153121ec4ed532909f7c152be\SMSvcHost.ni.exe
+ 2012-05-13 07:22 . 2012-05-13 07:22 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
+ 2012-05-13 07:11 . 2012-05-13 07:11 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ef6e3eb351fe12a5766be7c956c35d95\PresentationFramework.Classic.ni.dll
+ 2012-05-13 07:11 . 2012-05-13 07:11 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e49a124fdad0f1db135f03a49f18fb48\PresentationFramework.Royale.ni.dll
+ 2012-05-13 07:11 . 2012-05-13 07:11 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
+ 2012-05-13 07:11 . 2012-05-13 07:11 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\141f0a8fbfb83604fa3dd43dbe8fa0f4\PresentationFramework.Luna.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\a604989c1d4b14505e020b7d015cacbd\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\01c5ff7a1ea0463414736df5d449e0a9\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 985600 c:\windows\assembly\NativeImages_v4.0.30319_32\Intuit.Ctg.Wte.Serv#\5777b1dcfaaf4df11890c8bd64a64459\Intuit.Ctg.Wte.Service.Interface.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 198656 c:\windows\assembly\NativeImages_v4.0.30319_32\IKVM.Runtime.JNI\e03ce05cc754ec863508322ae47b3ef6\IKVM.Runtime.JNI.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 697856 c:\windows\assembly\NativeImages_v4.0.30319_32\IKVM.OpenJDK.XML.API\efa360d0f3d79414f0eec72c19991fd5\IKVM.OpenJDK.XML.API.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 258560 c:\windows\assembly\NativeImages_v4.0.30319_32\common-utility\eda12191a4bda357418af027df3bd80e\common-utility.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\ad7f43afb4f124acae4d503b40f591c1\WsatConfig.ni.exe
+ 2012-05-13 08:05 . 2012-05-13 08:05 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\cefe28fde401a6a5718d1718c345fb37\WindowsFormsIntegration.ni.dll
+ 2012-05-13 07:40 . 2012-05-13 07:40 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\bf634b0e2e28466c6ed6ae1eb602b09f\UIAutomationTypes.ni.dll
+ 2012-05-13 07:40 . 2012-05-13 07:40 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\1ff8fb81d6f045f1dc6f50be95444292\UIAutomationProvider.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\1f36e020c3563e0ff414f13138e238e1\UIAutomationClient.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 284672 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\db79ef1656eef6a62150abd7f85ff640\TaskScheduler.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\769b7666d915de95db5b63ec22bf3e42\TaskScheduler.ni.dll
+ 2012-05-13 08:04 . 2012-05-13 08:04 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\de45d043775d8c805f6feca40d7a9ed2\System.Xml.Linq.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\181702fb83901c085401957c6f731cf4\System.Web.Routing.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\76662ce36d2141e45513e64386073cc2\System.Web.RegularExpressions.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\9b9d3e3e44dc7d03bb96033a5b829a6b\System.Web.Entity.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\ad2339c5f0fd9aa8a9989800825da487\System.Web.Entity.Design.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\8309dc5dd39b93f3e105a4d455b74a00\System.Web.DynamicData.ni.dll
+ 2012-05-13 08:04 . 2012-05-13 08:04 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\a79640760b61cc1c23ac3cfdfa6f0f3f\System.Web.Abstractions.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ec95ad2463c5588fc8ef552b3f375ee6\System.Transactions.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\05acafa7eb44049849a5aafd39147ee5\System.ServiceProcess.ni.dll
+ 2012-05-13 07:39 . 2012-05-13 07:39 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\1875b50d0228f29aef00bed38ab594d6\System.Security.ni.dll
+ 2012-05-13 07:41 . 2012-05-13 07:41 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\3b3581851a728bef36f319e9d4c72499\System.Net.ni.dll
+ 2012-05-13 07:58 . 2012-05-13 07:58 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\b4297ef47e0839fce0145f665349dcc9\System.Messaging.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\599954438a668c94dd38e8e7e506ac2a\System.Management.Instrumentation.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\fd51741bfd973ad507bbd141e98932f8\System.IO.Log.ni.dll
+ 2012-05-13 07:58 . 2012-05-13 07:58 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\ef6abe121bb11bff2514bfdfb7e76b7a\System.IdentityModel.Selectors.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.Wrapper.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\e7abd70c16a5e638a7121fc5f68484cc\System.Drawing.Design.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\4bb1134d9b166434327385ddf3c5dd54\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\7c4ce1b8a2f83ef29aa6d5f126ab5b71\System.Data.Services.Design.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\19d1414f1ca718ce4d0c07e7305b3450\System.Data.DataSetExtensions.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\4aebed13b5309398cd809454cafe472f\System.Configuration.Install.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\9536bb262c4f1ea389d287ab669767d4\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-13 07:49 . 2012-05-13 07:49 890880 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\84262138e2e9f34c88fd282caa82baa5\System.AddIn.ni.dll
+ 2012-05-13 07:49 . 2012-05-13 07:49 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\176899be7b920fb20408ff49e636a776\System.AddIn.Contract.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\ee0608cd62dfb37016016884fc39e425\sysglobl.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\9fa1abf006689e262527ae50d452e97e\SMSvcHost.ni.exe
+ 2012-05-13 07:58 . 2012-05-13 07:58 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\2eac9c598de3341eba5c16787c74f220\SMDiagnostics.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 438272 c:\windows\assembly\NativeImages_v2.0.50727_64\ServiceModelReg\3486cbd73a1ba2415be3728bfe389000\ServiceModelReg.ni.exe
+ 2012-05-13 07:44 . 2012-05-13 07:44 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\89de197bdde5984658045ade41c2c9b9\PresentationFramework.Classic.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\7ffb91db770d0b09921f623bc5d68b4f\PresentationFramework.Luna.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4f3567165e2a444fc9a62980c4d0ea82\PresentationFramework.Aero.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\205bb33cef9ae6b906ceadd6f2861c86\PresentationFramework.Royale.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\bc8a2d99d8ebd29f94905072ccf4b3b8\napsnap.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 852992 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\31033f731af46739d3ce81bef90e1277\napsnap.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\b79da521cf602154b475ea740cc7fd3b\napinit.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 154624 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\6f3c967fe522f8274f8c7e0907d8d6a7\napinit.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 177152 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\f2fb7309ecf598ea729792e14deb3c61\naphlpr.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\5f0ae15f9d1cade37fbfaacff7e64bff\naphlpr.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 126464 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\70024cbc7d520d5554fa66d5a200b270\napcrypt.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\5346ceca518baf5e5fa3fed9f900f792\napcrypt.ni.dll
+ 2012-05-13 07:57 . 2012-05-13 07:57 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\8f792883d0adad8c7beccf24aed65817\MSBuild.ni.exe
+ 2012-05-13 08:01 . 2012-05-13 08:01 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\926d20041c179cebc6f4398155b1b2c4\MMCFxCommon.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\b78beede8a3c9720095dde4a4a162acc\Microsoft.WSMan.Management.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\83222514e209f186ad3a1c3794168bfd\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\a843956bb452503139683304de4cc8f6\Microsoft.Vsa.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\c56d6513e4b239b1b1dbe29b0588321a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\fb0d102ca78bd05fe7064b9e6be30fc7\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b21fa6ff448b99a97319e18c166c03e2\Microsoft.PowerShell.Security.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6c3fe42a14ac5b48ebd43be290973d24\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\2572e94f9d0b412cdc529c8d74fdb689\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-05-13 08:00 . 2012-05-13 08:00 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f4faec8b6d3e2c327c68070963ec1750\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f04ccbbf5199d2b264f1b1175be44686\Microsoft.MediaCenter.Mheg.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f015188310f7613f819fcf032f98705a\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c5f4ab28f67d5bf0cc221ef81e7f6966\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-05-13 08:00 . 2012-05-13 08:00 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6dbd502a13b5e3caae0b1f2b4847612f\Microsoft.MediaCenter.Playback.ni.dll
+ 2012-05-13 08:00 . 2012-05-13 08:00 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\514667153fd74307d21e7f50b79858c9\Microsoft.MediaCenter.Interop.ni.dll
+ 2012-05-13 08:00 . 2012-05-13 08:00 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\18367b9a0b9e9261d1d9e371230af87c\Microsoft.MediaCenter.Sports.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\718cd5a598ed3e225a73b2aba7bcc1e1\Microsoft.ManagementConsole.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\d68a27daca73749e4438a47e61643c3c\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\3151235c1c38db94fd44e3c6f290ff38\Microsoft.Build.Utilities.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 121344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\cf5e9b5d10682467a9e03358a6d6258f\Microsoft.Build.Framework.ni.dll
+ 2012-05-13 07:57 . 2012-05-13 07:57 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\0f233d0eb396065719e83ab573a72cc5\Microsoft.Build.Framework.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\2416af06edb993f98a751acb69f67016\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\69286d5692277a166404cb897a8b2e7a\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\74e4adc90675c3b1365825c7e78b5ce9\Mcx2Dvcs.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\4a1f9a648a3928d42b77a91666d9aa8a\mcupdate.ni.exe
+ 2012-05-13 07:59 . 2012-05-13 07:59 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\40d70417c04f9ccb5fdecb5b9be5a6a3\mcstoredb.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\927ada02b440d95fdf36a37ee96aaa54\mcplayerinterop.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\35023ad5cb299ca2020bd660f5dba2fc\mcGlidHostObj.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\3fc113fe40d0145cd87afca2d107bf6d\MCESidebarCtrl.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 637952 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\79b52ac0655924d93e1f72d5fb8b5cfb\EventViewer.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\0bd8d37bc6f648d092e1d8034609a107\EventViewer.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\584d419d4c837ea19f7f450a807b0273\ehRecObj.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\20c3505378a50f4859c9b2e7dcbb5fa2\ehiWUapi.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\2f9f48ad6496c9103043db1c21a651fd\ehiwmp.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\0955237aa3c1cb3a643248b8c58ec34c\ehiUserXp.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\7998173654fa518876cc97e37b86d465\ehiiTv.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\6c97aa6908f96ac9816ce74e4f6251ac\ehiExtens.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\a501747a95523297a8a1f119df8b1642\ehiBmlDataCarousel.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 126976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\414bbac4e1d7761a336bb9d74b9b243a\ehiActivScp.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\24d3859bba3ed02775f22c50ae5ab5a6\ehExtHost.ni.exe
+ 2012-05-13 07:59 . 2012-05-13 07:59 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\ff7ef4caed03d6934669d1a39877a8ac\ehCIR.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\b7916689137fd0bc9ba1ba5a27e2a38a\CustomMarshalers.ni.dll
+ 2012-05-13 07:57 . 2012-05-13 07:57 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\cc6e6febcd804604bf4d92d0eb8ec6ae\ComSvcConfig.ni.exe
+ 2012-05-13 07:57 . 2012-05-13 07:57 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\d18719c2df1334364cac199bb9c86adf\BDATunePIA.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\9d60139fdead64a892985181d663989f\WsatConfig.ni.exe
+ 2012-05-13 07:51 . 2012-05-13 07:51 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\9bfbf0613d3780e34d98333c7b381218\WindowsFormsIntegration.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\779b08c46960a1824503aa6f089673fa\UIAutomationClient.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\c4edf782e69aa24453554f8b6cb40773\TaskScheduler.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 231936 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\305d5a97c584bed297410042654e3404\TaskScheduler.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 116736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Inte#\659e8c090713316fd9ef9e30d92d5729\System.Windows.Interactivity.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d75f0b1e2ea688466552da04fd805949\System.Web.Routing.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\2b129372a27469195acbe3b6b81786ef\System.Web.RegularExpressions.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\5d6fdd022660b8ca4be19ff06ddfee7a\System.Web.Extensions.Design.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\d084aa31b82c66eb83e40853ba961b48\System.Web.Entity.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\53ca1042189a64dcd1f8ff487922b749\System.Web.Entity.Design.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\0b8a9e120d8f557a9702229e3c64987c\System.Web.DynamicData.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5d95b9a6cee5a9b1aac34b5d33c721ba\System.Web.Abstractions.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5abddd1112204bd1e3347be519eaa28f\System.ServiceProcess.ni.dll
+ 2012-05-13 07:46 . 2012-05-13 07:46 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\0b5f082230e3486412e0fa333290e85a\System.Net.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\f1241239a9b8229f91ce55d230fad38c\System.Messaging.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\8280490a2939075b726fd051d9010cc0\System.Management.Instrumentation.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\a03191ed937f6c1dc827b53d94ea0176\System.IO.Log.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\100d39c2f8985cb93e26feef86ba5212\System.IdentityModel.Selectors.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.Wrapper.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\6b16664ac4ab46643c4a7fdd960ef9fb\System.Drawing.Design.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\55545e89f96539ef93375524d1145a6f\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\4d73a7649876bb6e54a01ccbf235919b\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e36e03067b12bc35fcc3787dc81022c8\System.Data.Services.Design.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\5a29fff52e2c3d13ec15e8701027ab17\System.Data.Entity.Design.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\940f62a5d077405e0b324422afb6ff2c\System.Data.DataSetExtensions.ni.dll
+ 2012-05-13 07:46 . 2012-05-13 07:46 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\d3325c6bced333a67122db7414c1fd1e\System.Configuration.Install.ni.dll
+ 2012-05-13 07:49 . 2012-05-13 07:49 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\a90ec436f1d2c5cb0133a53c2e47d61a\System.AddIn.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\1ed79278fe139272e868e3a53d736f22\sysglobl.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\1b0b19607668635281fa260707f4352f\SMSvcHost.ni.exe
+ 2012-05-13 07:52 . 2012-05-13 07:52 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\e495aaa007394ebfdcae20ef6bf1ea33\ServiceModelReg.ni.exe
+ 2012-05-13 07:48 . 2012-05-13 07:48 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae55e761d480fe15781156d1311a1837\PresentationFramework.Classic.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7df1f379457aa5f39183903d115b5479\PresentationFramework.Royale.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\496bc57a53989bb83ec58865fa34be1d\PresentationFramework.Luna.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\9e0dafde490fbb06e0624ad4e5355b58\napsnap.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 725504 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\338f7b42b30d894c7fa7a7f8cb637b49\napsnap.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\782ffccdf30881e1eb1236c3fd7e959b\napinit.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 110080 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\1dde308398bdbb7bf73f8a586ffd6602\napinit.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\e0c40329b9cdd7f141a3702d79eb4bda\naphlpr.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 115712 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\35aeaaa81d266328c385a8438e7013ff\naphlpr.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\74a8b6419deb005337a1e43ec2502134\MSBuild.ni.exe
+ 2012-05-13 07:53 . 2012-05-13 07:53 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\9e8d56153e65d3cf74342c741126d396\MMCFxCommon.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\070505350ec9daa3343b3cd2bc8cf59e\Microsoft.WSMan.Management.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1e639225ba30d7f182b893ddacea506b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d4c36b363fcd1ca494218e74ba606e99\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ba2ca86f5d270f493501848843d2f227\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\607324a312b1c6d7fbede8300e8cee91\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1f1185444c8a12ace85ba4c2d49f41f8\Microsoft.PowerShell.Security.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\12715b7e3e89758161053520b57764b2\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\f077b7199d773c7812c04bb146014257\Microsoft.ManagementConsole.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\7e59b3b84ca3c61adfc0dc74a65ea177\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\07e346ee0e3f7433f2de7a72fadd6713\Microsoft.Build.Utilities.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\432160eff3b1f9301c6a74c2e647e03d\Microsoft.Build.Engine.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\8297305de86377d0070a983d99a7f943\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\541a5bb4d0f8490e506f885a4b435566\mcstoredb.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 696320 c:\windows\assembly\NativeImages_v2.0.50727_32\log4net\0a775a09b5828533e63fd9b7d94167d9\log4net.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 955392 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Serv#\80580dbadddec2c047e0158d4c750753\Intuit.Ctg.Wte.Service.Interface.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 657408 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Serv#\31bc7b4b2a8d14f812b0ddf5d24faf21\Intuit.Ctg.Wte.Service.Interface.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 801792 c:\windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\53e7f90d636883f6e6d5912859e4f336\Infragistics2.Shared.v8.2.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 538112 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\d63e35ce8b80c841f4bfaa366e7f1165\EventViewer.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\185067f9c70ccbccb4431063f9054b66\EventViewer.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\5ae5c6732ef8e7115baaeb66fd69cdd2\ehRecObj.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\c4a5ce4f89c53b9601d13d22d01cf0bf\ehiVidCtl.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\cbf3a07d3ab873b19f47d6a24f06c796\ehiProxy.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\5cc4a5672758f4732ef430b3431f47fc\ehiExtens.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\15b24807d7e7cae1db4f285f04cb82d7\ehExtHost32.ni.exe
+ 2012-05-13 07:52 . 2012-05-13 07:52 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\3912b69593af13d0922279a063e5af66\ComSvcConfig.ni.exe
+ 2012-05-13 07:51 . 2012-05-13 07:51 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\e1c3540ffb669448747187f76c6ebe82\BDATunePIA.ni.dll
+ 2012-05-12 11:33 . 2012-01-04 02:50 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-07-01 09:42 . 2010-11-05 01:53 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2011-07-01 09:44 . 2010-11-05 01:53 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-05-12 11:32 . 2012-02-10 23:31 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-07-01 09:43 . 2010-11-05 01:52 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-12 11:32 . 2012-02-10 23:29 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-07-01 09:43 . 2010-11-05 01:53 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-12 11:32 . 2012-02-10 23:31 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2009-05-06 11:39 . 2012-05-13 17:22 9152488 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-05-06 11:39 . 2012-05-11 14:40 9152488 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-01-19 17:08 . 2012-01-19 17:08 1369872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsBase.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 6429992 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.dll
+ 2012-01-19 17:52 . 2012-01-19 17:52 3825952 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationCore.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 5029160 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 1512712 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
+ 2012-05-12 11:32 . 2012-02-10 23:29 2256152 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
+ 2012-05-12 11:33 . 2012-01-04 03:34 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
- 2011-12-12 16:01 . 2011-03-29 22:32 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
- 2012-02-16 04:31 . 2011-10-31 23:15 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
+ 2012-05-12 11:33 . 2012-01-04 03:34 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
+ 2012-05-12 11:33 . 2012-01-04 03:34 9992464 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
+ 2012-05-12 11:33 . 2012-01-04 03:34 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
- 2011-12-12 16:00 . 2011-07-08 22:31 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
+ 2012-05-12 11:33 . 2012-01-04 03:34 1577232 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
+ 2012-05-12 11:33 . 2012-01-04 03:34 1756432 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscordacwks.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 1369872 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 6429992 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 3790112 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 5029160 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2012-05-12 11:32 . 2012-02-10 23:31 1737496 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
- 2011-12-12 16:01 . 2011-03-29 22:33 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-05-12 11:33 . 2012-01-04 02:51 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-05-12 11:33 . 2012-01-04 02:51 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2012-02-16 04:31 . 2011-10-31 23:16 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-05-12 11:33 . 2012-01-04 02:51 5925136 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-12-12 16:00 . 2011-07-08 22:33 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-05-12 11:33 . 2012-01-04 02:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 5029160 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-04-11 07:09 . 2012-04-11 07:09 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-05-13 07:10 . 2012-05-13 07:10 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-04-05 02:38 . 2012-04-05 02:38 2831360 c:\windows\Installer\34efd0e.msp
+ 2012-04-29 01:44 . 2012-04-29 01:44 9101824 c:\windows\Installer\34efd05.msp
+ 2012-04-29 01:44 . 2012-04-29 01:44 9586176 c:\windows\Installer\34efcf3.msp
+ 2012-04-30 18:38 . 2012-04-30 18:38 5011456 c:\windows\Installer\34efcd3.msp
+ 2012-04-05 02:38 . 2012-04-05 02:38 3620864 c:\windows\Installer\34efc88.msp
+ 2012-03-15 06:24 . 2012-03-15 06:24 1795584 c:\windows\Installer\34efc7f.msp
+ 2012-04-29 01:43 . 2012-04-29 01:43 8459264 c:\windows\Installer\34efc5d.msp
+ 2012-02-17 12:45 . 2012-02-17 12:45 2299392 c:\windows\Installer\34efc54.msp
+ 2010-11-16 00:13 . 2012-05-13 07:12 1172240 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-11-16 00:13 . 2012-04-11 07:07 1172240 c:\windows\Installer\{91120000-0012-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-08-17 14:49 . 2011-08-17 14:49 4683624 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\WRD12CNV.DLL
+ 2011-07-07 07:58 . 2011-07-07 07:58 1616240 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\OGL.DLL
+ 2012-04-11 07:09 . 2012-04-11 07:09 1026936 c:\windows\assembly\temp\XQ0N4SPJZ6\System.Runtime.Serialization.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 3512072 c:\windows\assembly\temp\WA97ML5KCQ\System.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 1354584 c:\windows\assembly\temp\M9HBSJ3FR3\System.Core.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 5028200 c:\windows\assembly\temp\F49N5ZCZHB\System.Windows.Forms.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 2975064 c:\windows\assembly\temp\EZM9TA7V5N\System.Data.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 2207568 c:\windows\assembly\temp\AG6WGMSYKJ\System.XML.dll
+ 2012-04-11 07:09 . 2012-04-11 07:09 4464480 c:\windows\assembly\temp\5ET6PBVBK2\System.Data.Entity.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e41f5739292f4771c64a55940369efd2\WindowsBase.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\6ee9d76d9f1e618cd6fb94b13355bcc9\UIAutomationClientsideProviders.ni.dll
+ 2012-05-13 07:13 . 2012-05-13 07:13 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\28ca4f076264ab07f1d00a6c9623dc49\System.Xml.ni.dll
+ 2012-05-13 07:15 . 2012-05-13 07:15 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\df013cbfec0defc7e9997cdaa90b89bc\System.Xaml.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\9e50e3bca6cb19f9acab815d46f5e7e5\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\bc6df78c506c89659ab7be738179b2ba\System.Web.Services.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\cd7c3aed4408c3554c30a8f0236b90e1\System.Speech.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\94289b88c5b494f572cd7114fa995487\System.ServiceModel.Activities.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\2dbc7aabd92cc0d470acb455c498d919\System.ServiceModel.Discovery.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\b37e6f4b1d742031f328504eb99d0f6c\System.Runtime.DurableInstancing.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\682ea473b36fc9043d982c4f5a667568\System.Printing.ni.dll
+ 2012-05-13 07:19 . 2012-05-13 07:19 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\b83f2453b4538b2e80fe09cfd94dce00\System.Management.ni.dll
+ 2012-05-13 07:19 . 2012-05-13 07:19 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\60bf6251873ef465abcebeb9a24b7932\System.IdentityModel.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.ni.dll
+ 2012-05-13 07:15 . 2012-05-13 07:15 2303488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\dadeee26c90fecbf3196eba10dc077b4\System.Drawing.ni.dll
+ 2012-05-13 07:18 . 2012-05-13 07:18 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\a68116468a194678fd04167067134712\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\3a737af86a6a819af97a6d1a04c0e944\System.DirectoryServices.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\f20144fba069563333d0f6be2e0b6e06\System.Deployment.ni.dll
+ 2012-05-13 07:16 . 2012-05-13 07:16 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\0ec8effb7b9d03ae69d37922813bc880\System.Data.ni.dll
+ 2012-05-13 07:13 . 2012-05-13 07:13 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\0eb72df497fad5c273ff16f88b0fb950\System.Data.SqlXml.ni.dll
+ 2012-05-13 07:18 . 2012-05-13 07:18 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\536e12016ad3adc78e0708b77e6b9219\System.Data.Services.Client.ni.dll
+ 2012-05-13 07:18 . 2012-05-13 07:18 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\86553c1d7f3e66c17fc3e0274de7a2de\System.Data.Linq.ni.dll
+ 2012-05-13 07:13 . 2012-05-13 07:13 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\6aea67f24827961ce1d48356715389d8\System.Configuration.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\eac19ca5a18a6d08cd247e68b618ba68\System.ComponentModel.Composition.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\3869077874ba987242c791b3a18b2f8b\System.Activities.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\a7c19841c70fbce3b17ad3a46ee410d8\System.Activities.Presentation.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\96083298999a677341c98fc2bf01b248\System.Activities.Core.Presentation.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\fe1704ff12348776e6b70dd4a2c69163\ReachFramework.ni.dll
+ 2012-05-13 07:15 . 2012-05-13 07:15 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\b0b05b1ecbfb813474f685de13027585\PresentationUI.ni.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\a36cd27bd492b55a5f443a4b4029f569\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\93536d93a44ce7d5a60faf1aeb55f49e\Microsoft.VisualBasic.ni.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\16425c121db8083cbaa51f619c9e51e7\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\5284682fcf04815a86233bcaf696da66\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-13 07:19 . 2012-05-13 07:19 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\4b1d24a96b3882f9e77445e48a7c59ee\Microsoft.JScript.ni.dll
+ 2012-05-13 07:13 . 2012-05-13 07:13 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\1ff62486cdefbfc2dab41b686a9aa4e2\Microsoft.CSharp.ni.dll
+ 2012-05-13 07:11 . 2012-05-13 07:11 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\4b7adff986a085bb562222d0c5fdf5aa\WindowsBase.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\24ed0e1df6a605cdb2088f87ae2ab8ff\UIAutomationClientsideProviders.ni.dll
+ 2012-05-13 07:21 . 2012-05-13 07:21 3399168 c:\windows\assembly\NativeImages_v4.0.30319_32\ttax\7f66e4945427ddb94ddc6df1e49c35d7\ttax.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 9091584 c:\windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
+ 2012-05-13 07:21 . 2012-05-13 07:21 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\8ca12588b9ef54dbd02e607699fea6ae\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\b37cc0aa41e7feaba9f290da4da91d71\System.Web.Services.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\f368c85283c4e6c9650dd1c8d369dcc5\System.Speech.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ec057796972ce41b751eaa3a8306fbcb\System.ServiceModel.Discovery.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5055b60e339143bbace5871f5fe4b114\System.ServiceModel.Activities.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll

+ 2012-05-13 07:22 . 2012-05-13 07:22 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\bd371863e99082fa48cd630a73259448\System.Printing.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 1665536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\03b5233f1511f5fdb39eb681b04e5506\System.Drawing.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\0fe1e56d17858b6156a3a46330f75f27\System.DirectoryServices.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\75b4d98f7c7a434aff4e18cb724deae4\System.Deployment.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 2550272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\fdb98c6d783fe167c1dc0022f27b7cd6\System.Data.SqlXml.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\b894a1df3e6d58ada8f1aa303465ca23\System.Data.Services.Client.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\82c0c56ff8259e1440cfd0d5727a26d8\System.Data.Linq.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 7069184 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
+ 2012-05-13 07:24 . 2012-05-13 07:24 4129280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\51025a1c89f6fd752a5396a059d608b2\System.Activities.ni.dll
+ 2012-05-13 07:24 . 2012-05-13 07:24 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\ebdd265de5f0300069da5f64983eca82\System.Activities.Presentation.ni.dll
+ 2012-05-13 07:24 . 2012-05-13 07:24 1546752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\66893548d2b2cad29cabf3b3578f356f\System.Activities.Core.Presentation.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\4b6c6c090a1bcfe70c056f6c7116e8a9\ReachFramework.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 9906688 c:\windows\assembly\NativeImages_v4.0.30319_32\print-engine\f61bad4ee493c6909456af0f24ed5e27\print-engine.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\ea5933189eb5f066028b6e7d27d1d797\PresentationUI.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 1139712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ebae0a4b7d3ae616b70417e6c778f48c\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\92694d06b9da1bff8e1722913a1d62bc\Microsoft.VisualBasic.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\42a7f127f3fda82fb12c6a6e144d08c1\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9a37f4e64ce5b856ac3892fef064c7de\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\cfcc92c125ddfaabad24abe61cfc0471\Microsoft.JScript.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 1616896 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\9912b6d76c1017b5af6ef24730f550ca\Microsoft.CSharp.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 1689600 c:\windows\assembly\NativeImages_v4.0.30319_32\Intuit.Ctg.Map\706c149a86cbc1223feee0caa198b12c\Intuit.Ctg.Map.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 2120704 c:\windows\assembly\NativeImages_v4.0.30319_32\IKVM.Runtime\c4cab20eea41e50cc4065dd8b76e1dfe\IKVM.Runtime.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 4390912 c:\windows\assembly\NativeImages_v4.0.30319_32\IKVM.OpenJDK.Util\b79612b13643878636d8a4039622f628\IKVM.OpenJDK.Util.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 1371136 c:\windows\assembly\NativeImages_v4.0.30319_32\IKVM.OpenJDK.Text\5238f0267e397cb7307732a1806e166f\IKVM.OpenJDK.Text.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 6602240 c:\windows\assembly\NativeImages_v4.0.30319_32\IKVM.OpenJDK.Securi#\4344e92d2d83ee3381f819fbc071b648\IKVM.OpenJDK.Security.ni.dll
+ 2012-05-13 07:22 . 2012-05-13 07:22 8305664 c:\windows\assembly\NativeImages_v4.0.30319_32\IKVM.OpenJDK.Core\21c5e50a36fee2cc04d32f5a6bb69590\IKVM.OpenJDK.Core.ni.dll
+ 2012-05-13 07:39 . 2012-05-13 07:39 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\783df1ee260d3df406fa80afa38502d4\UIAutomationClientsideProviders.ni.dll
+ 2012-05-13 07:39 . 2012-05-13 07:39 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\b7d8410b7226a2654823657f0a714441\System.WorkflowServices.ni.dll
+ 2012-05-13 07:45 . 2012-05-13 07:45 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\8ac687b7f43937c81f1c49d14975c740\System.Workflow.Runtime.ni.dll
+ 2012-05-13 07:45 . 2012-05-13 07:45 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\6fdec1a3278d87cbbc5211736d446d32\System.Workflow.ComponentModel.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\052fd2c15eb37e00cecf33f6d13d9b09\System.Workflow.Activities.ni.dll
+ 2012-05-13 07:43 . 2012-05-13 07:43 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\6a0b589c4c1467f6b783991842a0f961\System.Web.Services.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\395c96f5d2a876805d3846d396081c79\System.Web.Mobile.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\e4860ce9959b3593834516b4a6a75593\System.Web.Extensions.Design.ni.dll
+ 2012-05-13 08:04 . 2012-05-13 08:04 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\baa7ed93207641c186f79f82ee22aea0\System.Web.Extensions.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\ca51f026916139f886519fdf6d6c73e9\System.Speech.ni.dll
+ 2012-05-13 08:04 . 2012-05-13 08:04 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\56ee9b5f220583c1c7374a61ad904044\System.ServiceModel.Web.ni.dll
+ 2012-05-13 07:58 . 2012-05-13 07:58 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\f0bcd188487600cb07ce08dfd7b471ba\System.Printing.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll
+ 2012-05-13 07:58 . 2012-05-13 07:58 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\d1f21a29e79e73b5401fae156f339f67\System.IdentityModel.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.ni.dll
+ 2012-05-13 07:40 . 2012-05-13 07:40 2317312 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\92c038385ee5b9840e941f9c84b988df\System.Drawing.ni.dll
+ 2012-05-13 08:05 . 2012-05-13 08:05 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\39d16229a3d5c6e7c1594ef10758bf75\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\152ef61928f1c300fdad8fa6d5905880\System.DirectoryServices.ni.dll
+ 2012-05-13 07:40 . 2012-05-13 07:40 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\7c7024b309424dfaf8abae617f669fa0\System.Deployment.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\ea1848ec07c70f3d3c3445f4fbdae87a\System.Data.ni.dll
+ 2012-05-13 07:39 . 2012-05-13 07:39 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\7f6f74f1cc0ea6c40a2d6707b12af818\System.Data.SqlXml.ni.dll
+ 2012-05-13 08:04 . 2012-05-13 08:04 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\0679fe5f3f9164f499e50cdade962ba3\System.Data.Services.ni.dll
+ 2012-05-13 08:04 . 2012-05-13 08:04 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\2e9de1acfb7974cad94b747442ca325f\System.Data.Services.Client.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\97429a1c70c94c49850be3f944a32a2e\System.Data.OracleClient.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\2ec3d436b861d35c586b710a570e170d\System.Data.Linq.ni.dll
+ 2012-05-13 08:04 . 2012-05-13 08:04 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\b7b5364bc524988f7ca5b8c20a24119d\System.Data.Entity.Design.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\766ce7ee1a2e4f2a85fd90e7572f5d53\System.Core.ni.dll
+ 2012-05-13 07:38 . 2012-05-13 07:38 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\d6379f3503f00cf1c2bb4f6118efdbd9\ReachFramework.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\5fa575ebe76aab9d9fd07ce601c0d2e1\PresentationUI.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\4fbff79b8ebf082d08c0080923ff5036\PresentationBuildTasks.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\d0c041e321cf4d752d5113a0cdbccbaa\Narrator.ni.exe
+ 2012-05-13 08:03 . 2012-05-13 08:03 3482112 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\2996742e07158974f4ad581a28c34e50\Narrator.ni.exe
+ 2012-05-13 08:03 . 2012-05-13 08:03 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\051b72a48f2c3f7ddd7353c7d5479b10\MMCEx.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\c79bf402b4840e3b0021f75cf467f82b\MIGUIControls.ni.dll
+ 2012-05-13 08:03 . 2012-05-13 08:03 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\70b3f55017e9ddb67ce0f3c983eb6f37\Microsoft.VisualBasic.ni.dll
+ 2012-05-13 07:58 . 2012-05-13 07:58 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\28ba52bc122353647f1b547506e2df7c\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f5790625975320b1ffad63b476da9132\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f29b31b09b826a27cced362030561d00\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d0328b4733d1a99d342a84928e319d4f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\99049fd20c2a5e2779e879c2d95c96a2\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\efdc3b97b3c9d01dd00959970d086937\Microsoft.MediaCenter.ni.dll
+ 2012-05-13 08:00 . 2012-05-13 08:00 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c057be8bb6614cce013af3721fe34983\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5c50dfc78bd40be7ca0d850c781671e4\Microsoft.MediaCenter.UI.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\31fb31c16a37080687f869db6b443adf\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-05-13 08:00 . 2012-05-13 08:00 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\260d83ee2128a3388051cf416d4450b0\Microsoft.MediaCenter.Shell.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\094f6a515ca31504f96b4bad5848d692\Microsoft.JScript.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\a27890dd120635ba590a6fc9d9014197\Microsoft.Ink.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\588a688a0b71a211247d8e18b05d61e4\Microsoft.Build.Tasks.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4eeee4447f5045df9b4157d38d267de9\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\f1a0df6a86ceb708c5e50338f12b77ba\Microsoft.Build.Engine.ni.dll
+ 2012-05-13 07:57 . 2012-05-13 07:57 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\6b727c7aa69ae3e04a869908bfbae696\Microsoft.Build.Engine.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\208e6937e39f8f516536ba5f23e79687\mcstore.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\596902addad034f4df2caf291b12d61d\mcepg.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 2184192 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\cdad46cd58389f53308b735e6f29ce1f\ehiVidCtl.ni.dll
+ 2012-05-13 07:59 . 2012-05-13 07:59 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\0423915e377ec85d71ac216fafa77ab0\ehiProxy.ni.dll
+ 2012-05-13 07:46 . 2012-05-13 07:46 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\3b452cde57280624e1085699fe8beb03\UIAutomationClientsideProviders.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 3447296 c:\windows\assembly\NativeImages_v2.0.50727_32\ttax\412a2346ff47b1d120e8ea7d00b35d57\ttax.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 4170752 c:\windows\assembly\NativeImages_v2.0.50727_32\ttax\3d8649d68241ad000de3ab75bafc21b9\ttax.ni.dll
+ 2012-05-13 07:46 . 2012-05-13 07:46 7967232 c:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
+ 2012-05-13 07:46 . 2012-05-13 07:46 5452800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\439862b007b2dd84127ff35af476f5ad\System.WorkflowServices.ni.dll
+ 2012-05-13 07:49 . 2012-05-13 07:49 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\bfa1ffe928b4e3fd6701aabfee7df15e\System.Workflow.Runtime.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0a7d29e1614521f3a87cd5a13e57f9f1\System.Workflow.ComponentModel.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\edac556f009c25b62ef1a040152e9cda\System.Workflow.Activities.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\59a5af8e3ea07f7980e0476d2da234cd\System.Web.Services.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0307caacafd3e157fc003ed4743c5e2e\System.Web.Mobile.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\04442376410587c6de88f4b84cc69b1a\System.Web.Extensions.ni.dll
+ 2012-05-13 07:56 . 2012-05-13 07:56 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\83053c3eeb3255672d84c1ddc0ce8ef3\System.Speech.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d900f9ec12af9070d7c8f061a2b2618c\System.Printing.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\a8495b797e6f7adddc5811a4e1f97db5\System.Management.Automation.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 1590784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ef0d8a4790c24a3a091170958bc7b976\System.DirectoryServices.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\822d5ac046ebfe8129c91779a362d2e0\System.Deployment.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
+ 2012-05-13 07:46 . 2012-05-13 07:46 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e9774272e9fc6ca49e6c616a31783040\System.Data.SqlXml.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\3285887b33030a7ce453573d3bed4e95\System.Data.Services.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\330d3ad45a00455b537047183e128def\System.Data.Services.Client.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\0f4e07fb8b1b7e7133a98f478856f70c\System.Data.OracleClient.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\2fe1658f05b0a96fe25c956a31d27b06\System.Data.Linq.ni.dll
+ 2012-05-13 07:55 . 2012-05-13 07:55 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\51a2589d5ee1c9c40fb6c56391570f9e\System.Data.Entity.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\305c4315c192a2964a312051caa5259e\ReachFramework.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\b935f8a4e6115d3eeb7bb293bf4b2257\PresentationUI.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b3f13707cbd5d48aabaa9ef5264c8a30\PresentationBuildTasks.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 2538496 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\d182bcf5ac62fdcd8dab4e9e90d27576\Narrator.ni.exe
+ 2012-05-13 07:54 . 2012-05-13 07:54 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\a96e05eaed77a88a7a495091ed8296dc\Narrator.ni.exe
+ 2012-05-13 07:54 . 2012-05-13 07:54 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\0310b6efd8cd8b1b90bb78303d014081\MMCEx.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\6e602986ed39fd1f9e3801ee96b63f41\MIGUIControls.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dab0ad2d0f5da372a4947d3a1c7c07a9\Microsoft.VisualBasic.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\cd9e47effec6549cdec61eb3aef99f7c\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d62bb06df2169fa249006539173d6b5f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\870bb30c079ed5bc201057d71661601f\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-13 07:54 . 2012-05-13 07:54 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7ee29045f76b1e9577bfc1e0fab723d8\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\9ac798ce15e5c0336f43b624af7363ec\Microsoft.MediaCenter.UI.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\0cb862d3708c15fe0f5c66d2a40cb074\Microsoft.MediaCenter.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\e3d2577e00aef6bc9b3e235eb83634f3\Microsoft.JScript.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\89ebef016091d09d58c8a1066def8bcd\Microsoft.Ink.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\81b8987ca8661d6af40ead6311c45724\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\52e05f8fa4314803ceab2befae2e0a39\Microsoft.Build.Tasks.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b66f52dbd8f87e53c3c9a1de7ca5bba\Microsoft.Build.Engine.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\14defdf34097afaf302497a7d612aaaf\mcstore.ni.dll
+ 2012-05-13 07:53 . 2012-05-13 07:53 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\69b8de21b08c3412422c5918399ed702\mcepg.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 1555456 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\af386352249dc61ade7110e7562d4c13\Intuit.Ctg.Map.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\ae25c716de96b492a9bbea331f6d2688\Intuit.Ctg.Map.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 2598400 c:\windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\9ffaa1163c7f2a9062ad4a8c02d6159a\Infragistics2.Win.Misc.v8.2.ni.dll
- 2011-07-01 09:45 . 2010-11-05 01:53 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-12 11:32 . 2012-02-10 23:31 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-02-16 04:31 . 2011-10-31 23:16 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-05-12 11:33 . 2012-01-04 02:51 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-12-12 16:01 . 2011-03-29 22:33 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-12 11:33 . 2012-01-04 02:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-12 11:32 . 2012-02-10 23:31 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-12 11:32 . 2012-02-10 23:29 2256152 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
+ 2012-05-12 11:32 . 2012-02-10 23:29 3998208 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-12-12 16:00 . 2011-07-08 22:31 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-12 11:33 . 2012-01-04 03:34 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-12 11:32 . 2012-02-10 23:31 1737496 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
+ 2012-05-12 11:32 . 2012-02-10 23:31 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-07-01 09:45 . 2010-11-05 01:53 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-12 11:33 . 2012-01-04 02:50 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-12-12 16:00 . 2011-07-08 22:33 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-04-01 07:16 . 2012-05-13 17:22 10087724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1694425350-3873671160-743166481-1000-8192.dat
- 2010-04-01 07:16 . 2012-05-12 15:11 10087724 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1694425350-3873671160-743166481-1000-8192.dat
+ 2011-06-24 01:57 . 2012-05-13 17:22 66580660 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1694425350-3873671160-743166481-1000-4096.dat
+ 2012-01-19 18:20 . 2012-01-19 18:20 11997696 c:\windows\Installer\34efce1.msp
+ 2011-12-15 18:54 . 2011-12-15 18:54 39732736 c:\windows\Installer\34efcc3.msp
+ 2012-05-13 07:01 . 2012-05-13 07:01 20343808 c:\windows\Installer\34efc44.msp
+ 2011-09-16 00:42 . 2011-09-16 00:42 18115432 c:\windows\Installer\$PatchCache$\Managed\00002119210000000000000000F01FEC\12.0.6612\WWLIB.DLL
+ 2012-05-13 07:07 . 2012-05-13 07:07 11880448 c:\windows\assembly\NativeImages_v4.0.30319_64\System\935aea6e7eae16674abdd96a68ec97af\System.ni.dll
+ 2012-05-13 07:17 . 2012-05-13 07:17 17353728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\401ebcc2dd54ce1e0d63a544f7ed7b8a\System.Windows.Forms.ni.dll
+ 2012-05-13 07:20 . 2012-05-13 07:20 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\c4cc7eb7733c4221c32caccfd66ae320\System.ServiceModel.ni.dll
+ 2012-05-13 07:18 . 2012-05-13 07:18 18479616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9df4e7ae75baa7bbb1af30c8061a6e9b\System.Data.Entity.ni.dll
+ 2012-05-13 07:13 . 2012-05-13 07:13 10440192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\b64f213e823a591607c45fac4997801e\System.Core.ni.dll
+ 2012-05-13 07:15 . 2012-05-13 07:15 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\34c2013b5f730680bd610d6a98d2977f\PresentationFramework.ni.dll
+ 2012-05-13 07:14 . 2012-05-13 07:14 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\4464e9df7184e3393b4cbb0f6dc286ba\PresentationCore.ni.dll
+ 2012-05-13 07:07 . 2012-05-13 07:07 19353600 c:\windows\assembly\NativeImages_v4.0.30319_64\mscorlib\6087fce8f76d9af69af496cb10b7d1ee\mscorlib.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 13197312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9ee9841d9e33fe5dceba4cd7d90f2ae0\System.Windows.Forms.ni.dll
+ 2012-05-13 07:26 . 2012-05-13 07:26 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll
+ 2012-05-13 07:25 . 2012-05-13 07:25 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\7aa839fb16503243d6ae454ab334bcf4\System.Data.Entity.ni.dll
+ 2012-05-13 07:11 . 2012-05-13 07:11 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\041b1bcf6ae9ab58925791d8198c37e2\PresentationFramework.ni.dll
+ 2012-05-13 07:11 . 2012-05-13 07:11 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a1de74c8d0dfd15e3246e5dd394013bf\PresentationCore.ni.dll
+ 2012-05-13 07:08 . 2012-05-13 07:08 14412800 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 10037248 c:\windows\assembly\NativeImages_v4.0.30319_32\itext\b1b7c81c5ced0a540f40d3dc78166261\itext.ni.dll
+ 2012-05-13 07:23 . 2012-05-13 07:23 14787072 c:\windows\assembly\NativeImages_v4.0.30319_32\IKVM.OpenJDK.SwingA#\f2ed64a4ce1a70bc6a010a861f584770\IKVM.OpenJDK.SwingAWT.ni.dll
+ 2012-05-13 07:38 . 2012-05-13 07:38 10624512 c:\windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
+ 2012-05-13 07:40 . 2012-05-13 07:40 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e2ca64137e0da231edc4d158b153e4b7\System.Windows.Forms.ni.dll
+ 2012-05-13 07:43 . 2012-05-13 07:43 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\1cb5a7cbd9cdf50f1d48cee830331c9f\System.Web.ni.dll
+ 2012-05-13 07:58 . 2012-05-13 07:58 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f74b2d1b8cf279ff6bfe479f79e70fe9\System.ServiceModel.ni.dll
+ 2012-05-13 08:02 . 2012-05-13 08:02 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\00c4a761d0a5cafc00f34d763fe76ac4\System.Management.Automation.ni.dll
+ 2012-05-13 07:44 . 2012-05-13 07:44 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\78c747493d14dd3db5134d26e623851c\System.Design.ni.dll
+ 2012-05-13 08:04 . 2012-05-13 08:04 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\daaff9fe9c85fc171d426a3cb6766dbb\System.Data.Entity.ni.dll
+ 2012-05-13 07:42 . 2012-05-13 07:42 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9aa6320f06da2553fb04e78722c739c8\PresentationFramework.ni.dll
+ 2012-05-13 07:40 . 2012-05-13 07:40 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4dc6e89ac37368291890ba27c374208b\PresentationCore.ni.dll
+ 2012-05-13 07:37 . 2012-05-13 07:37 15570944 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
+ 2012-05-13 08:01 . 2012-05-13 08:01 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\d19a72cf466c23b193009386b25049ba\ehshell.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll
+ 2012-05-13 07:52 . 2012-05-13 07:52 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll
+ 2012-05-13 07:48 . 2012-05-13 07:48 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\649766df70bab5885c1b74a1491d60cb\System.Design.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07f019692c382d588d3c6cb2da2a9ec5\PresentationFramework.ni.dll
+ 2012-05-13 07:47 . 2012-05-13 07:47 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2d1fd350e9bc62ce659e5cbcfd555796\PresentationCore.ni.dll
+ 2012-05-13 07:46 . 2012-05-13 07:46 11492864 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
+ 2012-05-13 07:51 . 2012-05-13 07:51 10336768 c:\windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\c2398dc65605fc565cbe071749132e99\Infragistics2.Win.v8.2.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-30 1689144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 163328]
"Audiogalaxy"="c:\users\dooley\AppData\Local\Audiogalaxy\Audiogalaxy.exe" [2011-12-18 2955496]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2012-04-04 981680]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-12-18 197928]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"FreeAgentTheaterTrayIcon"="c:\program files (x86)\Seagate\Seagate_Media\AgrregationStatus\StxMediaMenuMgr.exe" [2010-02-17 202024]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
c:\users\dooley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\dooley\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
HP SimpleSave Monitor.lnk - c:\users\dooley\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [2011-12-22 477080]
.
c:\users\dooley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
Seagate 2GE6HGP0 Product Registration.lnk - c:\users\dooley\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GE6HGP0 Product Registration.exe [N/A]
Spoon Sandbox Manager 3.24.lnk - c:\users\dooley\AppData\Local\Spoon\3.24.0.9\Spoon-Sandbox-Native.exe [2011-2-8 232696]
Spoon Sandbox Manager 3.25.lnk - c:\users\dooley\AppData\Local\Spoon\3.25.0.15\Spoon-Sandbox-Native.exe [2011-4-4 310008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Ralink Wireless Utility.lnk - c:\program files (x86)\Ralink\Common\RaUI.exe [2011-2-16 6479712]
Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2011-12-20 666984]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
Launchy.lnk - c:\program files (x86)\Launchy\Launchy.exe [2011-9-7 405504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2009-10-07 231272]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 135664]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 257696]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
R3 BGTAGps;COBRA GPS USB Driver;c:\windows\system32\DRIVERS\Cobra_GPSx64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 135664]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28ux.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 Pcouffin64;Low level access layer for CD devices;c:\windows\system32\Drivers\pcouffin64a.sys [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 ZDPSp50a64;ZDPSp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\ZDPSp50a64.sys [x]
R4 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 BackupService;BackupService;c:\users\dooley\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe [2009-10-07 109928]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-12-18 189736]
S2 FreeAgentTheater Service;Seagate Media;c:\program files (x86)\Seagate\Seagate_Media\Sync\MediaAggreService.exe [2010-02-17 169256]
S2 HPMSSConnectorSvc;HPMSSConnectorService;c:\program files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe [2009-10-05 20992]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 iWinTrusted;iWinTrusted;c:\program files (x86)\iWin Games\iWinTrusted.exe [2011-04-08 176848]
S2 MediaCollectorService;MediaCollectorService;c:\program files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe [2009-10-05 81920]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-04-06 25824]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [2010-06-01 211296]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-04-13 14088]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe [2011-09-09 178528]
S2 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [2009-10-07 489832]
S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [2010-11-22 55400]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
S3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys [x]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeapfk
*Deregistered* - mfeavfk
*Deregistered* - mfehidk
*Deregistered* - mferkdet
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-17 00:02 114688 ----a-w- c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 16:01]
.
2012-05-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1694425350-3873671160-743166481-1000Core.job
- c:\users\dooley\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-30 16:46]
.
2012-05-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1694425350-3873671160-743166481-1000UA.job
- c:\users\dooley\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-08-30 16:46]
.
2012-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 15:22]
.
2012-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-09 15:22]
.
2012-05-06 c:\windows\Tasks\HPCeeScheduleFordooley.job
- c:\program files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-05-06 01:17]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\dooley\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [BU]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-08-19 333344]
"HP Remote Software"="c:\program files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe" [2009-02-06 172032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
Trusted Zone: jacobs.com\prolog
Trusted Zone: jacobs.com\prologtn
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
DPF: {36299202-09EF-4ABF-ADB9-47C599DBE778} - hxxps://www.hpwindows7upgrade.arvato.com/north_america/Endcustomer/HPProdDetect.cab
FF - ProfilePath - c:\users\dooley\AppData\Roaming\Mozilla\Firefox\Profiles\xobiklfd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7e044986-3d09-46d5-8b2c-c55f7dc6a108%7D&mid=3283b2fbb0abc2baed9e8661a86d5f4e-36ea7ca117ec4916501c8afcada094dbe3938727&ds=AVG&v=8.0.0.40&lang=en&pr=fr&d=2011-11-01%2015%3A50%3A23&sap=ku&q=
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-{CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - (no file)
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-{ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
AddRemove-Vuze_Remote Toolbar - c:\program files (x86)\Vuze_Remote\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"ASMLicenseKey"="00000-0003"
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Network Associates]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Kodak\KODAK Share Button App\Listener.exe
c:\program files (x86)\Ralink\Common\RaRegistry.exe
c:\program files (x86)\Sony\VAIO Media Integrated Server\VMISrv.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files (x86)\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2012-05-13 13:39:54 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-13 17:39
ComboFix2.txt 2012-05-12 15:28
.
Pre-Run: 181,367,853,056 bytes free
Post-Run: 181,619,560,448 bytes free
.
- - End Of File - - 881F7539E992413A3B5531FD3883E9DE


running really slow.

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 AM

Posted 13 May 2012 - 01:57 PM

Hello


I still see two antivirus installed on the computer Have you tried to uninstall one of them, I would uninstall AVG anyway. let me know how things are after you remove AVG



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 jdeuel

jdeuel
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 13 May 2012 - 04:58 PM

i have uninstalled avg so many times. i finally had to get a "tool" to remove it.

think things are set now. i just need to turn on the antivirus stuff etc.

thanks for all your help.

i'll let you know how my browser is working.

thanks,
janell

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 AM

Posted 13 May 2012 - 10:19 PM

Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 jdeuel

jdeuel
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 14 May 2012 - 07:34 AM

Update for Microsoft Office 2007 (KB2508958)
123CopyDVDGold
6500_E709_eDocs
6500_E709_Help
6500_E709n
Access Point connection utility
ACDSee 7.0 PowerPack
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Digital Editions
Adobe Reader 9.5.0
Adobe Shockwave Player 11.5
AIM 7
Amazon Kindle
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Software Update
ArcSoft MediaImpression
Ask Toolbar
Audials
Audials TV
AudialsOne
Audiogalaxy
AviSynth 2.5
Awakening: The Dreamless Castle
Big Fish Games: Game Manager
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
calibre
Carbonite Online Backup Setup
CCleaner
Cisco Connect
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Citrix XenApp Web Plugin
Cobra GPS Updater
Combat Arms
Compatibility Pack for the 2007 Office system
ContactKeeper 1.4.3
Coupon Printer for Windows
CouponBar
Cricut DesignStudio
Curse Client
D3DX10
Department 42 - The Mystery of the Nine 1.00
DesignPro 5.4 Limited Edition
Destinations
DeviceDiscovery
DHTML Editing Component
DirectX 9 Runtime
DirectX for Managed Code Update (Summer 2004)
DocMgr
DocProc
Dropbox
EA Download Manager
EasyBits GO
EMC 10 Content
Enhanced Multimedia Keyboard Solution
Facebook Video Calling 1.2.0.159
Fax
Finding Nemo
Free Ride Games Player
FrostWire 4.13.3
FrostWire 5.3.5
G.H.O.S.T Chronicles - Phantom of the Renaissance Faire 1.00
Ghost Towns: The Cats of Ulthar
Google Chrome
Google Earth
Google Update Helper
GPBaseService2
Groqit Desktop Applicaton 1.1a
GroupMail :: Free Edition
Heroes of Newerth
Hidden in Time - Mirror Mirror 1.00
House of 1000 Doors: Family Secrets
HP Active Support Library
HP Advisor
HP Customer Experience Enhancements
HP Image Zone Express
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP Odometer
HP Picasso Media Center Add-In
HP Product Detection
HP Recovery Manager RSS
HP Remote Solution
HP Support Information
HP Total Care Setup
HP Update
HPAsset component for HP Active Support Library
HPDiagnosticAlert
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HTC Driver
iLivid
ImgBurn
Inpaint 2.3
iWin Games (remove only)
Java Auto Updater
Java™ 6 Update 31
Jewel Quest 2
Jewel Quest III (remove only)
Jewel Quest: The Sapphire Dragon
Jewel Quest: The Sleepless Star
KODAK Share Button App
LAME v3.98.3 for Audacity
Launchy 2.6 Beta 2
League of Legends
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Memeo Instant Backup
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft Zoo Tycoon
Mirror Magic Deluxe (remove only)
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal Seagate Edition
Mystery Trackers: The Void
Near Reality
Nero 7 Ultra Edition
Nexon Game Manager
NOOK Study
NVIDIA Stereoscopic 3D Driver
OpenMG Secure Module 4.6.01
OverDrive Media Console
Pando Media Booster
Penny Dreadfuls Sweeney Todd Collectors Edition 1.00
Penny Dreadfuls™ Sweeney Todd
Photo Explosion
Picasa 3
Picture Collage Maker Pro 2.3.2
PictureMover
PixiePack Codec Pack
Pogoplug Browser
Print Artist Gold 23
ProductContext
Python 2.6 pywin32-212
Python 2.6.1
QuickTime
Ralink RT2870 Wireless LAN Card
Realtek High Definition Audio Driver
Rhapsody
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio Update Manager
Safari
Samsung CLP-510 Series
Samsung CLP-510 Series SmartPanel
SAMSUNG Dr. Printer
Samsung Universal Print Driver
SCAL Lib It Up 2.000
Scan
Seagate Dashboard
Seagate Manager Installer
Seagate Media Software
Seagate Thumbnail Creator
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Skype™ 5.3
SmartWebPrinting
SolutionCenter
Sonic CinePlayer Decoder Pack
SonicStage 4.2
SpongeBob SquarePants - The Movie
Spoon Sandbox Manager 3.24
Spoon Sandbox Manager 3.25
Spoon Sandbox Manager 3.26
Spoon Sandbox Manager 3.30
Spoon Sandbox Manager 3.31
Spoon Sandbox Manager 3.32
Status
StorageSync Backup Software
Sure Cuts A Lot 2.040
The Sims™ 3
TI Connect 1.6
Toolbox
TopWinPrio
Tradewinds Odyssey 1.00
TrayApp
Treasure Seekers: The Time Has Come
Turbo Lister 2
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wohiper
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 winiper
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wohiper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wohiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wohiper
TurboTax 2011 wrapper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO Entertainment Platform
VAIO Media Integrated Server 6.0
Ventrilo Client
Viewpoint Media Player
Virtual Villagers 1.0
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
VLC media player 1.1.11
VLC Streamer 2.18
Vuze Remote Toolbar
Warcraft III
Warcraft III: All Products
WebReg
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Xvid 1.1.3 final uninstall
Yahoo! Toolbar

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:35 AM

Posted 14 May 2012 - 07:42 AM

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Adobe Reader 9.5.0
Ask Toolbar
CouponBar
Java™ 6 Update 31
Viewpoint Media Player
Vuze Remote Toolbar
[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful not to install anything to do with AskBar.
[/list]

Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 jdeuel

jdeuel
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 17 May 2012 - 11:31 AM

my usb drives wont work. it doesn't recognize my external hd.
thanks,janell

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:23:12 PM, on 5/17/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Users\dooley\AppData\Local\Audiogalaxy\Audiogalaxy.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Free Ride Games\GPlayer.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Ralink\Common\RaUI.exe
C:\Users\dooley\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\dooley\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files (x86)\Seagate\Seagate_Media\AgrregationStatus\stxmediamenumgr.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (file missing)
O2 - BHO: (no name) - {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files (x86)\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [FreeAgentTheaterTrayIcon] "C:\Program Files (x86)\Seagate\Seagate_Media\AgrregationStatus\StxMediaMenuMgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Audiogalaxy] "C:\Users\dooley\AppData\Local\Audiogalaxy\Audiogalaxy.exe" /startup
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Startup: Dropbox.lnk = dooley\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: HP SimpleSave Monitor.lnk = dooley\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe
O4 - Global Startup: Windows Home Server.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {36299202-09EF-4ABF-ADB9-47C599DBE778} (HP Product Detection Control) - https://www.hpwindows7upgrade.arvato.com/north_america/Endcustomer/HPProdDetect.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/download/bin/actxcab.cab
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BackupService - ArcSoft, Inc. - C:\Users\dooley\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Seagate Media (FreeAgentTheater Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate_Media\Sync\MediaAggreService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HPMSSConnectorService (HPMSSConnectorSvc) - HP - C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MediaCollectorService - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Virtual CDAudio Service - RapidSolution Software AG - C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18808 bytes



Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.17.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
dooley :: DOOLEY-PC [administrator]

5/17/2012 11:06:19 AM
mbam-log-2012-05-17 (11-06-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231681
Time elapsed: 5 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users