Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

S M A R T Check Virus and .crypt files


  • This topic is locked This topic is locked
15 replies to this topic

#1 lilpmplugz99

lilpmplugz99

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 12 June 2012 - 06:11 PM

My machine having WINDOWS XP SP3 OS has been infected by smart check virus which has changed extension of all the files (like .doc, .xls, .jpg, .pdf) to .crypt. So now the files are all like .doc.crypt.

Next, if I rename this files and remove the extension, the file is not recovered. The file seems to have got encrypted in some way or it has corrupt data inside it.

I am not able to make out which virus has such a behaviour because I have tried anitivirus like NAV, AVG and some other but none of them can detect this problem and help me to recover the files.

Kindly send any information about this problem and how to recover infected files.

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:42 AM

Posted 12 June 2012 - 07:13 PM

Hello lilpmplugz99,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.

At his time there is only one known decrypter tool available for this type of infection. If this tool doesn't work you will have to reformat and reinstall sorry. This malware is new and is being worked on by all the best malware experts in the world.

http://tmp.emsisoft.com/fw/decrypt_SetSysLog32.zip

Down load it to your desktop and unzip it and double click to run the tool. There will be a log produced please post that log.

Edited by fireman4it, 12 June 2012 - 07:14 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 lilpmplugz99

lilpmplugz99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 12 June 2012 - 07:36 PM

It said it could not find decrytion key. Maybe a new variant?
Also I forgot to mention that all my notepad files got replaced by this WARNING.txt


YOUR ID: 1113
Your computer protection level was very low and your system was attacked by
trojan program which encrypts data.

All your documents, text files, databases, pictures and etc. were encrypted by
secure AES algorithm with unique password.

Random password entry attempt is imposible, all the data will be damaged
after first unsuccessful attempt.

Programs that can restore data wont help you as original files will be destroyed
without a possibility to restore them.
It is useless to ask someone for help. Only we can decipher your data.


We will create a decipher program if you really need your files.COST IS $50.
We accept payments through MoneyPak. ( you can find more information on
their website www.moneypak.com).

Enter MoneyPak number with $50 value as well as your e-mail and click Pay.
You will receive decipher program which will help you to retrieve your files
and remove malware from your computer in 24 HOURS.)

We provide 100% guarantee that your data will be restored in 24 hours after
receiving payment from you.
receive a decipher. Such actions may make your data restoration impossible.
ATTENTION: In case if MoneyPak number and/or e-mail is invalid it will make
restoration process more complicated. PRODUCT COST WILL RISE TO $150.
EMAIL: decryptmeplease@yahoo.com

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:42 AM

Posted 12 June 2012 - 09:35 PM

Hello,

1.
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.



2.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


Things to include in your next reply::
TdssKiller log
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 lilpmplugz99

lilpmplugz99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 12 June 2012 - 10:51 PM

TDSS found 1 threat combofix found none.


22:51:31.0031 2412 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
22:51:31.0421 2412 ============================================================
22:51:31.0421 2412 Current date / time: 2012/06/12 22:51:31.0421
22:51:31.0421 2412 SystemInfo:
22:51:31.0421 2412
22:51:31.0421 2412 OS Version: 5.1.2600 ServicePack: 3.0
22:51:31.0421 2412 Product type: Workstation
22:51:31.0421 2412 ComputerName: HOMEPC
22:51:31.0421 2412 UserName: WindowsXP
22:51:31.0421 2412 Windows directory: C:\WINDOWS
22:51:31.0421 2412 System windows directory: C:\WINDOWS
22:51:31.0421 2412 Processor architecture: Intel x86
22:51:31.0421 2412 Number of processors: 2
22:51:31.0421 2412 Page size: 0x1000
22:51:31.0421 2412 Boot type: Normal boot
22:51:31.0421 2412 ============================================================
22:51:34.0437 2412 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:51:34.0437 2412 ============================================================
22:51:34.0437 2412 \Device\Harddisk0\DR0:
22:51:34.0437 2412 MBR partitions:
22:51:34.0437 2412 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
22:51:34.0437 2412 ============================================================
22:51:34.0500 2412 C: <-> \Device\Harddisk0\DR0\Partition0
22:51:34.0500 2412 ============================================================
22:51:34.0500 2412 Initialize success
22:51:34.0500 2412 ============================================================
22:51:41.0812 5180 ============================================================
22:51:41.0812 5180 Scan started
22:51:41.0812 5180 Mode: Manual;
22:51:41.0812 5180 ============================================================
22:51:43.0609 5180 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
22:51:43.0609 5180 Aavmker4 - ok
22:51:43.0609 5180 Abiosdsk - ok
22:51:43.0625 5180 abp480n5 - ok
22:51:43.0734 5180 ACPI (ea38c961260f29295c6d03070fa9d0b5) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:51:43.0765 5180 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: ea38c961260f29295c6d03070fa9d0b5, Fake md5: 8fd99680a539792a30e97944fdaecf17
22:51:43.0781 5180 ACPI ( Virus.Win32.Rloader.a ) - infected
22:51:43.0781 5180 ACPI - detected Virus.Win32.Rloader.a (0)
22:51:43.0812 5180 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:51:43.0812 5180 ACPIEC - ok
22:51:43.0828 5180 adpu160m - ok
22:51:43.0890 5180 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:51:43.0921 5180 aec - ok
22:51:44.0000 5180 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:51:44.0031 5180 AFD - ok
22:51:44.0093 5180 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
22:51:44.0093 5180 AFS2K - ok
22:51:44.0125 5180 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:51:44.0125 5180 agp440 - ok
22:51:44.0125 5180 Aha154x - ok
22:51:44.0140 5180 aic78u2 - ok
22:51:44.0171 5180 aic78xx - ok
22:51:44.0437 5180 ALCXSENS (ba88534a3ceb6161e7432438b9ea4f54) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
22:51:44.0546 5180 ALCXSENS - ok
22:51:44.0828 5180 ALCXWDM (4d4593c10f2c90d48da9fd1b14ace825) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:51:45.0015 5180 ALCXWDM - ok
22:51:45.0078 5180 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
22:51:45.0078 5180 Alerter - ok
22:51:45.0125 5180 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
22:51:45.0125 5180 ALG - ok
22:51:45.0125 5180 AliIde - ok
22:51:45.0140 5180 amsint - ok
22:51:45.0312 5180 AN983 (116bff96077a4a724e0aab800525ceb5) C:\WINDOWS\system32\DRIVERS\AN983.sys
22:51:45.0312 5180 AN983 - ok
22:51:45.0421 5180 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
22:51:45.0421 5180 AOL ACS - ok
22:51:45.0500 5180 AOL TopSpeedMonitor (7fb54900aa9792ab6307c699ec1859d4) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
22:51:45.0515 5180 AOL TopSpeedMonitor - ok
22:51:45.0593 5180 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:51:45.0593 5180 Apple Mobile Device - ok
22:51:45.0593 5180 AppMgmt - ok
22:51:45.0656 5180 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:51:45.0671 5180 Arp1394 - ok
22:51:45.0671 5180 asc - ok
22:51:45.0687 5180 asc3350p - ok
22:51:45.0703 5180 asc3550 - ok
22:51:45.0750 5180 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
22:51:45.0750 5180 ASCTRM - ok
22:51:45.0875 5180 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:51:45.0890 5180 aspnet_state - ok
22:51:45.0937 5180 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:51:45.0937 5180 aswFsBlk - ok
22:51:46.0000 5180 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
22:51:46.0015 5180 aswMon2 - ok
22:51:46.0062 5180 AswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\AswRdr.sys
22:51:46.0062 5180 AswRdr - ok
22:51:46.0406 5180 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
22:51:46.0593 5180 aswSnx - ok
22:51:46.0750 5180 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
22:51:46.0859 5180 aswSP - ok
22:51:46.0906 5180 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
22:51:46.0921 5180 aswTdi - ok
22:51:46.0968 5180 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:51:46.0968 5180 AsyncMac - ok
22:51:47.0031 5180 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:51:47.0031 5180 atapi - ok
22:51:47.0031 5180 Atdisk - ok
22:51:47.0078 5180 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:51:47.0078 5180 Atmarpc - ok
22:51:47.0140 5180 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
22:51:47.0140 5180 AudioSrv - ok
22:51:47.0296 5180 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:51:47.0296 5180 audstub - ok
22:51:47.0421 5180 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:51:47.0421 5180 avast! Antivirus - ok
22:51:47.0437 5180 Beep - ok
22:51:47.0593 5180 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
22:51:47.0750 5180 BITS - ok
22:51:47.0906 5180 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
22:51:47.0906 5180 Bonjour Service - ok
22:51:47.0984 5180 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
22:51:48.0000 5180 Browser - ok
22:51:48.0000 5180 catchme - ok
22:51:48.0046 5180 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:51:48.0046 5180 cbidf2k - ok
22:51:48.0078 5180 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:51:48.0078 5180 CCDECODE - ok
22:51:48.0078 5180 cd20xrnt - ok
22:51:48.0296 5180 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:51:48.0312 5180 Cdaudio - ok
22:51:48.0484 5180 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:51:48.0500 5180 Cdfs - ok
22:51:48.0562 5180 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
22:51:48.0562 5180 Cdr4_xp - ok
22:51:48.0609 5180 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINDOWS\system32\drivers\Cdralw2k.sys
22:51:48.0625 5180 Cdralw2k - ok
22:51:48.0781 5180 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:51:48.0781 5180 Cdrom - ok
22:51:48.0781 5180 Changer - ok
22:51:48.0812 5180 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
22:51:48.0859 5180 CiSvc - ok
22:51:48.0875 5180 clcsuq - ok
22:51:48.0984 5180 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
22:51:49.0031 5180 ClipSrv - ok
22:51:49.0750 5180 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:51:49.0765 5180 clr_optimization_v2.0.50727_32 - ok
22:51:49.0765 5180 CmdIde - ok
22:51:49.0781 5180 COMSysApp - ok
22:51:49.0796 5180 Cpqarray - ok
22:51:49.0875 5180 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
22:51:49.0890 5180 CryptSvc - ok
22:51:49.0890 5180 dac2w2k - ok
22:51:49.0906 5180 dac960nt - ok
22:51:49.0953 5180 DCamUSBSQTECH (9c98671eb51a6c9e807d807b3f70faa0) C:\WINDOWS\system32\Drivers\SQcaptur.sys
22:51:49.0953 5180 DCamUSBSQTECH - ok
22:51:50.0140 5180 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
22:51:50.0375 5180 DcomLaunch - ok
22:51:50.0453 5180 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
22:51:50.0500 5180 Dhcp - ok
22:51:50.0531 5180 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:51:50.0531 5180 Disk - ok
22:51:50.0531 5180 dmadmin - ok
22:51:50.0828 5180 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:51:51.0078 5180 dmboot - ok
22:51:51.0140 5180 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:51:51.0296 5180 dmio - ok
22:51:51.0328 5180 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:51:51.0328 5180 dmload - ok
22:51:51.0359 5180 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
22:51:51.0359 5180 dmserver - ok
22:51:51.0406 5180 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:51:51.0406 5180 DMusic - ok
22:51:51.0453 5180 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
22:51:51.0453 5180 Dnscache - ok
22:51:51.0531 5180 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
22:51:51.0578 5180 Dot3svc - ok
22:51:51.0593 5180 dpti2o - ok
22:51:51.0625 5180 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:51:51.0625 5180 drmkaud - ok
22:51:51.0734 5180 DTSRVC (2291e476e6f80e8287e6c7372b793c17) C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
22:51:51.0734 5180 DTSRVC - ok
22:51:51.0781 5180 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
22:51:51.0781 5180 EapHost - ok
22:51:51.0828 5180 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
22:51:51.0828 5180 ERSvc - ok
22:51:51.0921 5180 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:51:51.0953 5180 Eventlog - ok
22:51:52.0062 5180 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
22:51:52.0125 5180 EventSystem - ok
22:51:52.0296 5180 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:51:52.0328 5180 Fastfat - ok
22:51:52.0421 5180 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:51:52.0453 5180 FastUserSwitchingCompatibility - ok
22:51:52.0468 5180 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:51:52.0468 5180 Fdc - ok
22:51:52.0500 5180 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:51:52.0500 5180 Fips - ok
22:51:52.0515 5180 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:51:52.0531 5180 Flpydisk - ok
22:51:52.0578 5180 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:51:52.0609 5180 FltMgr - ok
22:51:52.0718 5180 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:51:52.0734 5180 FontCache3.0.0.0 - ok
22:51:52.0781 5180 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:51:52.0781 5180 Fs_Rec - ok
22:51:52.0906 5180 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:51:52.0921 5180 Ftdisk - ok
22:51:52.0953 5180 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
22:51:52.0968 5180 GEARAspiWDM - ok
22:51:53.0000 5180 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:51:53.0015 5180 Gpc - ok
22:51:53.0046 5180 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\WINDOWS\system32\drivers\grmnusb.sys
22:51:53.0046 5180 grmnusb - ok
22:51:53.0140 5180 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:51:53.0140 5180 helpsvc - ok
22:51:53.0296 5180 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
22:51:53.0296 5180 HidServ - ok
22:51:53.0343 5180 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:51:53.0343 5180 hidusb - ok
22:51:53.0406 5180 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
22:51:53.0437 5180 hkmsvc - ok
22:51:53.0437 5180 hpn - ok
22:51:53.0562 5180 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:51:53.0640 5180 HTTP - ok
22:51:53.0687 5180 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
22:51:53.0703 5180 HTTPFilter - ok
22:51:53.0703 5180 i2omgmt - ok
22:51:53.0718 5180 i2omp - ok
22:51:53.0765 5180 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:51:53.0765 5180 i8042prt - ok
22:51:53.0906 5180 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:51:53.0921 5180 IDriverT - ok
22:51:54.0406 5180 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:51:54.0703 5180 idsvc - ok
22:51:55.0015 5180 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
22:51:55.0140 5180 IHA_MessageCenter - ok
22:51:56.0000 5180 imagedrv (552b6b3b889020b8a2d5525068a494b4) C:\WINDOWS\system32\Drivers\imagedrv.sys
22:51:56.0000 5180 imagedrv - ok
22:51:56.0062 5180 imagesrv (1be72919f1b489fb8c06ae7cef45c659) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
22:51:56.0093 5180 imagesrv - ok
22:51:56.0140 5180 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:51:56.0140 5180 Imapi - ok
22:51:56.0343 5180 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
22:51:56.0390 5180 ImapiService - ok
22:51:56.0406 5180 ini910u - ok
22:51:56.0421 5180 IntelIde - ok
22:51:56.0468 5180 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:51:56.0468 5180 intelppm - ok
22:51:56.0546 5180 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
22:51:56.0546 5180 IntuitUpdateService - ok
22:51:56.0562 5180 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:51:56.0578 5180 ip6fw - ok
22:51:56.0625 5180 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:51:56.0625 5180 IpFilterDriver - ok
22:51:56.0640 5180 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:51:56.0640 5180 IpInIp - ok
22:51:56.0718 5180 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:51:56.0750 5180 IpNat - ok
22:51:57.0125 5180 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe
22:51:57.0484 5180 iPod Service - ok
22:51:57.0515 5180 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:51:57.0531 5180 IPSec - ok
22:51:57.0546 5180 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:51:57.0546 5180 IRENUM - ok
22:51:57.0593 5180 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:51:57.0593 5180 isapnp - ok
22:51:57.0765 5180 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
22:51:57.0812 5180 JavaQuickStarterService - ok
22:51:57.0875 5180 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:51:57.0875 5180 Kbdclass - ok
22:51:57.0890 5180 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:51:57.0890 5180 kbdhid - ok
22:51:57.0968 5180 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:51:57.0968 5180 kmixer - ok
22:51:58.0031 5180 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:51:58.0062 5180 KSecDD - ok
22:51:58.0125 5180 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
22:51:58.0265 5180 lanmanserver - ok
22:51:58.0359 5180 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
22:51:58.0406 5180 lanmanworkstation - ok
22:51:58.0406 5180 lbrtfdc - ok
22:51:58.0515 5180 LightScribeService (9188d073cd14f886790d6037d1986063) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:51:58.0531 5180 LightScribeService - ok
22:51:58.0562 5180 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
22:51:58.0578 5180 LmHosts - ok
22:51:58.0703 5180 lxdnCATSCustConnectService (bb8e3a0a6cc1fe48b385a949e3a447a8) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
22:51:58.0718 5180 lxdnCATSCustConnectService - ok
22:51:58.0734 5180 lxdn_device - ok
22:51:58.0765 5180 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
22:51:58.0781 5180 MBAMProtector - ok
22:51:59.0093 5180 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:51:59.0390 5180 MBAMService - ok
22:51:59.0546 5180 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
22:51:59.0625 5180 McciCMService - ok
22:51:59.0640 5180 mcdbus - ok
22:51:59.0656 5180 MCSTRM - ok
22:51:59.0796 5180 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
22:51:59.0906 5180 MDM - ok
22:51:59.0953 5180 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
22:51:59.0968 5180 Messenger - ok
22:52:00.0015 5180 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:52:00.0015 5180 mnmdd - ok
22:52:00.0062 5180 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
22:52:00.0078 5180 mnmsrvc - ok
22:52:00.0140 5180 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:52:00.0140 5180 Modem - ok
22:52:00.0281 5180 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:52:00.0281 5180 Mouclass - ok
22:52:00.0328 5180 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:52:00.0328 5180 mouhid - ok
22:52:00.0359 5180 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:52:00.0375 5180 MountMgr - ok
22:52:00.0453 5180 mr7910 (6aa46f9896d3c9e5a00e01bb416c707b) C:\WINDOWS\system32\DRIVERS\mr7910.sys
22:52:00.0468 5180 mr7910 - ok
22:52:00.0468 5180 mraid35x - ok
22:52:00.0515 5180 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
22:52:00.0531 5180 MREMP50 - ok
22:52:00.0531 5180 MREMP50a64 - ok
22:52:00.0546 5180 MREMPR5 - ok
22:52:00.0546 5180 MRENDIS5 - ok
22:52:00.0578 5180 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
22:52:00.0578 5180 MRESP50 - ok
22:52:00.0593 5180 MRESP50a64 - ok
22:52:00.0671 5180 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:52:00.0703 5180 MRxDAV - ok
22:52:01.0000 5180 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:52:01.0328 5180 MRxSmb - ok
22:52:01.0468 5180 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
22:52:01.0515 5180 MSDTC - ok
22:52:01.0640 5180 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:52:01.0656 5180 Msfs - ok
22:52:01.0656 5180 MSIServer - ok
22:52:01.0750 5180 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:52:01.0765 5180 MSKSSRV - ok
22:52:01.0953 5180 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:52:01.0968 5180 MSPCLOCK - ok
22:52:02.0015 5180 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:52:02.0015 5180 MSPQM - ok
22:52:02.0078 5180 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:52:02.0093 5180 mssmbios - ok
22:52:02.0093 5180 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:52:02.0109 5180 MSTEE - ok
22:52:02.0296 5180 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:52:02.0296 5180 Mup - ok
22:52:02.0359 5180 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:52:02.0359 5180 NABTSFEC - ok
22:52:02.0500 5180 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
22:52:02.0593 5180 napagent - ok
22:52:03.0000 5180 NBService (b498a14133bd09ad0817590ace4470ad) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
22:52:03.0375 5180 NBService - ok
22:52:03.0468 5180 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:52:03.0500 5180 NDIS - ok
22:52:03.0562 5180 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:52:03.0562 5180 NdisIP - ok
22:52:03.0609 5180 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:52:03.0609 5180 NdisTapi - ok
22:52:03.0625 5180 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:52:03.0625 5180 Ndisuio - ok
22:52:03.0687 5180 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:52:03.0687 5180 NdisWan - ok
22:52:03.0750 5180 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:52:03.0750 5180 NDProxy - ok
22:52:03.0765 5180 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:52:03.0765 5180 NetBIOS - ok
22:52:03.0859 5180 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:52:03.0890 5180 NetBT - ok
22:52:03.0953 5180 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
22:52:04.0000 5180 NetDDE - ok
22:52:04.0015 5180 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
22:52:04.0031 5180 NetDDEdsdm - ok
22:52:04.0062 5180 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:52:04.0078 5180 Netlogon - ok
22:52:04.0296 5180 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
22:52:04.0359 5180 Netman - ok
22:52:04.0406 5180 netrcacm (b128ccc0e4586628d5d6f6a8f1d0778d) C:\WINDOWS\system32\DRIVERS\netrcacm.sys
22:52:04.0406 5180 netrcacm - ok
22:52:04.0562 5180 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:52:04.0609 5180 NetTcpPortSharing - ok
22:52:04.0640 5180 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:52:04.0656 5180 NIC1394 - ok
22:52:04.0765 5180 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
22:52:04.0843 5180 Nla - ok
22:52:05.0078 5180 NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
22:52:05.0140 5180 NMIndexingService - ok
22:52:05.0281 5180 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:52:05.0281 5180 Npfs - ok
22:52:05.0500 5180 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:52:05.0671 5180 Ntfs - ok
22:52:05.0718 5180 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
22:52:05.0734 5180 NtLmSsp - ok
22:52:05.0906 5180 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
22:52:06.0062 5180 NtmsSvc - ok
22:52:06.0093 5180 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:52:06.0109 5180 Null - ok
22:52:06.0906 5180 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:52:07.0796 5180 nv - ok
22:52:08.0890 5180 NWADI (fc2a8aaa0f3321f41231ede0af1968ae) C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
22:52:08.0937 5180 NWADI - ok
22:52:08.0984 5180 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:52:08.0984 5180 NwlnkFlt - ok
22:52:09.0031 5180 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:52:09.0031 5180 NwlnkFwd - ok
22:52:09.0078 5180 NWUSBCDFIL (224131778c92aee8c13afac5fbff19ca) C:\WINDOWS\system32\DRIVERS\NwUsbCdFil.sys
22:52:09.0078 5180 NWUSBCDFIL - ok
22:52:09.0296 5180 NWUSBModem (b7112f30d7eff4b5052eba879f46228f) C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys
22:52:09.0343 5180 NWUSBModem - ok
22:52:09.0421 5180 NWUSBPort (b7112f30d7eff4b5052eba879f46228f) C:\WINDOWS\system32\DRIVERS\nwusbser.sys
22:52:09.0453 5180 NWUSBPort - ok
22:52:09.0531 5180 NWUSBPort2 (b7112f30d7eff4b5052eba879f46228f) C:\WINDOWS\system32\DRIVERS\nwusbser2.sys
22:52:09.0578 5180 NWUSBPort2 - ok
22:52:09.0640 5180 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:52:09.0640 5180 ohci1394 - ok
22:52:09.0781 5180 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:52:09.0781 5180 ose - ok
22:52:09.0859 5180 P2k (137e20f75102ed639b11417c9f779ee6) C:\WINDOWS\system32\DRIVERS\P2k.sys
22:52:09.0875 5180 P2k - ok
22:52:09.0953 5180 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:52:09.0953 5180 Parport - ok
22:52:09.0968 5180 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:52:09.0984 5180 PartMgr - ok
22:52:10.0015 5180 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:52:10.0015 5180 ParVdm - ok
22:52:10.0062 5180 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:52:10.0062 5180 PCI - ok
22:52:10.0078 5180 PCIDump - ok
22:52:10.0093 5180 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:52:10.0109 5180 PCIIde - ok
22:52:10.0281 5180 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:52:10.0296 5180 Pcmcia - ok
22:52:10.0359 5180 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
22:52:10.0359 5180 pcouffin - ok
22:52:10.0375 5180 PDCOMP - ok
22:52:10.0375 5180 PDFRAME - ok
22:52:10.0421 5180 pdiddcci (d1fc85a4880539657bb4d3775da0c541) C:\WINDOWS\system32\DRIVERS\pdiddcci.sys
22:52:10.0421 5180 pdiddcci - ok
22:52:10.0453 5180 PdiPorts (18ed1d71fef6f71d38c24263500bbd01) C:\WINDOWS\system32\Drivers\PdiPorts.sys
22:52:10.0453 5180 PdiPorts - ok
22:52:10.0468 5180 PDRELI - ok
22:52:10.0484 5180 PDRFRAME - ok
22:52:10.0484 5180 perc2 - ok
22:52:10.0500 5180 perc2hib - ok
22:52:10.0593 5180 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:52:10.0593 5180 PlugPlay - ok
22:52:10.0656 5180 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
22:52:10.0656 5180 Pml Driver HPZ12 - ok
22:52:10.0703 5180 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:52:10.0718 5180 PolicyAgent - ok
22:52:10.0750 5180 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:52:10.0750 5180 PptpMiniport - ok
22:52:10.0781 5180 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
22:52:10.0781 5180 Processor - ok
22:52:10.0781 5180 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:52:10.0796 5180 ProtectedStorage - ok
22:52:10.0828 5180 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:52:10.0843 5180 PSched - ok
22:52:10.0890 5180 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:52:10.0890 5180 Ptilink - ok
22:52:10.0953 5180 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:52:10.0953 5180 PxHelp20 - ok
22:52:10.0953 5180 ql1080 - ok
22:52:10.0968 5180 Ql10wnt - ok
22:52:10.0984 5180 ql12160 - ok
22:52:11.0000 5180 ql1240 - ok
22:52:11.0000 5180 ql1280 - ok
22:52:11.0031 5180 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:52:11.0031 5180 RasAcd - ok
22:52:11.0093 5180 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
22:52:11.0140 5180 RasAuto - ok
22:52:11.0296 5180 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:52:11.0296 5180 Rasl2tp - ok
22:52:11.0390 5180 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
22:52:11.0453 5180 RasMan - ok
22:52:11.0484 5180 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:52:11.0484 5180 RasPppoe - ok
22:52:11.0500 5180 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:52:11.0500 5180 Raspti - ok
22:52:11.0578 5180 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:52:11.0625 5180 Rdbss - ok
22:52:11.0640 5180 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:52:11.0640 5180 RDPCDD - ok
22:52:11.0734 5180 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:52:11.0781 5180 rdpdr - ok
22:52:11.0859 5180 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
22:52:11.0890 5180 RDPWD - ok
22:52:11.0953 5180 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
22:52:12.0000 5180 RDSessMgr - ok
22:52:12.0046 5180 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:52:12.0046 5180 redbook - ok
22:52:12.0109 5180 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
22:52:12.0140 5180 RemoteAccess - ok
22:52:12.0296 5180 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
22:52:12.0328 5180 RpcLocator - ok
22:52:12.0515 5180 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
22:52:12.0531 5180 RpcSs - ok
22:52:12.0609 5180 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
22:52:12.0656 5180 RSVP - ok
22:52:12.0703 5180 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:52:12.0703 5180 SamSs - ok
22:52:12.0781 5180 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
22:52:12.0812 5180 SCardSvr - ok
22:52:12.0921 5180 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
22:52:12.0984 5180 Schedule - ok
22:52:13.0015 5180 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:52:13.0015 5180 Secdrv - ok
22:52:13.0062 5180 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
22:52:13.0062 5180 seclogon - ok
22:52:13.0093 5180 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
22:52:13.0109 5180 SENS - ok
22:52:13.0265 5180 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:52:13.0265 5180 serenum - ok
22:52:13.0312 5180 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:52:13.0328 5180 Serial - ok
22:52:13.0359 5180 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:52:13.0375 5180 Sfloppy - ok
22:52:13.0500 5180 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
22:52:13.0593 5180 SharedAccess - ok
22:52:13.0953 5180 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:52:13.0968 5180 ShellHWDetection - ok
22:52:13.0984 5180 Simbad - ok
22:52:14.0046 5180 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:52:14.0062 5180 SLIP - ok
22:52:14.0578 5180 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
22:52:14.0593 5180 SMSIVZAM5 - ok
22:52:14.0625 5180 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
22:52:14.0640 5180 SONYPVU1 - ok
22:52:14.0640 5180 Sparrow - ok
22:52:14.0671 5180 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:52:14.0687 5180 splitter - ok
22:52:14.0734 5180 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
22:52:14.0750 5180 Spooler - ok
22:52:14.0781 5180 spupdsvc (03d7ad16ac204c48640cbe6ed8281a65) C:\WINDOWS\system32\spupdsvc.exe
22:52:14.0796 5180 spupdsvc - ok
22:52:14.0843 5180 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:52:14.0843 5180 sr - ok
22:52:14.0953 5180 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
22:52:15.0000 5180 srservice - ok
22:52:15.0281 5180 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:52:15.0406 5180 Srv - ok
22:52:15.0468 5180 sscdbus (d6870895fe46a464a19141440eb6cc1e) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
22:52:15.0468 5180 sscdbus - ok
22:52:15.0500 5180 sscdmdfl (0fe167362e4689b716cdc8d93adedda8) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
22:52:15.0515 5180 sscdmdfl - ok
22:52:15.0578 5180 sscdmdm (55a15707e32b6709242ad127e62ca55a) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
22:52:15.0593 5180 sscdmdm - ok
22:52:15.0640 5180 sscdserd (9fa66e361a99f8920c7609bae6814a0e) C:\WINDOWS\system32\DRIVERS\sscdserd.sys
22:52:15.0656 5180 sscdserd - ok
22:52:15.0703 5180 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
22:52:15.0718 5180 SSDPSRV - ok
22:52:15.0750 5180 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
22:52:15.0750 5180 StillCam - ok
22:52:15.0890 5180 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
22:52:16.0031 5180 stisvc - ok
22:52:16.0078 5180 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:52:16.0078 5180 streamip - ok
22:52:16.0109 5180 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:52:16.0109 5180 swenum - ok
22:52:16.0140 5180 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:52:16.0156 5180 swmidi - ok
22:52:16.0250 5180 SwPrv - ok
22:52:16.0281 5180 symc810 - ok
22:52:16.0296 5180 symc8xx - ok
22:52:16.0296 5180 sym_hi - ok
22:52:16.0312 5180 sym_u3 - ok
22:52:16.0359 5180 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:52:16.0359 5180 sysaudio - ok
22:52:16.0421 5180 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
22:52:16.0453 5180 SysmonLog - ok
22:52:16.0546 5180 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
22:52:16.0625 5180 TapiSrv - ok
22:52:16.0781 5180 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:52:16.0890 5180 Tcpip - ok
22:52:16.0937 5180 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:52:16.0937 5180 TDPIPE - ok
22:52:16.0968 5180 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:52:16.0984 5180 TDTCP - ok
22:52:17.0015 5180 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:52:17.0031 5180 TermDD - ok
22:52:17.0171 5180 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
22:52:17.0343 5180 TermService - ok
22:52:17.0437 5180 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:52:17.0453 5180 Themes - ok
22:52:17.0468 5180 TosIde - ok
22:52:17.0531 5180 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
22:52:17.0546 5180 TrkWks - ok
22:52:17.0609 5180 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:52:17.0625 5180 Udfs - ok
22:52:17.0625 5180 ultra - ok
22:52:17.0828 5180 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:52:17.0937 5180 Update - ok
22:52:18.0015 5180 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
22:52:18.0093 5180 upnphost - ok
22:52:18.0125 5180 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
22:52:18.0140 5180 UPS - ok
22:52:18.0296 5180 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:52:18.0296 5180 USBAAPL - ok
22:52:18.0343 5180 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:52:18.0359 5180 usbccgp - ok
22:52:18.0375 5180 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:52:18.0390 5180 usbehci - ok
22:52:18.0421 5180 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:52:18.0421 5180 usbhub - ok
22:52:18.0453 5180 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:52:18.0468 5180 usbprint - ok
22:52:18.0484 5180 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:52:18.0500 5180 usbscan - ok
22:52:18.0531 5180 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
22:52:18.0531 5180 usbser - ok
22:52:18.0578 5180 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:52:18.0593 5180 USBSTOR - ok
22:52:18.0609 5180 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:52:18.0609 5180 usbuhci - ok
22:52:18.0640 5180 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:52:18.0640 5180 VgaSave - ok
22:52:18.0656 5180 ViaIde - ok
22:52:18.0765 5180 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
22:52:18.0765 5180 Viewpoint Manager Service - ok
22:52:18.0765 5180 vmorhzu - ok
22:52:18.0828 5180 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:52:18.0843 5180 VolSnap - ok
22:52:18.0968 5180 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
22:52:19.0078 5180 VSS - ok
22:52:19.0296 5180 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
22:52:19.0343 5180 W32Time - ok
22:52:19.0390 5180 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:52:19.0390 5180 Wanarp - ok
22:52:19.0437 5180 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
22:52:19.0453 5180 wanatw - ok
22:52:19.0484 5180 WANMiniportService (eb9a99ab5d17b1727034ff191e6448d7) C:\WINDOWS\wanmpsvc.exe
22:52:19.0500 5180 WANMiniportService - ok
22:52:19.0500 5180 WDICA - ok
22:52:19.0562 5180 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:52:19.0578 5180 wdmaud - ok
22:52:19.0718 5180 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
22:52:19.0765 5180 WebClient - ok
22:52:20.0515 5180 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:52:20.0578 5180 winmgmt - ok
22:52:20.0640 5180 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
22:52:20.0656 5180 WmdmPmSN - ok
22:52:20.0718 5180 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
22:52:20.0765 5180 WmiApSrv - ok
22:52:20.0796 5180 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
22:52:20.0796 5180 WpdUsb - ok
22:52:20.0828 5180 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:52:20.0828 5180 WS2IFSL - ok
22:52:20.0906 5180 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
22:52:20.0937 5180 wscsvc - ok
22:52:20.0984 5180 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:52:20.0984 5180 WSTCODEC - ok
22:52:21.0015 5180 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
22:52:21.0031 5180 wuauserv - ok
22:52:21.0093 5180 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:52:21.0093 5180 WudfPf - ok
22:52:21.0140 5180 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:52:21.0171 5180 WudfRd - ok
22:52:21.0328 5180 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
22:52:21.0343 5180 WudfSvc - ok
22:52:21.0546 5180 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
22:52:21.0718 5180 WZCSVC - ok
22:52:21.0781 5180 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
22:52:21.0890 5180 xmlprov - ok
22:52:21.0953 5180 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:52:22.0781 5180 \Device\Harddisk0\DR0 - ok
22:52:22.0796 5180 Boot (0x1200) (6a91a6bff77178c69ffa735498584880) \Device\Harddisk0\DR0\Partition0
22:52:22.0812 5180 \Device\Harddisk0\DR0\Partition0 - ok
22:52:22.0812 5180 ============================================================
22:52:22.0812 5180 Scan finished
22:52:22.0812 5180 ============================================================
22:52:22.0828 4088 Detected object count: 1
22:52:22.0828 4088 Actual detected object count: 1
22:52:49.0656 4088 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
22:52:59.0203 4088 Backup copy found, using it..
22:52:59.0281 4088 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
22:52:59.0281 4088 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure
22:53:15.0046 4700 Deinitialize success

ComboFix 12-06-12.03 - WindowsXP 06/12/2012 23:29:34.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2559.1860 [GMT -4:00]
Running from: c:\documents and settings\WindowsXP\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2012-05-13 to 2012-06-13 )))))))))))))))))))))))))))))))
.
.
2012-06-13 02:52 . 2012-06-13 02:52 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-13 02:22 . 2012-06-13 02:22 -------- d-sh--w- c:\documents and settings\WindowsXP\IECompatCache
2012-06-13 01:25 . 2012-06-13 01:25 -------- d-----w- c:\documents and settings\WindowsXP\Application Data\ElevatedDiagnostics
2012-06-12 00:08 . 2012-06-12 02:12 -------- d-----w- c:\windows\ie8updates
2012-06-11 09:52 . 2012-03-01 11:01 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2012-06-11 09:52 . 2012-03-01 11:01 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2012-06-11 09:52 . 2012-03-01 11:01 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2012-06-11 09:51 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2012-06-11 09:50 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2012-06-11 09:50 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2012-06-11 09:47 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2012-06-11 09:45 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2012-06-11 09:43 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2012-06-11 09:35 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2012-06-11 09:35 . 2012-03-06 23:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-06-11 09:35 . 2012-03-06 23:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-06-11 09:35 . 2012-03-06 23:02 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-06-11 09:35 . 2012-03-06 23:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-06-11 09:35 . 2012-03-06 23:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-06-11 09:35 . 2012-03-06 23:01 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-06-11 09:35 . 2012-03-06 23:01 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-06-11 09:35 . 2012-03-06 22:58 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-06-11 09:33 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-06-11 09:33 . 2012-03-06 23:15 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-11 09:31 . 2012-06-11 09:31 -------- d-----w- c:\program files\AVAST Software
2012-06-11 09:31 . 2012-06-11 09:31 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-06-11 09:26 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2012-06-11 09:21 . 2012-01-09 16:20 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-06-11 09:14 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-06-11 09:14 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-06-11 09:14 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-06-11 09:13 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2012-06-11 08:42 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2012-06-11 05:52 . 2012-06-11 06:40 -------- d-----w- C:\!KillBox
2012-06-10 20:23 . 2012-06-10 20:44 -------- d-----w- C:\sh4ldr
2012-06-10 20:23 . 2012-06-10 20:23 -------- d-----w- c:\program files\Enigma Software Group
2012-06-10 20:09 . 2012-06-10 20:44 -------- d-----w- c:\windows\9E897D0FF80441A3966C7BB6EB5B6BE8.TMP
2012-06-10 20:08 . 2012-06-10 20:08 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-06-10 18:44 . 2012-06-10 18:44 -------- d-----w- c:\program files\InCode Solutions
2012-06-10 03:31 . 2012-06-10 03:31 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2012-06-09 01:48 . 2012-06-09 01:48 -------- d-----w- c:\documents and settings\Kristin\Application Data\TuneUp Software
2012-06-08 14:26 . 2012-06-08 14:26 -------- d-----w- c:\documents and settings\Kristin\Application Data\FaxCtr
2012-06-08 14:26 . 2012-06-08 14:26 -------- d-----w- c:\documents and settings\Kristin\Local Settings\Application Data\{1AA0D5F3-B121-11E1-8270-B8AC6F996F26}
2012-06-08 14:25 . 2012-06-08 14:25 -------- d-sh--w- c:\documents and settings\Kristin\IETldCache
2012-06-08 05:40 . 2012-06-08 05:40 -------- d-----w- c:\documents and settings\WindowsXP\Local Settings\Application Data\{1AA107C6-B121-11E1-8270-B8AC6F996F26}
2012-06-08 04:28 . 2012-06-08 04:28 -------- d-----w- c:\documents and settings\WindowsXP\Local Settings\Application Data\Identities
2012-06-08 04:27 . 2012-06-11 01:58 -------- d-----w- c:\documents and settings\WindowsXP\Application Data\Yrzyesz
2012-06-08 04:27 . 2012-06-09 01:52 -------- d-----w- c:\documents and settings\WindowsXP\Application Data\Kysukeo
2012-06-08 04:19 . 2012-06-08 04:19 -------- d-----w- c:\documents and settings\WindowsXP\Local Settings\Application Data\{1AA0D5F3-B121-11E1-8270-B8AC6F996F26}
2012-06-08 04:19 . 2012-06-08 04:19 50704 ----a-w- c:\windows\system32\drivers\npf.sys
2012-05-31 13:22 . 2012-05-31 13:22 599040 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-13 02:53 . 2002-08-29 12:00 187776 ----a-w- c:\windows\system32\drivers\acpi.sys
2012-05-31 13:22 . 2002-08-29 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-04-11 13:14 . 2002-08-29 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:12 . 2002-08-29 12:00 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 12:35 . 2002-08-29 01:04 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-04 19:56 . 2009-04-18 07:35 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-11_08.50.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-19 02:51 . 2011-04-19 02:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
+ 2009-07-12 04:05 . 2009-07-12 04:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-12 04:05 . 2009-07-12 04:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2012-06-13 03:09 . 2012-06-13 03:09 16384 c:\windows\temp\Perflib_Perfdata_414.dat
+ 2005-05-26 08:16 . 2009-08-06 23:24 44768 c:\windows\system32\wups2.dll
+ 2004-11-14 19:11 . 2009-08-06 23:24 35552 c:\windows\system32\wups.dll
+ 2012-06-13 01:22 . 2007-11-01 04:48 20992 c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 51024 c:\windows\system32\vcomp100.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 51024 c:\windows\system32\vcomp100.dll
+ 2007-01-29 08:58 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2004-11-14 19:06 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll
- 2004-11-14 19:06 . 2008-04-14 00:12 75776 c:\windows\system32\strmfilt.dll
+ 2002-08-29 12:00 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll
+ 2002-08-29 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2012-06-12 00:53 . 2007-04-09 17:23 46472 c:\windows\system32\spool\drivers\w32x86\mdiui.dll
+ 2002-08-29 12:00 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 79872 c:\windows\system32\raschap.dll
+ 2010-03-31 04:16 . 2010-03-31 04:16 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2002-08-29 12:00 . 2012-06-13 03:16 70760 c:\windows\system32\perfc009.dat
- 2002-08-29 12:00 . 2012-03-17 02:12 70760 c:\windows\system32\perfc009.dat
+ 2002-08-29 12:00 . 2011-11-18 12:35 60416 c:\windows\system32\packager.exe
+ 2002-08-29 12:00 . 2011-09-26 15:41 20480 c:\windows\system32\oleaccrc.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2001-08-17 22:36 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2002-08-29 12:00 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 11264 c:\windows\system32\msrle32.dll
+ 2002-08-29 12:00 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 66560 c:\windows\system32\mshtmled.dll
- 2002-08-29 12:00 . 2009-03-08 08:31 66560 c:\windows\system32\mshtmled.dll
+ 2007-08-13 22:54 . 2012-03-01 11:01 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 22:54 . 2009-03-08 08:31 55296 c:\windows\system32\msfeedsbs.dll
+ 2002-08-29 12:00 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 81744 c:\windows\system32\mfcm100u.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 81744 c:\windows\system32\mfcm100u.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 81744 c:\windows\system32\mfcm100.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 81744 c:\windows\system32\mfcm100.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 60752 c:\windows\system32\mfc100rus.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 60752 c:\windows\system32\mfc100rus.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 43344 c:\windows\system32\mfc100kor.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 43344 c:\windows\system32\mfc100kor.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 43856 c:\windows\system32\mfc100jpn.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 43856 c:\windows\system32\mfc100jpn.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 62288 c:\windows\system32\mfc100ita.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 62288 c:\windows\system32\mfc100ita.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 64336 c:\windows\system32\mfc100fra.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 64336 c:\windows\system32\mfc100fra.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 63824 c:\windows\system32\mfc100esn.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 63824 c:\windows\system32\mfc100esn.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 55120 c:\windows\system32\mfc100enu.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 55120 c:\windows\system32\mfc100enu.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 64336 c:\windows\system32\mfc100deu.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 64336 c:\windows\system32\mfc100deu.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 36176 c:\windows\system32\mfc100cht.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 36176 c:\windows\system32\mfc100cht.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 36176 c:\windows\system32\mfc100chs.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 36176 c:\windows\system32\mfc100chs.dll
- 2002-08-29 12:00 . 2008-04-14 00:11 23040 c:\windows\system32\mciseq.dll
+ 2002-08-29 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 43520 c:\windows\system32\licmgr10.dll
- 2002-08-29 12:00 . 2009-03-08 08:33 25600 c:\windows\system32\jsproxy.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 25600 c:\windows\system32\jsproxy.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll
+ 2004-11-14 18:50 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll
- 2004-11-14 18:50 . 2008-04-14 00:11 81920 c:\windows\system32\isign32.dll
+ 2002-08-29 12:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
- 2002-08-29 12:00 . 2008-04-14 00:11 80384 c:\windows\system32\iccvid.dll
+ 2004-11-14 19:06 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll
+ 2002-08-29 12:00 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
- 2002-08-29 12:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2002-08-29 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2002-08-29 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
+ 2002-08-29 12:00 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
- 2002-08-29 12:00 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll
+ 2004-11-14 19:11 . 2009-08-06 23:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2011-11-18 12:35 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
+ 2002-08-29 12:00 . 2011-09-26 15:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2001-08-17 22:36 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2002-08-29 12:00 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
- 2006-05-10 05:23 . 2009-03-08 08:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2006-05-10 05:23 . 2012-03-01 11:01 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-15 19:20 . 2012-03-01 11:01 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-10-15 19:20 . 2009-03-08 08:31 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2007-08-13 22:44 . 2012-03-01 11:01 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2006-05-10 05:22 . 2009-03-08 08:33 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-05-10 05:22 . 2012-03-01 11:01 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
+ 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
- 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2011-10-28 05:31 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-01-13 14:01 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
+ 2009-06-10 14:13 . 2009-11-27 16:07 84992 c:\windows\system32\dllcache\avifil32.dll
- 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2002-08-29 12:00 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll
+ 2002-08-29 12:00 . 2010-01-13 14:01 86016 c:\windows\system32\cabview.dll
+ 2002-08-29 12:00 . 2009-11-27 16:07 84992 c:\windows\system32\avifil32.dll
- 2002-08-29 12:00 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
+ 2002-08-29 12:00 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
+ 2004-11-14 18:51 . 2012-06-12 19:53 70691 c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
- 2004-11-14 18:51 . 2004-11-14 18:51 70691 c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
- 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2011-12-25 07:49 . 2011-12-25 07:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2012-06-12 00:11 . 2012-06-12 00:11 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-03-22 23:13 . 2007-03-22 23:13 23904 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\IPDMCTRL.DLL
+ 2012-06-12 02:13 . 2009-03-08 08:33 12288 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll
+ 2012-06-12 02:12 . 2009-03-08 08:31 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll
+ 2012-06-12 02:12 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll
+ 2012-06-12 02:12 . 2009-03-08 08:34 43008 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll
+ 2012-06-12 02:12 . 2009-03-08 08:33 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2012-06-12 01:55 . 2012-06-12 01:55 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 26112 c:\windows\assembly\NativeImages_v2.0.50727_32\TVM\677a52834d09401d39ca33b8d2a468a7\TVM.ni.dll
+ 2012-06-12 02:12 . 2012-06-12 02:12 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll
+ 2012-06-12 02:11 . 2012-06-12 02:11 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\eb6fa156a42fd4d0c2ab54dfbba71381\System.Web.DynamicData.Design.ni.dll
+ 2012-06-12 02:08 . 2012-06-12 02:08 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-06-12 02:08 . 2012-06-12 02:08 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll
+ 2012-06-12 01:49 . 2012-06-12 01:49 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe
+ 2012-06-12 01:48 . 2012-06-12 01:48 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll
+ 2012-06-12 02:11 . 2012-06-12 02:11 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f00a18225430e7531135589688d650a1\Microsoft.VisualC.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c8fc74b6f19de1a403f0e557a11aa9ca\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a2bb2449699f12ceb3eaff60a5a0632d\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3056b7bb6c5f44fd998e89d397f6fc79\Microsoft.PowerShell.Security.resources.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0a5d8c3e21d8683958868496373bb435\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2012-06-12 02:07 . 2012-06-12 02:07 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll
+ 2012-06-12 02:06 . 2012-06-12 02:06 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe
+ 2012-06-12 01:57 . 2012-06-12 01:57 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-24 00:59 . 2009-08-24 00:59 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-06-12 00:31 . 2012-06-12 00:31 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-08-24 00:49 . 2009-08-24 00:49 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-24 00:59 . 2009-08-24 00:59 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 65536 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 36864 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.resources.dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 32768 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.resources.dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 11264 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.resources.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-04-17 00:48 . 2011-02-17 12:32 5120 c:\windows\system32\xpsp4res.dll
+ 2012-06-13 01:22 . 2007-06-30 18:49 4608 c:\windows\system32\windowspowershell\v1.0\pwrshmsg.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\tsbyuv.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2004-11-14 18:51 . 2012-06-12 19:53 3706 c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
- 2004-11-14 18:51 . 2008-10-25 00:44 3706 c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
- 2004-11-14 19:30 . 2009-08-20 20:04 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 8704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.resources.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2012-04-06 03:13 . 2012-04-06 03:13 299080 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2004-11-14 19:06 . 2009-04-02 03:02 604160 c:\windows\system32\wmspdmod.dll
+ 2002-08-29 12:00 . 2012-02-29 14:10 177664 c:\windows\system32\wintrust.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 293376 c:\windows\system32\winsrv.dll
+ 2002-08-29 12:00 . 2011-11-25 21:57 293376 c:\windows\system32\winsrv.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 176128 c:\windows\system32\winmm.dll
+ 2002-08-29 12:00 . 2011-10-14 14:47 176128 c:\windows\system32\winmm.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 916992 c:\windows\system32\wininet.dll
+ 2002-08-29 12:00 . 2011-11-16 14:21 354816 c:\windows\system32\winhttp.dll
+ 2012-06-13 01:22 . 2007-10-30 09:15 330240 c:\windows\system32\windowspowershell\v1.0\powershell.exe
+ 2002-08-29 12:00 . 2011-03-04 06:37 420864 c:\windows\system32\vbscript.dll
+ 2002-08-29 12:00 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 406016 c:\windows\system32\usp10.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 105984 c:\windows\system32\url.dll
- 2002-08-29 12:00 . 2009-03-08 08:34 105984 c:\windows\system32\url.dll
+ 2008-07-29 23:59 . 2011-09-26 15:41 611328 c:\windows\system32\uiautomationcore.dll
- 2002-08-29 12:00 . 2009-06-16 14:36 119808 c:\windows\system32\t2embed.dll
+ 2002-08-29 12:00 . 2010-08-27 08:02 119808 c:\windows\system32\t2embed.dll
- 2002-08-29 12:00 . 2008-10-03 10:02 247326 c:\windows\system32\strmdll.dll
+ 2002-08-29 12:00 . 2009-08-26 08:00 247326 c:\windows\system32\strmdll.dll
+ 2012-06-12 00:53 . 2007-04-09 17:24 758664 c:\windows\system32\spool\drivers\w32x86\mdigraph.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 135168 c:\windows\system32\shsvcs.dll
+ 2002-08-29 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
+ 2002-08-29 12:00 . 2009-12-08 09:23 474112 c:\windows\system32\shlwapi.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 474112 c:\windows\system32\shlwapi.dll
+ 2002-08-29 12:00 . 2011-01-21 14:44 439296 c:\windows\system32\shimgvw.dll
+ 2002-08-29 12:00 . 2011-11-16 14:21 152064 c:\windows\system32\schannel.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 270848 c:\windows\system32\sbe.dll
+ 2002-08-29 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll
+ 2002-08-29 12:00 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll
+ 2002-08-29 12:00 . 2009-10-12 13:38 149504 c:\windows\system32\rastls.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 386048 c:\windows\system32\qdvd.dll
+ 2002-08-29 12:00 . 2011-11-03 15:28 386048 c:\windows\system32\qdvd.dll
+ 2010-03-31 04:10 . 2010-03-31 04:10 295264 c:\windows\system32\PresentationHost.exe
+ 2002-08-29 12:00 . 2012-06-13 03:16 442050 c:\windows\system32\perfh009.dat
- 2002-08-29 12:00 . 2012-03-17 02:12 442050 c:\windows\system32\perfh009.dat
+ 2002-08-29 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
+ 2002-08-29 12:00 . 2011-09-26 15:41 220160 c:\windows\system32\oleacc.dll
+ 2002-08-29 12:00 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 249856 c:\windows\system32\odbc32.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 206848 c:\windows\system32\occache.dll
+ 2002-08-29 12:00 . 2009-10-13 10:30 270336 c:\windows\system32\oakley.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 270336 c:\windows\system32\oakley.dll
+ 2002-08-29 12:00 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
- 2002-08-29 12:00 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2002-08-29 12:00 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2011-02-19 04:40 . 2011-02-19 04:40 773968 c:\windows\system32\msvcr100.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 773968 c:\windows\system32\msvcr100.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 421200 c:\windows\system32\msvcp100.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 421200 c:\windows\system32\msvcp100.dll
+ 2002-08-29 12:00 . 2009-09-11 14:18 136192 c:\windows\system32\msv1_0.dll
- 2002-08-29 12:00 . 2009-06-25 08:25 136192 c:\windows\system32\msv1_0.dll
- 2004-11-14 18:48 . 2008-04-14 00:12 677888 c:\windows\system32\mstsc.exe
+ 2004-11-14 18:48 . 2011-01-27 11:57 677888 c:\windows\system32\mstsc.exe
+ 2002-08-29 12:00 . 2012-03-01 11:01 611840 c:\windows\system32\mstime.dll
- 2002-08-29 12:00 . 2009-03-08 08:32 611840 c:\windows\system32\mstime.dll
- 2004-11-14 18:48 . 2008-04-14 00:12 343040 c:\windows\system32\mspaint.exe
+ 2004-11-14 18:48 . 2009-12-16 18:43 343040 c:\windows\system32\mspaint.exe
+ 2007-08-13 22:54 . 2012-03-01 11:01 602112 c:\windows\system32\msfeeds.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 297808 c:\windows\system32\mscoree.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-19 01:47 . 2010-03-30 16:24 317440 c:\windows\system32\mp4sdecd.dll
+ 2002-08-29 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\mfc42u.dll
+ 2002-08-29 12:00 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
+ 2002-08-29 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2002-08-29 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
- 2002-08-29 12:00 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2002-08-29 12:00 . 2010-12-20 17:26 730112 c:\windows\system32\lsasrv.dll
- 2002-08-29 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
+ 2002-08-29 12:00 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll
+ 2002-08-29 12:00 . 2011-03-04 06:37 726528 c:\windows\system32\jscript.dll
- 2002-08-29 12:00 . 2009-03-08 08:33 726528 c:\windows\system32\jscript.dll
+ 2004-11-14 18:50 . 2011-10-10 14:22 692736 c:\windows\system32\inetcomm.dll
+ 2002-08-29 12:00 . 2012-02-29 14:10 148480 c:\windows\system32\imagehlp.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 184320 c:\windows\system32\iepeers.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 387584 c:\windows\system32\iedkcs32.dll
+ 2002-08-29 12:00 . 2012-02-29 12:17 174080 c:\windows\system32\ie4uinit.exe
- 2004-11-14 13:43 . 2011-04-16 21:37 326704 c:\windows\system32\FNTCACHE.DAT
+ 2004-11-14 13:43 . 2012-06-12 03:22 326704 c:\windows\system32\FNTCACHE.DAT
+ 2002-08-29 12:00 . 2011-10-18 11:13 186880 c:\windows\system32\encdec.dll
- 2002-08-29 12:00 . 2008-04-14 00:11 186880 c:\windows\system32\encdec.dll
+ 2002-08-29 12:00 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2002-08-29 12:00 . 2011-02-17 13:18 357888 c:\windows\system32\drivers\srv.sys
+ 2004-11-14 18:48 . 2012-01-09 16:20 139784 c:\windows\system32\drivers\rdpwd.sys
+ 2002-08-29 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
+ 2002-08-29 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys
+ 2004-11-14 19:06 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys
- 2002-08-29 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2002-08-29 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
+ 2002-08-29 12:00 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
+ 2009-04-17 00:48 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2004-11-14 19:06 . 2009-04-02 03:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2012-02-29 14:10 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2011-04-26 11:07 . 2011-11-25 21:57 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2011-10-14 14:47 . 2011-10-14 14:47 176128 c:\windows\system32\dllcache\winmm.dll
+ 2006-05-10 05:23 . 2012-03-01 11:01 916992 c:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:30 . 2011-11-16 14:21 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2006-09-18 14:15 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll
+ 2008-05-09 10:53 . 2011-03-04 06:37 420864 c:\windows\system32\dllcache\vbscript.dll
+ 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2007-08-13 22:44 . 2012-03-01 11:01 105984 c:\windows\system32\dllcache\url.dll
- 2007-08-13 22:44 . 2009-03-08 08:34 105984 c:\windows\system32\dllcache\url.dll
+ 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2009-06-16 14:36 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
- 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll
- 2006-08-21 14:52 . 2008-10-03 10:02 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2006-08-21 14:52 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-15 22:43 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
- 2009-01-07 22:20 . 2009-01-07 22:20 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2009-01-07 22:20 . 2009-12-08 09:23 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2011-01-21 14:44 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2008-12-05 06:54 . 2011-11-16 14:21 152064 c:\windows\system32\dllcache\schannel.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2009-04-15 14:51 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll
+ 2011-11-03 15:28 . 2011-11-03 15:28 386048 c:\windows\system32\dllcache\qdvd.dll
+ 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2002-08-29 12:00 . 2011-09-26 15:41 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2007-08-13 22:44 . 2012-03-01 11:01 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-10-13 10:30 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2009-04-17 00:49 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
- 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2006-05-10 05:23 . 2009-03-08 08:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2006-05-10 05:23 . 2012-03-01 11:01 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-12-16 18:43 . 2009-12-16 18:43 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2010-11-09 14:52 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2008-10-15 19:20 . 2012-03-01 11:01 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
+ 2008-11-13 00:38 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 16:24 . 2010-03-30 16:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2006-10-14 08:13 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2011-02-08 13:33 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2002-08-29 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
- 2009-04-17 00:49 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-04-17 00:49 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
- 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-05-09 10:53 . 2011-03-04 06:37 726528 c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:53 . 2009-03-08 08:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-08-14 04:04 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2012-02-29 14:10 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll
+ 2006-05-10 05:22 . 2012-03-01 11:01 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 22:39 . 2012-03-01 11:01 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-13 22:39 . 2012-02-29 12:17 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2011-10-18 11:13 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
+ 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2011-02-15 12:56 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2008-06-20 11:40 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
- 2002-08-29 12:00 . 2008-04-14 00:11 617472 c:\windows\system32\comctl32.dll
+ 2002-08-29 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
+ 2002-08-29 12:00 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 138056 c:\windows\system32\atl100.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 138056 c:\windows\system32\atl100.dll
+ 2002-08-29 12:00 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
- 2004-11-14 18:50 . 2008-04-14 00:12 744448 c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
+ 2004-11-14 18:50 . 2010-06-14 14:31 744448 c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
+ 2012-04-06 03:52 . 2012-04-06 03:52 131168 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2011-12-25 07:49 . 2011-12-25 07:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 16:22 . 2010-02-09 16:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2011-12-25 07:50 . 2011-12-25 07:50 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-12-25 07:50 . 2011-12-25 07:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-12-25 07:50 . 2011-12-25 07:50 989968 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-12-22 20:50 . 2011-12-22 20:50 256000 c:\windows\Installer\3b21dd4.msp
+ 2012-06-12 01:49 . 2012-06-12 01:49 223744 c:\windows\Installer\39bfecf.msi
+ 2009-09-09 19:40 . 2009-09-09 19:40 632320 c:\windows\Installer\39bfebb.msp
+ 2011-12-25 09:40 . 2011-12-25 09:40 819200 c:\windows\Installer\34c7125.msp
+ 2009-03-20 15:48 . 2009-03-20 15:48 183808 c:\windows\Installer\34c70f6.msp
+ 2010-11-12 15:08 . 2010-11-12 15:08 889344 c:\windows\Installer\34c7013.msp
+ 2010-02-25 04:14 . 2010-02-25 04:14 543232 c:\windows\Installer\34c6fbb.msp
+ 2012-06-12 00:11 . 2012-06-12 00:11 429568 c:\windows\Installer\34c6fb5.msi
+ 2012-06-11 09:34 . 2012-06-11 09:34 219648 c:\windows\Installer\2b84e5.msi
- 2004-11-14 19:30 . 2009-08-20 20:04 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-04-17 01:39 . 2012-06-12 02:11 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-04-17 01:39 . 2009-08-20 20:04 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2004-11-14 19:30 . 2009-08-20 20:04 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2004-11-14 19:30 . 2012-06-12 02:11 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-04-19 17:53 . 2007-04-19 17:53 109408 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLCTL.DLL
+ 2007-01-17 00:32 . 2007-01-17 00:32 136032 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSAEXP30.DLL
+ 2008-06-12 19:05 . 2008-06-12 19:05 103776 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\IPATHPIA.DLL
+ 2007-04-19 17:54 . 2007-04-19 17:54 169312 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ACCWIZ.DLL
+ 2012-06-12 02:12 . 2009-03-08 08:34 914944 c:\windows\ie8updates\KB2675157-IE8\wininet.dll
+ 2012-06-12 02:12 . 2009-03-08 08:34 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll
+ 2012-06-12 02:13 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll
+ 2012-06-12 02:13 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe
+ 2012-06-12 02:12 . 2009-03-08 08:34 109568 c:\windows\ie8updates\KB2675157-IE8\occache.dll
+ 2012-06-12 02:12 . 2009-03-08 08:32 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll
+ 2012-06-12 02:12 . 2009-03-08 08:32 594432 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll
+ 2012-06-12 02:13 . 2009-03-08 08:33 246784 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll
+ 2012-06-12 02:12 . 2009-03-08 08:31 183808 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll
+ 2012-06-12 02:13 . 2009-03-08 08:35 742912 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll
+ 2012-06-12 02:12 . 2009-03-08 18:09 391536 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll
+ 2012-06-12 02:12 . 2009-03-08 08:32 173056 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe
+ 2012-06-12 00:08 . 2009-03-08 08:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2012-06-12 00:08 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2012-06-12 00:08 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2012-06-12 00:11 . 2009-03-08 08:33 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2012-06-12 00:11 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2012-06-12 00:11 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2012-06-12 00:11 . 2009-03-08 08:33 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
+ 2008-11-13 00:38 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys
+ 2012-06-12 02:06 . 2012-06-12 02:06 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe
+ 2012-06-12 01:55 . 2012-06-12 01:55 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\abc560ee41afeada750e6aa7afc534bb\WindowsFormsIntegration.ni.dll
+ 2012-06-12 01:55 . 2012-06-12 01:55 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll
+ 2012-06-12 01:55 . 2012-06-12 01:55 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 116736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Inte#\221112d506ad3bb04a64660eab5e44da\System.Windows.Interactivity.ni.dll
+ 2012-06-12 02:11 . 2012-06-12 02:11 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\504140c434a3a9ea1f5bf58a6e28af2b\System.Web.Routing.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll
+ 2012-06-12 02:12 . 2012-06-12 02:12 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\47f6d0737e0ed0540854243fa0481149\System.Web.Extensions.Design.ni.dll
+ 2012-06-12 02:11 . 2012-06-12 02:11 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\d7ecdccf5ef761e19845370d94a82c29\System.Web.Entity.ni.dll
+ 2012-06-12 02:11 . 2012-06-12 02:11 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\dc8a4dc6d7c6b5aae7592f10bf91a8c6\System.Web.Entity.Design.ni.dll
+ 2012-06-12 02:11 . 2012-06-12 02:11 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ba570e80e06bb6fd24f9c33baf0e97cb\System.Web.DynamicData.ni.dll
+ 2012-06-12 02:11 . 2012-06-12 02:11 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\92abde1a4b72a1d74056d3561cb7c546\System.Web.Abstractions.ni.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\dff877744c0f7f8752eb356f27edfa59\System.ServiceProcess.ni.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll
+ 2012-06-12 02:02 . 2012-06-12 02:02 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll
+ 2012-06-12 02:10 . 2012-06-12 02:10 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
+ 2012-06-12 02:10 . 2012-06-12 02:10 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 160256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\565bc89beb2fb404b1612721a9d56d3a\System.Management.Automation.resources.ni.dll
+ 2012-06-12 01:57 . 2012-06-12 01:57 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll
+ 2012-06-12 01:57 . 2012-06-12 01:57 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cd9c60a35d4958e94d2e3dd2f778e2e9\System.IdentityModel.Selectors.ni.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.Wrapper.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll
+ 2012-06-12 01:54 . 2012-06-12 01:54 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\21c7b80233c24b9726c04b23083e3087\System.Drawing.Design.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ca484772955bc4db03b5dcb611c09423\System.DirectoryServices.Protocols.ni.dll
+ 2012-06-12 02:10 . 2012-06-12 02:10 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ba5e68dddfd3279a8469d39eded48f3\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-06-12 02:10 . 2012-06-12 02:10 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a0109fce606a3110a5e7f9a4773f517e\System.Data.Services.Design.ni.dll
+ 2012-06-12 02:10 . 2012-06-12 02:10 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3a68d0441f509ffa6f8f0fb9cfcc5780\System.Data.Services.Client.ni.dll
+ 2012-06-12 02:10 . 2012-06-12 02:10 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04440b3dd5d822da4973a525ee04b05d\System.Data.Entity.Design.ni.dll
+ 2012-06-12 02:08 . 2012-06-12 02:08 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\7bbb5d9e3b161b4d4b968e590442d3ae\System.Data.DataSetExtensions.ni.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\bf7d6af03e1230ccad546a8659245ae9\System.Configuration.Install.ni.dll
+ 2012-06-12 02:08 . 2012-06-12 02:08 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\931a2bece4668863db4f852401c828cf\System.AddIn.ni.dll
+ 2012-06-12 02:06 . 2012-06-12 02:06 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6762f1ee780fa9c0b4ef66b285c64844\SMSvcHost.ni.exe
+ 2012-06-12 02:06 . 2012-06-12 02:06 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll
+ 2012-06-12 02:06 . 2012-06-12 02:06 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\47ed5bc9f42ea0054ce9acfde5e640b8\ServiceModelReg.ni.exe
+ 2012-06-12 01:51 . 2012-06-12 01:51 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a4706b850df9a3483f2fc439b6abe616\PresentationFramework.Royale.ni.dll
+ 2012-06-12 01:51 . 2012-06-12 01:51 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll
+ 2012-06-12 01:51 . 2012-06-12 01:51 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7416fe825e6e49a87fa8ff60c8971813\PresentationFramework.Classic.ni.dll
+ 2012-06-12 01:51 . 2012-06-12 01:51 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll
+ 2012-06-12 02:06 . 2012-06-12 02:06 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5a121969a115d11b6256eb960c145686\MSBuild.ni.exe
+ 2012-06-12 02:06 . 2012-06-12 02:06 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\97c613d3899b320a6765793bdf490272\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d4375675fc5879a48c22dc8d7c80e841\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\937d2550dddbd2e5995ec8f93083f357\Microsoft.PowerShell.Security.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\15b7846d6acc551a7afdf5cc3de7547b\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\115171c0145e7299825a569065923612\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-12 02:07 . 2012-06-12 02:07 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\dec22fb7d6b8929a41380e5359741a07\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-06-12 02:07 . 2012-06-12 02:07 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\1009b31c86a1b798fffa9e0127cec29c\Microsoft.Build.Utilities.ni.dll
+ 2012-06-12 02:07 . 2012-06-12 02:07 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\21d88631ef629715d3eecdd08e62e0b8\Microsoft.Build.Engine.ni.dll
+ 2012-06-12 02:07 . 2012-06-12 02:07 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a0f38c6478cca8297fb160291346c1c9\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 955392 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Serv#\550065be708b2c6ac99a918ea4e07ad8\Intuit.Ctg.Wte.Service.Interface.ni.dll
+ 2012-06-12 02:07 . 2012-06-12 02:07 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\9869c02d18825fdd32e64135a3e7246b\ComSvcConfig.ni.exe
+ 2012-06-12 01:57 . 2012-06-12 01:57 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\cfc981788ef6ce161946ca948dad3522\AspNetMMCExt.ni.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-24 00:59 . 2009-08-24 00:59 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-24 00:59 . 2009-08-24 00:59 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-12 00:31 . 2012-06-12 00:31 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 163840 c:\windows\assembly\GAC_MSIL\System.Management.Automation.resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.resources.dll
+ 2012-06-12 00:31 . 2012-06-12 00:31 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-12 02:00 . 2012-06-12 02:00 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2009-08-24 00:52 . 2009-08-24 00:52 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-24 00:49 . 2009-08-24 00:49 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2012-06-12 00:30 . 2012-06-12 00:30 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2012-06-12 00:58 . 2012-06-12 00:58 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 200704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 294912 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 139264 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-08-24 00:59 . 2009-08-24 00:59 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-12 00:58 . 2012-06-12 00:58 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2009-08-24 00:49 . 2009-08-24 00:49 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-06-12 00:09 . 2012-06-12 00:09 111624 c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2002-08-29 12:00 . 2009-11-21 15:51 471552 c:\windows\AppPatch\aclayers.dll
+ 2012-06-11 09:51 . 2012-02-09 15:43 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
+ 2012-06-11 09:50 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2009-07-21 04:03 . 2009-07-21 04:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2002-08-29 12:00 . 2010-04-06 08:52 2462720 c:\windows\system32\WMVCore.dll
+ 2004-11-14 19:06 . 2010-08-25 11:23 5541888 c:\windows\system32\wmp.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 1212416 c:\windows\system32\urlmon.dll
+ 2002-08-29 12:00 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
- 2002-08-29 12:00 . 2008-04-14 00:12 1435648 c:\windows\system32\query.dll
+ 2002-08-29 12:00 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
+ 2002-08-29 12:00 . 2011-11-03 15:28 1292288 c:\windows\system32\quartz.dll
+ 2002-08-29 12:00 . 2011-11-01 16:07 1288704 c:\windows\system32\ole32.dll
+ 2008-08-16 21:42 . 2009-07-31 14:05 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-21 04:05 . 2009-07-21 04:05 1348432 c:\windows\system32\msxml4.dll
+ 2002-08-29 12:00 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
+ 2004-11-14 18:48 . 2011-02-02 07:58 2067456 c:\windows\system32\mstscax.dll
+ 2002-08-29 12:00 . 2012-03-01 11:01 5978624 c:\windows\system32\mshtml.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 4422992 c:\windows\system32\mfc100u.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 4422992 c:\windows\system32\mfc100u.dll
- 2011-02-20 03:03 . 2011-02-20 03:03 4397384 c:\windows\system32\mfc100.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 4397384 c:\windows\system32\mfc100.dll
+ 2007-08-13 22:34 . 2012-03-01 11:01 2000384 c:\windows\system32\iertutil.dll
+ 2009-08-04 23:52 . 2009-08-04 23:52 1193832 c:\windows\system32\FM20.DLL
+ 2002-08-29 12:00 . 2010-04-06 08:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2004-11-14 19:06 . 2010-08-25 11:23 5541888 c:\windows\system32\dllcache\wmp.dll
+ 2008-10-15 22:43 . 2012-04-11 13:12 1862272 c:\windows\system32\dllcache\win32k.sys
+ 2006-05-10 05:23 . 2012-03-01 11:01 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2008-05-07 05:12 . 2011-11-03 15:28 1292288 c:\windows\system32\dllcache\quartz.dll
+ 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
+ 2008-10-15 22:43 . 2012-04-11 13:10 2192640 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-15 22:43 . 2012-04-11 12:35 2026496 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-15 22:43 . 2012-04-11 12:35 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-15 22:43 . 2012-04-11 13:14 2148352 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-16 21:42 . 2009-07-31 14:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2008-11-13 00:37 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-08-12 18:21 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-12 18:21 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2006-05-19 15:08 . 2012-03-01 11:01 5978624 c:\windows\system32\dllcache\mshtml.dll
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2008-10-15 19:20 . 2012-03-01 11:01 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2009-11-07 05:06 . 2009-11-07 05:06 1130824 c:\windows\system32\dfshim.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2011-12-25 07:50 . 2011-12-25 07:50 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2008-07-25 15:17 . 2008-07-25 15:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 07:50 . 2011-12-25 07:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-12-25 07:50 . 2011-12-25 07:50 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-12-25 07:50 . 2011-12-25 07:50 5913360 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-12-25 07:50 . 2011-12-25 07:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-08-05 14:57 . 2010-08-05 14:57 4066304 c:\windows\Installer\3b21e44.msp
+ 2009-10-16 22:07 . 2009-10-16 22:07 6115328 c:\windows\Installer\3b21e20.msp
+ 2010-10-22 19:45 . 2010-10-22 19:45 8444928 c:\windows\Installer\3b21e0b.msp
+ 2009-08-20 09:02 . 2009-08-20 09:02 5204992 c:\windows\Installer\39bfea7.msp
+ 2010-06-11 21:55 . 2010-06-11 21:55 1827328 c:\windows\Installer\39bfe91.msp
+ 2011-06-29 01:27 . 2011-06-29 01:27 4028928 c:\windows\Installer\34c713d.msp
+ 2009-11-09 04:25 . 2009-11-09 04:25 1935360 c:\windows\Installer\34c7110.msp
+ 2011-12-26 13:59 . 2011-12-26 13:59 4368896 c:\windows\Installer\34c70ed.msp
+ 2011-05-17 22:28 . 2011-05-17 22:28 6862848 c:\windows\Installer\34c70e3.msp
+ 2011-04-29 17:04 . 2011-04-29 17:04 5053440 c:\windows\Installer\34c70ce.msp
+ 2009-12-17 02:58 . 2009-12-17 02:58 5382144 c:\windows\Installer\34c70ab.msp
+ 2012-04-09 20:50 . 2012-04-09 20:50 6829568 c:\windows\Installer\34c7093.msp
+ 2012-03-20 02:02 . 2012-03-20 02:02 6695936 c:\windows\Installer\34c707e.msp
+ 2011-10-31 16:37 . 2011-10-31 16:37 4146688 c:\windows\Installer\34c7069.msp
+ 2012-04-27 19:09 . 2012-04-27 19:09 5521408 c:\windows\Installer\34c7052.msp
+ 2011-05-23 18:15 . 2011-05-23 18:15 3617792 c:\windows\Installer\34c7028.msp
+ 2010-08-25 21:06 . 2010-08-25 21:06 6479360 c:\windows\Installer\34c6fff.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 2607104 c:\windows\Installer\34c6fdc.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 4210688 c:\windows\Installer\34c6fdb.msp
+ 2012-04-17 16:11 . 2012-04-17 16:11 7681024 c:\windows\Installer\34c6fd0.msp
+ 2010-03-30 16:34 . 2010-03-30 16:34 3826688 c:\windows\Installer\34c6fac.msp
+ 2007-04-19 17:49 . 2007-04-19 17:49 1661280 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\PPTVIEW.EXE
+ 2007-04-19 18:09 . 2007-04-19 18:09 1061720 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OMFC.DLL
+ 2007-05-10 17:43 . 2007-05-10 17:43 6688096 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSACCESS.EXE
+ 2007-04-30 18:57 . 2007-04-30 18:57 7084384 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\INFOPATH.EXE
+ 2007-06-06 14:53 . 2007-06-06 14:53 1195888 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\FM20.DLL
+ 2012-06-12 02:12 . 2009-03-08 08:34 1206784 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll
+ 2012-06-12 02:12 . 2009-03-08 08:41 5937152 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
+ 2012-06-12 02:12 . 2009-03-08 08:32 1985024 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll
+ 2008-10-15 22:43 . 2012-04-11 13:10 2192640 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-15 22:43 . 2012-04-11 12:35 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-15 22:43 . 2012-04-11 12:35 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-15 22:43 . 2012-04-11 13:14 2148352 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2012-06-12 01:48 . 2012-06-12 01:48 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll
+ 2012-06-12 01:55 . 2012-06-12 01:55 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\41a81b97625c113b591ed082c95276e2\UIAutomationClientsideProviders.ni.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 3445248 c:\windows\assembly\NativeImages_v2.0.50727_32\ttax\4c07780b95a28757083ae7fdd3cf56dd\ttax.ni.dll
+ 2012-06-12 01:48 . 2012-06-12 01:48 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
+ 2012-06-12 01:55 . 2012-06-12 01:55 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
+ 2012-06-12 02:13 . 2012-06-12 02:13 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\822f2304c46ad32739ae2927f213627f\System.WorkflowServices.ni.dll
+ 2012-06-12 02:13 . 2012-06-12 02:13 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5eccf6fef6bee8a2f93bc65ff33699bb\System.Workflow.Runtime.ni.dll
+ 2012-06-12 02:13 . 2012-06-12 02:13 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1878ea370cdc649a685e811219be42ec\System.Workflow.ComponentModel.ni.dll
+ 2012-06-12 02:12 . 2012-06-12 02:12 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\25ae5836e811c299670c47a27186d083\System.Workflow.Activities.ni.dll
+ 2012-06-12 02:00 . 2012-06-12 02:00 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3e11aea7d742b5eddbd0b6bd1012f7df\System.Web.Services.ni.dll
+ 2012-06-12 02:12 . 2012-06-12 02:12 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0916c7584cb912508bb6b67f529ac92b\System.Web.Mobile.ni.dll
+ 2012-06-12 02:11 . 2012-06-12 02:11 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\68f1cf1c23e7eadb96645b0a79b892c9\System.Web.Extensions.ni.dll
+ 2012-06-12 01:54 . 2012-06-12 01:54 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll
+ 2012-06-12 02:11 . 2012-06-12 02:11 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll
+ 2012-06-12 01:57 . 2012-06-12 01:57 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
+ 2012-06-12 01:54 . 2012-06-12 01:54 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\b4ba7d411af865e32e65855b45ceafb5\System.Printing.ni.dll
+ 2012-06-13 01:51 . 2012-06-13 01:51 4950016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\c1b3a38c1e1528e22b8f5531d7b3700c\System.Management.Automation.ni.dll
+ 2012-06-12 01:57 . 2012-06-12 01:57 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e09496ddb2bf6f3b69707924f2e6b5ff\System.IdentityModel.ni.dll
+ 2012-06-12 01:54 . 2012-06-12 01:54 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7765146be2fa459c20856ff822f90d1e\System.Drawing.ni.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b55887436d2cfbe1fb32dd18d554185b\System.DirectoryServices.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\012a3f10a4a04e27c6cf8a07726f1f6c\System.Deployment.ni.dll
+ 2012-06-12 01:52 . 2012-06-12 01:52 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
+ 2012-06-12 01:59 . 2012-06-12 01:59 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\982b508698278c6ffb3d143bbe1e8bb8\System.Data.SqlXml.ni.dll
+ 2012-06-12 02:10 . 2012-06-12 02:10 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de7666b1cd0a1bc363726c9553dc39c\System.Data.Services.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\7afb1abdbb8ba32cf578ff8ea4e45d99\System.Data.OracleClient.ni.dll
+ 2012-06-12 01:53 . 2012-06-12 01:53 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\44a5fc9e7c71b1fe1e2c79b03ecc3bc7\System.Data.Linq.ni.dll
+ 2012-06-12 02:09 . 2012-06-12 02:10 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\772c94f595cd87b7fa187d592ef46fcf\System.Data.Entity.ni.dll
+ 2012-06-12 01:52 . 2012-06-12 01:52 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll
+ 2012-06-12 01:52 . 2012-06-12 01:52 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\63bfa6f83e026ba10e717180807f03cf\ReachFramework.ni.dll
+ 2012-06-12 01:51 . 2012-06-12 01:51 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\efa4002ddfba6bd52845b512810938c1\PresentationUI.ni.dll
+ 2012-06-12 01:48 . 2012-06-12 01:48 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\8c509044eea2ab22689ea43926b30108\PresentationBuildTasks.ni.dll
+ 2012-06-12 02:08 . 2012-06-12 02:08 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f650597531a91974514f58d36bdebaea\Microsoft.VisualBasic.ni.dll
+ 2012-06-12 02:06 . 2012-06-12 02:06 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll
+ 2012-06-12 02:10 . 2012-06-12 02:10 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll
+ 2012-06-12 02:07 . 2012-06-12 02:07 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\b055aa83b51064c970ce548b8a991651\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-12 02:07 . 2012-06-12 02:07 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\04c77ede2757e3b4a695a3b8cfb4f546\Microsoft.Build.Tasks.ni.dll
+ 2012-06-12 02:07 . 2012-06-12 02:07 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll
+ 2012-06-12 02:03 . 2012-06-12 02:03 1554944 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\6b9c4ab64cadffefb953068f5edc3a7d\Intuit.Ctg.Map.ni.dll
+ 2012-06-12 00:58 . 2012-06-12 00:58 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-08-24 00:59 . 2009-08-24 00:59 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-12 01:29 . 2012-06-12 01:29 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2009-08-24 01:04 . 2009-08-24 01:04 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-06-12 00:31 . 2012-06-12 00:31 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-13 01:23 . 2012-06-13 01:23 1564672 c:\windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-12 00:58 . 2012-06-12 00:58 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2009-08-24 01:03 . 2009-08-24 01:03 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-06-12 01:44 . 2012-06-12 01:44 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-24 01:00 . 2009-08-24 01:00 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-12 00:58 . 2012-06-12 00:58 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-12 01:45 . 2012-06-12 01:45 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2005-05-11 01:22 . 2012-04-27 00:08 55656824 c:\windows\system32\MRT.exe
+ 2007-08-13 22:54 . 2012-03-02 10:01 11082752 c:\windows\system32\ieframe.dll
+ 2008-10-15 19:20 . 2012-03-02 10:01 11082752 c:\windows\system32\dllcache\ieframe.dll
+ 2012-01-03 17:44 . 2012-01-03 17:44 15929344 c:\windows\Installer\3f6397.msp
+ 2011-07-26 20:33 . 2011-07-26 20:33 10984448 c:\windows\Installer\3b21df0.msp
+ 2012-04-06 06:12 . 2012-04-06 06:12 15709696 c:\windows\Installer\3b21ddb.msp
+ 2012-01-04 06:25 . 2012-01-04 06:25 17751552 c:\windows\Installer\39bfec8.msp
+ 2010-06-11 21:52 . 2010-06-11 21:52 45542912 c:\windows\Installer\39bfe92.msp
+ 2011-12-26 13:02 . 2011-12-26 13:02 19677184 c:\windows\Installer\34c711a.msp
+ 2010-03-31 05:23 . 2010-03-31 05:23 15638528 c:\windows\Installer\34c7118.msp
+ 2012-04-06 07:13 . 2012-04-06 07:13 16527872 c:\windows\Installer\34c70b7.msp
+ 2012-03-28 22:10 . 2012-03-28 22:10 12098048 c:\windows\Installer\34c703d.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 14599680 c:\windows\Installer\34c6fea.msp
+ 2011-12-26 13:02 . 2011-12-26 13:02 19677184 c:\windows\Installer\16703d6.msp
+ 2012-06-12 02:12 . 2009-03-08 08:39 11063808 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll
+ 2012-06-12 01:55 . 2012-06-12 01:55 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\32b169d0703541a18c987bd2dbf9fbd9\System.Windows.Forms.ni.dll
+ 2012-06-12 02:00 . 2012-06-12 02:00 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\408a14028cdc4c24dfb8f241da428142\System.Web.ni.dll
+ 2012-06-12 01:58 . 2012-06-12 01:58 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\913611b097e8dd53222d92945b53b597\System.ServiceModel.ni.dll
+ 2012-06-12 01:53 . 2012-06-12 01:54 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7dc928136c57efafae0845b7e8a83f45\System.Design.ni.dll
+ 2012-06-12 01:50 . 2012-06-12 01:50 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b44d2b225cf6b7861e85b2e915db1f93\PresentationFramework.ni.dll
+ 2012-06-12 01:49 . 2012-06-12 01:49 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f4f33d28527d761c7483d6960862684\PresentationCore.ni.dll
+ 2012-06-12 01:47 . 2012-06-12 01:47 11492352 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-01-28 2387968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"AIM"="c:\program files\AIM\aim.exe" [2005-08-05 67160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-07-27 68096]
"DeadAIM"="c:\program files\AIM\\DeadAIM.ocm" [2004-02-23 144896]
"Name of App"="c:\program files\SAMSUNG\FW LiveUpdate\FWManager.exe" [2009-07-15 692340]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2010-03-17 1565696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2009-08-31 660136]
"lxdnamon"="c:\program files\Lexmark 2600 Series\lxdnamon.exe" [2009-08-31 16040]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2009-08-31 320168]
"PhotoExplosionCalCheck"="c:\program files\Nova Development\Photo Explosion 3.0 SE\calcheck.exe" [2006-09-20 69632]
"HostManager"="c:\program files\Common Files\AOL\1102885027\ee\AOLSoftware.exe" [2010-03-08 41800]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
2010-07-13 20:40 70720 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 23:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2010-03-08 07:27 41800 ----a-w- c:\program files\Common Files\AOL\1102885027\EE\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2004-02-12 17:38 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 19:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 19:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 21:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2004-11-14 19:52 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-11-10 18:03 36975 ----a-w- c:\program files\Java\jre1.5.0_06\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-11-21 17:38 35328 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\lxdnmon.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [6/11/2012 5:35 AM 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6/11/2012 5:35 AM 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/11/2012 5:35 AM 20696]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [12/12/2011 12:03 PM 290832]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdnserv.exe [5/31/2010 1:45 PM 98984]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/18/2009 3:35 AM 654408]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2/15/2007 11:31 PM 24652]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/18/2009 3:35 AM 22344]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [1/19/2008 2:38 PM 47360]
S2 clcsuq;clcsuq;c:\windows\system32\drivers\leqiehot.sys --> c:\windows\system32\drivers\leqiehot.sys [?]
S2 vmorhzu;vmorhzu;c:\windows\system32\drivers\isiojxn.sys --> c:\windows\system32\drivers\isiojxn.sys [?]
S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [12/18/2009 12:13 PM 20480]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [12/18/2009 12:12 PM 174720]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [4/14/2010 8:29 PM 32408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-28 03:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2009-09-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34]
.
2012-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1202660629-682003330-1003Core.job
- c:\documents and settings\WindowsXP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-05 18:14]
.
2012-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1202660629-682003330-1003UA.job
- c:\documents and settings\WindowsXP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-05 18:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.inbox.com/homepage.aspx?tbid=80291&lng=en
uInternet Settings,ProxyOverride = <local>;*.local
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 10.0.0.1
Handler: ezpp - {810403FA-E82E-11D5-8AAB-0010A404A3DE} - c:\windows\system32\EZTOOL~1.DLL
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {D5EC5989-671B-476D-AC86-090793776FB1} - hxxps://secure.ibuilder.com/iSpeedway/download/AuctionBlast/XAuctionBlast.cab
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-58354232.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-12 23:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1988)
c:\windows\system32\WININET.dll
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-06-12 23:48:29
ComboFix-quarantined-files.txt 2012-06-13 03:48
ComboFix2.txt 2012-06-11 09:08
.
Pre-Run: 18,382,544,896 bytes free
Post-Run: 18,441,699,328 bytes free
.
- - End Of File - - 2555D98B3B71D0BB02126264C8B0EE3C

#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:42 AM

Posted 13 June 2012 - 06:21 AM

How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 lilpmplugz99

lilpmplugz99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 13 June 2012 - 09:21 AM

It is running pretty well, but I still have those crypt files.

#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:42 AM

Posted 13 June 2012 - 08:03 PM

Hello,

Try that encryption tool again. Also try these::
ftp://ftp.drweb.com/pub/drweb/tools/matsnu1decrypt.exe

http://support.kaspersky.com/de/faq/?qid=208642772

I don't think these will work but they are worth a try.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 lilpmplugz99

lilpmplugz99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 13 June 2012 - 08:29 PM

I don't understand how to use them. It asks me for the original file, but the original file is the crypted file? There is only 1 file?

#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:42 AM

Posted 13 June 2012 - 08:40 PM

Which utility is asking you that question?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 lilpmplugz99

lilpmplugz99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 14 June 2012 - 12:57 AM

Both programs ask for that

#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:42 AM

Posted 14 June 2012 - 03:53 PM

Are you able to reformatt and reinstall your operating system?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 lilpmplugz99

lilpmplugz99
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 15 June 2012 - 12:27 AM

I don't think I have my discs anymore

#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:42 AM

Posted 15 June 2012 - 02:18 PM

I don't think I have my discs anymore


There is nothing that can be done. There is not a decryptor made for this malware yet. It may be somewhere down the line but not currently.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:42 AM

Posted 18 June 2012 - 02:32 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users