Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with Zeroacess / Generic.Backdoor!1ub / Generic.dx!b2pt


  • This topic is locked This topic is locked
50 replies to this topic

#1 Raebo

Raebo

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 17 June 2012 - 12:59 AM

Hi,

My device has been infected with ZeroAccess, which proceeded to bring along the 2 generic trojans. My main problems are that windows is very laggy (most things has to be done through Safe Mode at the moment), my firewall won't stay on (in normal and safe modes) and occasionally a pop-up appears with the title [Web Browser] warning that I should stop a script from running. It looks something like this: (I forgot to take a screenshot when it popped up, so here's the exact same thing that I found through google)

Posted Image

Before I start off, here are some details about my machine.

Windows 7 SP1

McAfee SecurityCenter v11.0
McAfee VirusScan v15.0 last updated today (17/6/12)
McAfee Personal Firewall v12.0

A few days ago, my friend was using my machine when McAfee popped up saying that it had quarantined some trojans and no further action was required.

Afterwards, the computer was getting significantly more laggy with each reboot; McAfee Personal Firewall and Real-time protection were also unable to stay on. Looking through the quarantined list of items, there were multiple instances of the same 3 items:

ZeroAccess
Generic.Backdoor!1ub
Generic.dx!b2pt

All 3 appeared in C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U

My friend had already deleted the zip file which probably allowed ZeroAccess in. Since McAfee's complete scan of the computer was unable to complete due to the significant lag, I then downloaded and ran Spybot S&D and Ad-Aware Antivirus in Safe Mode, but nothing turned up.

After, I followed McAfee's generic recommendations and downloaded McAfee Virtual Technician and MBAM. Since it was still very laggy in normal mode, I had to use those scans in safe mode. The only thing that turned up was that McAfee Firewall was down, but there was nothing that could be done by the virtual technician. I have also tried turning off system restore, running a complete scan by McAfee VirusScan in safe mode (which was clear) and running bootrec/fixmbr using the Windows CD (operation finished in under a second).

Since then, I have tried running TDSSKiller, which returned all clear both in normal and safe mode. Also, I gave McAfee's RootkitRemover a go in safe mode, but nothing turned up as well.

Here are my dds and GMER logs. (all done in safe mode as dds would not load and GMER just froze in normal mode)

EDIT: I forgot, GMER also is only able to scan Services, Registry, Files and ADS. The other options (eg. system, IAT/EAT, modules etc.) are grayed out.


.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by signius at 5:21:30 on 2012-06-17
Microsoft Windows 7 Home Premium 6.1.7601.1.936.86.1033.18.3959.2991 [GMT 10:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\helppane.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\signius\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
C:\Users\signius\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\signius\AppData\Local\Google\Chrome\Application\chrome.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Users\signius\Downloads\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyServer = wwwproxy.student.unimelb.edu.au:8000
uInternet Settings,ProxyOverride = *.local;<local>
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120427065742.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\signius\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Facebook Update] "C:\Users\signius\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\signius\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\signius\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 123.200.187.1 123.200.187.2
TCP: Interfaces\{689A6937-43AC-419B-9803-C53282EBF450} : NameServer = 168.95.1.1
TCP: Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D} : DhcpNameServer = 123.200.187.1 123.200.187.2
TCP: Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D}\55D40275962756C65637370214D244F627D60275563747 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D}\55D40275962756C65637370214D244F627D60275563747 : DhcpNameServer = 128.250.66.5 128.250.201.5
TCP: Interfaces\{A77635A9-77DE-41A7-A199-ECFD9774F6D5} : DhcpNameServer = 10.188.66.103 10.176.66.71
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120427065742.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\signius\AppData\Roaming\Mozilla\Firefox\Profiles\tcugldwx.default\
FF - component: C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\components\scriptff.dll
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\signius\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\signius\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 SbFw;SbFw;C:\Windows\system32\drivers\SbFw.sys --> C:\Windows\system32\drivers\SbFw.sys [?]
R1 SBRE;SBRE;C:\WINDOWS\System32\drivers\SBREDrv.sys [2011-10-26 101112]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-5-3 1226096]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2010-12-30 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2010-12-30 162192]
R2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\system32\DRIVERS\SBFWIM.sys --> C:\Windows\system32\DRIVERS\SBFWIM.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
S2 AESTFilters;Andrea ST Filters Service;C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe [2010-12-30 89600]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
S2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-10 155648]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-30 13336]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-13 654408]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 249936]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 249936]
S2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2010-12-30 199272]
S2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-6-13 1153368]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-30 1692480]
S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-30 2320920]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\system32\DRIVERS\sbfwim.sys --> C:\Windows\system32\DRIVERS\sbfwim.sys [?]
S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
S3 sbwtis;sbwtis;C:\Windows\system32\DRIVERS\sbwtis.sys --> C:\Windows\system32\DRIVERS\sbwtis.sys [?]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
S3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
S3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 249936]
.
=============== Created Last 30 ================
.
2012-06-16 18:40:58 -------- d-----w- C:\Users\signius\AppData\Local\{663C5A25-A7B4-4E14-B5D7-6B48762937B7}
2012-06-15 13:43:46 -------- d-----w- C:\Users\signius\AppData\Local\{C6D720FC-0CC7-4695-BDA2-EC1647661C2E}
2012-06-15 06:08:24 -------- d-sh--w- C:\Windows\System32\%APPDATA%
2012-06-15 05:43:34 -------- d-----w- C:\Users\signius\AppData\Local\{7653F41F-FE17-46EA-9F20-6831F52D6F10}
2012-06-15 05:28:49 -------- d-----w- C:\Users\signius\AppData\Local\{5D2518E5-AB4D-4A32-A8B5-3C053D9C7B31}
2012-06-14 13:33:51 -------- d-----w- C:\Users\signius\AppData\Local\{FCC2029A-6E99-4EDC-BDAC-466C921BA100}
2012-06-14 13:32:47 -------- d-----w- C:\Users\signius\AppData\Local\{217F0525-347E-4FDA-B748-BB837F232BD6}
2012-06-14 01:31:12 -------- d-----w- C:\Users\signius\AppData\Local\{9157CCF5-5718-44C3-B258-012F55C89B57}
2012-06-13 13:30:54 -------- d-----w- C:\Users\signius\AppData\Local\{031985B1-8969-44B5-B46A-71920CB0B4A8}
2012-06-13 03:09:41 -------- d-----w- C:\Users\signius\AppData\Roaming\McAfee
2012-06-13 03:04:25 -------- d-----w- C:\Users\signius\AppData\Roaming\Malwarebytes
2012-06-13 03:03:17 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-13 03:03:05 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-13 03:03:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-13 01:49:22 -------- d-----w- C:\Users\signius\AppData\Local\adaware
2012-06-13 01:49:20 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2012-06-13 01:49:11 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys
2012-06-13 01:49:01 256632 ----a-w- C:\Windows\System32\drivers\SbFw.sys
2012-06-13 01:49:01 119416 ----a-w- C:\Windows\System32\drivers\SbFwIm.sys
2012-06-13 01:49:00 57976 ----a-w- C:\Windows\System32\drivers\sbredrv.sys
2012-06-13 01:49:00 45936 ----a-w- C:\Windows\System32\sbbd.exe
2012-06-13 01:48:39 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
2012-06-13 01:30:06 -------- d-----w- C:\Users\signius\AppData\Local\{3A850951-C907-45E4-976A-6EFEE4F27466}
2012-06-13 01:28:46 -------- d-----w- C:\Users\signius\AppData\Local\{883C3AFB-7763-46CF-BCD4-BE6845B52BD7}
2012-06-12 19:55:10 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-12 19:55:10 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-12 19:47:25 -------- d-----w- C:\Users\signius\AppData\Roaming\Ad-Aware Antivirus
2012-06-12 19:32:46 -------- d-----w- C:\Windows\AutoKMS
2012-06-12 18:42:26 -------- d-----w- C:\sh4ldr
2012-06-12 18:42:26 -------- d-----w- C:\Program Files\Enigma Software Group
2012-06-12 18:41:37 -------- d-----w- C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-12 18:41:34 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-06-12 18:27:51 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-12 18:27:51 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-12 18:00:40 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-06-12 16:51:37 -------- d-----w- C:\Users\signius\AppData\Local\{BC8BFE13-BB89-44A0-A91E-C3D8ABC36F67}
2012-06-12 04:51:38 -------- d-----w- C:\Users\signius\AppData\Local\{5AD3154E-41D5-43DD-A086-DD6144D2BBC7}
2012-06-11 16:51:04 -------- d-----w- C:\Users\signius\AppData\Local\{68DF11AD-F672-4C7F-A97E-E847B133117F}
2012-06-11 16:50:45 -------- d-----w- C:\Users\signius\AppData\Local\{18B9AA2F-BA60-4169-B1E0-F8EE4F2A8868}
2012-06-11 04:50:27 -------- d-----w- C:\Users\signius\AppData\Local\{9BA3CFBE-7B25-4298-B97C-F0631D85F38F}
2012-06-11 04:49:21 -------- d-----w- C:\Users\signius\AppData\Local\{D3601FA7-5B42-44F6-9524-7D4129046809}
2012-06-10 15:30:58 -------- d-----w- C:\Users\signius\AppData\Local\{1A4E9118-7000-45FF-A592-35B82BF1232A}
2012-06-10 15:30:41 -------- d-----w- C:\Users\signius\AppData\Local\{F582B103-DBAF-4599-A050-025E3CB13E32}
2012-06-10 03:30:22 -------- d-----w- C:\Users\signius\AppData\Local\{F6A3E0C5-020C-4A82-BCB6-9EBFD80BECC8}
2012-06-10 03:30:04 -------- d-----w- C:\Users\signius\AppData\Local\{9EDD74A7-0A3B-4216-B198-617DE2C64D22}
2012-06-09 15:30:03 -------- d-----w- C:\Users\signius\AppData\Local\{9C83F97D-537B-4E80-8196-294F73312E3D}
2012-06-09 03:30:15 -------- d-----w- C:\Users\signius\AppData\Local\{5D520DA5-94AE-4DAA-A7C1-9A1D795C4246}
2012-06-08 08:20:10 -------- d-----w- C:\Users\signius\AppData\Local\{3C23D317-8F63-4D8E-A587-3147D1874587}
2012-06-08 08:19:53 -------- d-----w- C:\Users\signius\AppData\Local\{C182A238-93FC-4836-8F50-70E30B17B31D}
2012-06-07 20:19:38 -------- d-----w- C:\Users\signius\AppData\Local\{30E4CA17-E192-4E42-8CA7-4452F261DA7B}
2012-06-07 20:19:27 -------- d-----w- C:\Users\signius\AppData\Local\{7E2EE6C7-21C4-42F3-B914-743B0072BF32}
2012-06-07 08:19:05 -------- d-----w- C:\Users\signius\AppData\Local\{CB1A492D-707D-42E7-B37C-51E6575A5082}
2012-06-07 08:18:44 -------- d-----w- C:\Users\signius\AppData\Local\{10AE30DC-E75C-4D46-A08D-508E73D46021}
2012-06-06 20:18:27 -------- d-----w- C:\Users\signius\AppData\Local\{DC4A11F7-1FDD-4604-AE12-4561F606B30D}
2012-06-06 08:18:43 -------- d-----w- C:\Users\signius\AppData\Local\{B5659D60-8E23-43F0-AC90-905994E8C4F7}
2012-06-05 05:56:36 -------- d-----w- C:\Users\signius\AppData\Local\{3B28D35A-6F6C-4379-8450-8CE1FF6A705A}
2012-06-05 05:56:18 -------- d-----w- C:\Users\signius\AppData\Local\{203DF7FD-F5DB-44A7-BCCD-F07E2B9D5ECB}
2012-06-04 17:56:01 -------- d-----w- C:\Users\signius\AppData\Local\{4B76A646-6022-48C9-B357-09A249A54F87}
2012-06-04 17:55:44 -------- d-----w- C:\Users\signius\AppData\Local\{42023310-C170-427B-A0A0-9206485001B3}
2012-06-04 05:55:10 -------- d-----w- C:\Users\signius\AppData\Local\{4CAFC50A-8D47-4D98-A8AE-E07B260EFB85}
2012-06-04 05:54:50 -------- d-----w- C:\Users\signius\AppData\Local\{686885F6-CE53-46A6-8ABE-8C81A4424EE7}
2012-06-03 17:54:50 -------- d-----w- C:\Users\signius\AppData\Local\{72E8B9E1-C5CB-4802-A82E-55D5E3D88568}
2012-06-03 05:54:46 -------- d-----w- C:\Users\signius\AppData\Local\{DF29DC35-68BC-4105-929B-946140F85E2F}
2012-06-02 17:54:49 -------- d-----w- C:\Users\signius\AppData\Local\{EB2DC676-F736-49E7-B887-52BA1FB7D89F}
2012-06-02 05:54:42 -------- d-----w- C:\Users\signius\AppData\Local\{9220BB6E-5D00-468B-9836-E153D7A31A87}
2012-06-01 17:54:43 -------- d-----w- C:\Users\signius\AppData\Local\{D2EEBD27-DC7E-4FEF-88AB-AD7A73D31005}
2012-06-01 05:55:27 -------- d-----w- C:\Users\signius\AppData\Local\{4B516BCA-5725-4D0C-889A-99EC2FE7556C}
2012-06-01 05:54:46 -------- d-----w- C:\Users\signius\AppData\Local\{A220D68C-24C9-4BA2-A29D-41B07A1A82BC}
2012-05-27 15:26:44 -------- d-----w- C:\Users\signius\AppData\Local\{9F4F046C-F7D0-456F-B751-072DC2DA6843}
2012-05-27 15:26:13 -------- d-----w- C:\Users\signius\AppData\Local\{B33B3769-280F-4EB6-B220-91AA9E45B92B}
2012-05-27 03:28:21 -------- d-----w- C:\Users\signius\AppData\Local\{78F52F12-80D0-4546-BE59-5A3E3C694549}
2012-05-26 15:27:26 -------- d-----w- C:\Users\signius\AppData\Local\{30220E70-3A4E-4DF4-814D-A79757DE0CD5}
2012-05-26 15:26:59 -------- d-----w- C:\Users\signius\AppData\Local\{8D7DDAE5-2C5F-40E4-BAD8-AFFF93EB697D}
2012-05-26 03:26:26 -------- d-----w- C:\Users\signius\AppData\Local\{E3216933-3634-43A7-8051-B1757F009631}
2012-05-26 03:25:59 -------- d-----w- C:\Users\signius\AppData\Local\{62212A6D-0473-4372-97EF-5F74C1609262}
2012-05-25 15:28:39 -------- d-----w- C:\Users\signius\AppData\Local\{A807E90D-D724-44AD-8393-18A16B740633}
2012-05-25 03:28:19 -------- d-----w- C:\Users\signius\AppData\Local\{69A947BC-3EFD-4A44-8F61-DB46B44AE377}
2012-05-25 03:27:59 -------- d-----w- C:\Users\signius\AppData\Local\{F80CEAF5-29A7-4F86-97B5-3FA719F382CA}
2012-05-24 15:27:40 -------- d-----w- C:\Users\signius\AppData\Local\{A9825DAD-DA54-42F2-B711-95E1CB672271}
2012-05-24 15:27:18 -------- d-----w- C:\Users\signius\AppData\Local\{C212E090-51C8-44C6-A81A-FAD016AD0A6D}
2012-05-24 03:26:59 -------- d-----w- C:\Users\signius\AppData\Local\{2A81BE96-62AA-47D0-926A-56E4A9281102}
2012-05-24 03:26:14 -------- d-----w- C:\Users\signius\AppData\Local\{CB6EF408-019D-428E-A06D-CFA85B324F81}
2012-05-23 15:26:14 -------- d-----w- C:\Users\signius\AppData\Local\{C550C875-2DCB-490C-94F7-07FFAB00FAD6}
2012-05-23 03:27:57 -------- d-----w- C:\Users\signius\AppData\Local\{F3645AAD-AF55-4D00-9F74-70D6B2231FB1}
2012-05-23 03:27:40 -------- d-----w- C:\Users\signius\AppData\Local\{AC28C23C-C859-4EC5-9E38-5AE7EDFA7139}
2012-05-22 15:27:18 -------- d-----w- C:\Users\signius\AppData\Local\{3D2F5C73-E6FE-4C42-A010-1A51B26135EA}
2012-05-22 15:26:53 -------- d-----w- C:\Users\signius\AppData\Local\{7BFC0256-9EAE-4042-9F92-A366DFD72E9A}
2012-05-22 03:26:35 -------- d-----w- C:\Users\signius\AppData\Local\{386266E3-4E19-46F0-A010-E55AB9A4A00C}
2012-05-22 03:26:13 -------- d-----w- C:\Users\signius\AppData\Local\{7F19D941-709F-4321-A007-F34023D84CAD}
2012-05-21 15:26:14 -------- d-----w- C:\Users\signius\AppData\Local\{7C6F607E-15F2-424D-9DC4-D7A1FF4855A4}
2012-05-21 03:28:11 -------- d-----w- C:\Users\signius\AppData\Local\{E316C2DB-A116-48E9-A085-9DCE25F80694}
2012-05-20 15:27:53 -------- d-----w- C:\Users\signius\AppData\Local\{9BF1B69E-6A25-4574-8A67-B9DAA9EC8271}
2012-05-20 15:27:33 -------- d-----w- C:\Users\signius\AppData\Local\{CC5FF63D-49FF-482A-9D2B-2197EAC13C6E}
2012-05-20 03:27:15 -------- d-----w- C:\Users\signius\AppData\Local\{18848E78-A5F5-4DE9-A834-89F565218209}
2012-05-20 03:26:28 -------- d-----w- C:\Users\signius\AppData\Local\{8870D05A-F916-4076-8704-F961D64CD5FB}
2012-05-19 14:21:29 -------- d-----w- C:\Users\signius\AppData\Local\{C07D90CD-5A12-4B69-8B92-A2D2EBF13551}
2012-05-19 14:20:56 -------- d-----w- C:\Users\signius\AppData\Local\{A2FD7E82-9E49-4408-BCAB-9A6524DA1A67}
2012-05-19 02:20:36 -------- d-----w- C:\Users\signius\AppData\Local\{3A0F0217-37B5-411C-959D-DDA03A0BF30C}
2012-05-19 02:20:13 -------- d-----w- C:\Users\signius\AppData\Local\{21CFB512-7B69-4B58-BFBB-9F7620C798D5}
2012-05-18 14:19:57 -------- d-----w- C:\Users\signius\AppData\Local\{56DA7BB1-3074-482C-BDD9-E29E34DD40EF}
2012-05-18 14:19:42 -------- d-----w- C:\Users\signius\AppData\Local\{FF0A5850-3289-42B9-BCC3-0117F46440FB}
2012-05-18 02:19:43 -------- d-----w- C:\Users\signius\AppData\Local\{8A709B79-AE63-4492-85B6-A53529822EBD}
.
==================== Find3M ====================
.
2012-04-24 11:45:45 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-04-18 10:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-18 10:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10:03 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 5:23:05.22 ===============


This is really frustrating and I kind of need my computer for my upcoming exams this week. I hope that you guys can lend me a hand.

Thanks! =)

Attached Files


Edited by Raebo, 17 June 2012 - 01:03 AM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:09 PM

Posted 17 June 2012 - 01:07 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Raebo

Raebo
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 17 June 2012 - 01:28 AM

Hi Gringo,

Thanks for your prompt reply. One quick question: can I run security check and combofix in safe mode? Normal is quite laggy at the moment.

Thanks!

#4 Raebo

Raebo
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 17 June 2012 - 05:40 AM

Hi,

As normal mode was too laggy, I was unable to run either of the programs even after waiting for an hour. I have run both in safe mode, however my device went into BSOD midway through the combofix scan. This was when it was displaying the list of items affected. I managed to catch a glimpse of one of them, something about services.exe

After completing the memory dump and automatic system recovery, windows couldn't fix the problem but started upon safe mode. Combofix managed to complete its output, but when I restarted (safe mode didn't have networking enabled) it has been pretty much BSOD --> memory dump --> shut down. The output logs are still on the machine and i can't even post them up (using my mobile now).

Is there anything that can be done? I'm seriously contemplating doing a clean wipe and reinstalling windows.

As always, any help is appreciated.

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:09 PM

Posted 17 June 2012 - 09:09 AM

yes go ahead and run in safe mode and let me have the reports


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 Raebo

Raebo
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 17 June 2012 - 10:09 AM

Hi gringo,

My computer keeps having a stop error 0x00000018 and 0x0000007e and forcing itself to restart. The only mode that works is safe mode without networking. I will try to borrow a computer to upload the logs as soon as i can.

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:09 PM

Posted 17 June 2012 - 11:38 AM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:09 PM

Posted 19 June 2012 - 11:52 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Raebo

Raebo
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 20 June 2012 - 02:08 AM

Hi Gringo,

Sorry for the massive delay. Exams and stuff were happening these few days, did not have much spare time. Here are the logs


Security Check (in safe mode)


Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
MVPS Hosts File
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.61.0.1400
Java™ 6 Update 22
Java™ 6 Update 31
Java version out of date!
Adobe Flash Player 10 Flash Player out of date!
Adobe Reader X (10.1.3)
Mozilla Firefox (3.6.13) Firefox out of Date!
Google Chrome 19.0.1084.52
Google Chrome 19.0.1084.56
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Ad-Aware Antivirus AdAwareService.exe
Ad-Aware Antivirus SBAMSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````



Combofix


ComboFix 12-06-16.02 - signius 6/2012 Sun 22:58:03.2.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.936.86.1033.18.3959.3059 [GMT 10:00]
执行位置: c:\users\signius\Desktop\ComboFix.exe
AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* 成功创造新还原点
.
.
((((((((((((((((((((((((((((((((((((((( 被删除的档案 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
E:\Autorun.inf
.
.
((((((((((((((((((((((((( 2012-05-17 至 2012-06-17 的新的档案 )))))))))))))))))))))))))))))))
.
.
2012-06-17 01:56 . 2012-06-17 01:56 100864 ----a-w- C:\pftirfog.sys
2012-06-15 06:08 . 2012-06-15 06:08 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-06-13 03:09 . 2012-06-13 03:09 -------- d-----w- c:\users\signius\AppData\Roaming\McAfee
2012-06-13 03:04 . 2012-06-13 03:04 -------- d-----w- c:\users\signius\AppData\Roaming\Malwarebytes
2012-06-13 03:03 . 2012-06-13 03:03 -------- d-----w- c:\programdata\Malwarebytes
2012-06-13 03:03 . 2012-04-04 05:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-13 03:03 . 2012-06-13 03:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-13 01:49 . 2012-06-13 02:21 -------- d-----w- c:\users\signius\AppData\Local\adaware
2012-06-13 01:49 . 2012-06-13 01:49 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-06-13 01:49 . 2011-12-19 02:44 60536 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-06-13 01:49 . 2011-12-19 02:44 256632 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-06-13 01:49 . 2011-09-29 02:16 119416 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-06-13 01:49 . 2011-12-19 03:21 45936 ----a-w- c:\windows\system32\sbbd.exe
2012-06-13 01:49 . 2011-10-26 04:23 57976 ----a-w- c:\windows\system32\drivers\sbredrv.sys
2012-06-13 01:48 . 2012-06-14 07:26 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2012-06-13 01:48 . 2012-06-13 01:48 -------- d-----w- c:\programdata\Lavasoft
2012-06-12 19:55 . 2012-06-12 20:21 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-06-12 19:55 . 2012-06-12 19:57 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-06-12 19:47 . 2012-06-13 03:07 -------- d-----w- c:\users\signius\AppData\Roaming\Ad-Aware Antivirus
2012-06-12 19:32 . 2012-06-12 19:32 -------- d-----w- c:\windows\AutoKMS
2012-06-12 18:42 . 2012-06-12 19:50 -------- d-----w- C:\sh4ldr
2012-06-12 18:42 . 2012-06-12 18:42 -------- d-----w- c:\program files\Enigma Software Group
2012-06-12 18:41 . 2012-06-12 19:50 -------- d-----w- c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-12 18:41 . 2012-06-12 18:41 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-06-12 18:27 . 2012-06-12 18:27 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-12 18:27 . 2012-06-12 18:27 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-12 18:27 . 2012-06-12 18:27 -------- d-----w- c:\windows\system32\Macromed
2012-06-12 18:00 . 2012-06-12 18:00 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
.
.
.
(((((((((((((((((((((((((((((((((((((((( 在三个月内被修改的档案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-24 11:45 . 2011-02-13 13:29 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-18 10:56 . 2012-04-18 10:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 10:56 . 2012-04-18 10:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-03-31 06:05 . 2012-05-09 16:32 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-09 16:32 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-09 16:32 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-09 16:32 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-09 16:57 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-17_08.33.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-17 11:58 . 2012-06-17 11:58 13271 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-06-15 05:31 . 2012-06-15 05:31 13271 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2009-07-14 05:10 . 2012-06-17 14:33 37590 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-05 20:59 . 2012-06-17 14:33 12460 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2696381077-3989773151-1297001512-1000_UserData.bin
+ 2012-06-17 23:29 . 2012-06-17 13:06 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat
- 2012-06-17 23:29 . 2012-06-17 07:14 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat
+ 2010-12-30 09:27 . 2012-06-17 11:58 4647 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2010-12-30 09:27 . 2012-06-13 11:26 4647 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2012-06-17 08:33 . 2012-06-17 08:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-17 14:31 . 2012-06-17 14:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-17 08:33 . 2012-06-17 08:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-17 14:31 . 2012-06-17 14:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-02-05 20:27 . 2012-06-17 11:55 428704 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-07-14 02:36 . 2012-06-17 12:28 620946 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-17 12:28 110876 c:\windows\system32\perfc009.dat
- 2009-07-14 05:12 . 2012-06-17 02:00 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2012-06-17 11:55 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-02-05 03:32 . 2012-06-17 06:46 196608 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-05 03:32 . 2012-06-17 11:58 196608 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 05:01 . 2012-06-17 11:58 471924 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-06-13 11:26 471924 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-05 03:32 . 2012-06-17 11:58 2097152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-02-05 03:32 . 2012-06-17 06:46 2097152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-17 06:46 1982464 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-17 11:58 1982464 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 02:34 . 2012-06-18 05:17 11010048 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2012-06-17 23:25 11010048 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2011-03-09 13:02 . 2012-06-17 11:58 22813924 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2696381077-3989773151-1297001512-1000-8192.dat
- 2011-03-09 13:02 . 2012-06-13 01:01 22813924 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2696381077-3989773151-1297001512-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( 重要登入点 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白与合法缺省登录将不会被显示
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Facebook Update"="c:\users\signius\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-12-23 137536]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-02 98304]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-04 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-09-03 518640]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-26 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-11-16 559616]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-04 219632]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-04 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [x]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [x]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-05-03 1226096]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-03-20 162192]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-09-30 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [x]
S3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-09-30 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
‘计划任务’ 文件夹 里的内容
.
2012-06-17 c:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
- c:\progra~2\AD-AWA~1\AdAwareLauncher.exe [2012-05-03 08:37]
.
2012-06-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000Core.job
- c:\users\signius\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-23 15:35]
.
2012-06-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000UA.job
- c:\users\signius\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-23 15:35]
.
2012-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000Core.job
- c:\users\signius\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-07 01:18]
.
2012-06-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000UA.job
- c:\users\signius\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-07 01:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 384296]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-12-30 5470208]
.
------- 而外的扫描 -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = wwwproxy.student.unimelb.edu.au:8000
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 123.200.187.1 123.200.187.2
TCP: Interfaces\{689A6937-43AC-419B-9803-C53282EBF450}: NameServer = 168.95.1.1
TCP: Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D}\55D40275962756C65637370214D244F627D60275563747: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\signius\AppData\Roaming\Mozilla\Firefox\Profiles\tcugldwx.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2696381077-3989773151-1297001512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2696381077-3989773151-1297001512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2696381077-3989773151-1297001512-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"慤慴"=hex:0d,c8,7b,36,01,6d,e7,35,81,31,bd,a0,4a,ba,78,82,b7,4d,c9,a1,46,83,
6c,48,17,ce,30,c5,7c,d0,0b,fa,23,49,a4,bc,9c,29,b4,1c,26,f7,d9,36,94,34,dd,\
"歲祥"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ 其他运行进程 ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
.
**************************************************************************
.
完成时间: 2012-06-18 02:23:17 - 电脑已重新启动
ComboFix-quarantined-files.txt 2012-06-17 16:21
ComboFix2.txt 2012-06-17 08:41
.
Pre-Run: 47,861,731,328 bytes free
Post-Run: 47,763,509,248 bytes free
.
- - End Of File - - 94CDB3EB1B391F6B56FE12F9748B240E


As I mentioned previously, running combofix resulted in BSOD (random stop errors) with a memory dump, but the lag in normal mode seems a bit more manageable now. I can at least access simple word docs etc after waiting for a few minutes, but internet access is still disabled.

Hope this helps in the diagnosis. Once again, thanks for your help!

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:09 PM

Posted 20 June 2012 - 02:46 AM

Hello

download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
Gringo[/b]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Raebo

Raebo
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 20 June 2012 - 06:00 AM

FRST log

Scan result of Farbar Recovery Scan Tool Version: 20-06-2012
Ran by SYSTEM at 20-06-2012 10:50:01
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNTION PROPERLY.

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5470208 2010-12-30] (Dell Inc.)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-06-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1675160 2012-03-21] (McAfee, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-09-04] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [518640 2010-09-03] ()
HKLM-x32\...\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-26] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run [x]
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" [198032 2011-10-21] (Lavasoft)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKU\signius\...\Run: [Facebook Update] "C:\Users\signius\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [137536 2011-12-23] (Facebook Inc.)
HKU\signius\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-22] (Apple Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-11-16] (Dell)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Tcpip\..\Interfaces\{689A6937-43AC-419B-9803-C53282EBF450}: [NameServer]168.95.1.1
Tcpip\..\Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D}: [NameServer]8.8.8.8,8.8.4.4
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Default\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\signius\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\signius\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Services (Whitelisted) ======

2 Ad-Aware Service; "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe" [1226096 2012-05-03] (Lavasoft Limited)
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [502032 2012-03-22] (McAfee, Inc.)
4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [199272 2012-03-19] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [210584 2012-03-19] (McAfee, Inc.)
2 mfevtp; "C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe" [162192 2012-03-19] (McAfee, Inc.)
2 NOBU; "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe" SERVICE [2823000 2010-08-25] (Dell, Inc.)
3 RoxMediaDB12OEM; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe" [1116656 2010-09-04] (Sonic Solutions)
2 RoxWatch12; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe" [219632 2010-09-04] (Sonic Solutions)
2 SBAMSvc; "C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe" [3289032 2011-12-18] (GFI Software)
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [2320920 2010-03-03] (Intel Corporation)

========================== Drivers (Whitelisted) =============

3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [65264 2012-02-21] (McAfee, Inc.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [160792 2012-02-21] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [229528 2012-02-21] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [487296 2012-02-21] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [647208 2012-02-21] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\Drivers\mfenlfk.sys [75936 2012-02-21] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [100912 2012-02-21] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [289664 2012-02-21] (McAfee, Inc.)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [232480 2010-03-17] (Realtek Semiconductor Corp.)
2 sbapifs; C:\Windows\System32\Drivers\sbapifs.sys [74872 2011-11-28] (GFI Software)
1 SbFw; C:\Windows\System32\Drivers\SbFw.sys [256632 2011-12-18] (GFI Software)
3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [119416 2011-09-28] (GFI Software)
3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [119416 2011-09-28] (GFI Software)
3 sbhips; C:\Windows\System32\Drivers\sbhips.sys [60536 2011-12-18] (GFI Software)
1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [57976 2011-10-25] (GFI Software)
3 sbwtis; C:\Windows\System32\Drivers\sbwtis.sys [84600 2011-12-18] (GFI Software)
4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-02-05] (Duplex Secure Ltd.)
3 catchme; \??\C:\ComboFix\catchme.sys [x]
3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena\safedrv.sys [x]
3 mfeavfk01; [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-20 10:49 - 2012-06-20 10:50 - 00000000 ____D C:\FRST
2012-06-18 21:36 - 2012-06-18 21:36 - 00275576 ____A C:\Windows\Minidump\061912-15974-01.dmp
2012-06-18 15:05 - 2012-06-18 15:05 - 00275576 ____A C:\Windows\Minidump\061912-17752-01.dmp
2012-06-18 13:32 - 2012-06-18 13:32 - 00275520 ____A C:\Windows\Minidump\061912-16660-01.dmp
2012-06-18 09:07 - 2012-06-18 09:07 - 00271392 ____A C:\Windows\Minidump\061912-42525-01.dmp
2012-06-18 09:05 - 2012-06-18 09:05 - 00271392 ____A C:\Windows\Minidump\061912-44210-01.dmp
2012-06-18 05:04 - 2012-06-18 05:04 - 00275576 ____A C:\Windows\Minidump\061812-15958-01.dmp
2012-06-18 05:02 - 2012-06-18 05:02 - 00275576 ____A C:\Windows\Minidump\061812-15553-01.dmp
2012-06-18 05:00 - 2012-06-18 05:00 - 00000000 ____A C:\Windows\Minidump\061812-14757-01.dmp
2012-06-18 04:58 - 2012-06-18 04:58 - 00000000 ____A C:\Windows\Minidump\061812-14742-01.dmp
2012-06-18 04:57 - 2012-06-18 04:57 - 00000000 ____A C:\Windows\Minidump\061812-15771-01.dmp
2012-06-18 04:56 - 2012-06-18 04:56 - 00000000 ____A C:\Windows\Minidump\061812-14976-01.dmp
2012-06-18 03:48 - 2012-06-18 03:48 - 00272512 ____A C:\Windows\Minidump\061812-62852-01.dmp
2012-06-17 23:55 - 2012-06-17 23:55 - 00275520 ____A C:\Windows\Minidump\061812-51074-01.dmp
2012-06-17 18:19 - 2012-06-17 18:19 - 00275576 ____A C:\Windows\Minidump\061812-15132-01.dmp
2012-06-17 18:19 - 2012-06-17 18:19 - 00000000 ____A C:\Windows\Minidump\061812-15147-01.dmp
2012-06-17 18:18 - 2012-06-17 18:18 - 00000000 ____A C:\Windows\Minidump\061812-14991-02.dmp
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default\Local Settings\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default User\Local Settings\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2012-06-17 14:54 - 2012-06-17 14:54 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-17 13:08 - 2012-06-17 13:08 - 00271392 ____A C:\Windows\Minidump\061812-14383-01.dmp
2012-06-17 13:00 - 2012-06-17 13:00 - 00275576 ____A C:\Windows\Minidump\061812-13525-01.dmp
2012-06-17 12:59 - 2012-06-17 12:59 - 00000000 ____A C:\Windows\Minidump\061812-23197-01.dmp
2012-06-17 12:58 - 2012-06-17 12:58 - 00000000 ____A C:\Windows\Minidump\061812-13962-01.dmp
2012-06-17 12:39 - 2012-06-17 12:39 - 00275576 ____A C:\Windows\Minidump\061812-13572-01.dmp
2012-06-17 12:39 - 2012-06-17 12:39 - 00000000 ____A C:\Windows\Minidump\061812-14040-01.dmp
2012-06-17 11:24 - 2012-06-17 11:24 - 00027807 ____A C:\ComboFix.txt
2012-06-17 09:31 - 2012-06-17 09:31 - 00271392 ____A C:\Windows\Minidump\061812-18033-01.dmp
2012-06-17 07:21 - 2012-06-17 07:21 - 00271392 ____A C:\Windows\Minidump\061712-17331-01.dmp
2012-06-17 06:59 - 2012-06-17 06:59 - 00001738 ____A C:\Windows\SysWOW64\EmailAVConfig.xml
2012-06-17 06:59 - 2012-06-17 06:59 - 00001188 ____A C:\Windows\SysWOW64\ServiceConfig.xml
2012-06-17 06:59 - 2012-06-17 06:59 - 00000438 ____A C:\Windows\SysWOW64\WSCConfig.xml
2012-06-17 06:03 - 2012-06-17 06:03 - 00275576 ____A C:\Windows\Minidump\061712-15678-01.dmp
2012-06-17 05:48 - 2012-06-17 05:48 - 00316208 ____A C:\Windows\Minidump\061712-15381-01.dmp
2012-06-17 05:47 - 2012-06-17 05:47 - 00000000 ____A C:\Windows\Minidump\061712-15974-01.dmp
2012-06-17 05:40 - 2012-06-17 05:40 - 00271392 ____A C:\Windows\Minidump\061712-16255-01.dmp
2012-06-17 05:39 - 2012-06-17 05:39 - 00000000 ____A C:\Windows\Minidump\061712-15600-01.dmp
2012-06-17 05:39 - 2012-06-17 05:39 - 00000000 ____A C:\Windows\Minidump\061712-15288-01.dmp
2012-06-17 05:38 - 2012-06-17 05:38 - 00000000 ____A C:\Windows\Minidump\061712-15724-01.dmp
2012-06-17 05:18 - 2012-06-17 05:19 - 00271392 ____A C:\Windows\Minidump\061712-15256-01.dmp
2012-06-17 05:10 - 2012-06-17 05:10 - 00275576 ____A C:\Windows\Minidump\061712-16411-01.dmp
2012-06-17 05:03 - 2012-06-17 05:03 - 00275576 ____A C:\Windows\Minidump\061712-16005-01.dmp
2012-06-17 03:33 - 2012-06-17 03:33 - 00275576 ____A C:\Windows\Minidump\061712-16052-01.dmp
2012-06-17 02:02 - 2011-06-26 01:45 - 00256000 ____A C:\Windows\PEV.exe
2012-06-17 02:02 - 2010-11-07 12:20 - 00208896 ____A C:\Windows\MBR.exe
2012-06-17 02:02 - 2009-04-19 23:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-06-17 02:02 - 2000-08-30 19:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-06-17 02:02 - 2000-08-30 19:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-06-17 02:02 - 2000-08-30 19:00 - 00098816 ____A C:\Windows\sed.exe
2012-06-17 02:02 - 2000-08-30 19:00 - 00080412 ____A C:\Windows\grep.exe
2012-06-17 02:02 - 2000-08-30 19:00 - 00068096 ____A C:\Windows\zip.exe
2012-06-17 01:44 - 2012-06-17 01:24 - 04560591 ____R (Swearware) C:\Users\signius\Desktop\ComboFix.exe
2012-06-17 01:41 - 2012-06-17 03:39 - 00000000 ____D C:\Windows\erdnt
2012-06-17 01:40 - 2012-06-17 11:24 - 00000000 ___AD C:\Qoobox
2012-06-17 01:34 - 2012-06-17 07:45 - 00000948 ____A C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2012-06-16 20:56 - 2012-06-16 20:56 - 00100864 ____A (GMER) C:\pftirfog.sys
2012-06-16 15:22 - 2012-06-16 15:22 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B74DFBCB-9CB3-48AD-ACA2-0C826B4FBF56}
2012-06-16 15:22 - 2012-06-16 15:22 - 00000000 ____D C:\Users\signius\Local Settings\{B74DFBCB-9CB3-48AD-ACA2-0C826B4FBF56}
2012-06-16 15:22 - 2012-06-16 15:22 - 00000000 ____D C:\Users\signius\AppData\Local\{B74DFBCB-9CB3-48AD-ACA2-0C826B4FBF56}
2012-06-16 14:37 - 2012-06-16 14:37 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4CA12EB5-7865-4C66-81B2-9F7FFAB5421A}
2012-06-16 14:37 - 2012-06-16 14:37 - 00000000 ____D C:\Users\signius\Local Settings\{4CA12EB5-7865-4C66-81B2-9F7FFAB5421A}
2012-06-16 14:37 - 2012-06-16 14:37 - 00000000 ____D C:\Users\signius\AppData\Local\{4CA12EB5-7865-4C66-81B2-9F7FFAB5421A}
2012-06-16 14:26 - 2012-06-17 03:44 - 00000000 ____D C:\Users\signius\Desktop\BC
2012-06-16 14:17 - 2012-06-16 14:17 - 00000578 ____A C:\Users\signius\Downloads\defogger_disable.log
2012-06-16 14:17 - 2012-06-16 14:17 - 00000188 ____A C:\Users\signius\defogger_reenable
2012-06-16 13:40 - 2012-06-16 13:40 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{663C5A25-A7B4-4E14-B5D7-6B48762937B7}
2012-06-16 13:40 - 2012-06-16 13:40 - 00000000 ____D C:\Users\signius\Local Settings\{663C5A25-A7B4-4E14-B5D7-6B48762937B7}
2012-06-16 13:40 - 2012-06-16 13:40 - 00000000 ____D C:\Users\signius\AppData\Local\{663C5A25-A7B4-4E14-B5D7-6B48762937B7}
2012-06-15 08:43 - 2012-06-15 08:44 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C6D720FC-0CC7-4695-BDA2-EC1647661C2E}
2012-06-15 08:43 - 2012-06-15 08:44 - 00000000 ____D C:\Users\signius\Local Settings\{C6D720FC-0CC7-4695-BDA2-EC1647661C2E}
2012-06-15 08:43 - 2012-06-15 08:44 - 00000000 ____D C:\Users\signius\AppData\Local\{C6D720FC-0CC7-4695-BDA2-EC1647661C2E}
2012-06-15 08:38 - 2012-06-15 08:39 - 00001866 ____A C:\Users\signius\Downloads\SuperDAT.log
2012-06-15 02:42 - 2012-06-15 03:41 - 114787289 ____A C:\Users\signius\Downloads\avvepo6742dat.zip
2012-06-15 02:42 - 2012-06-15 03:39 - 103322544 ____A (McAfee, Inc.) C:\Users\signius\Downloads\6742xdat.exe
2012-06-15 01:43 - 2012-06-15 01:43 - 00475712 ____A (McAfee, Inc.) C:\Users\signius\Downloads\rootkitremover.exe
2012-06-15 01:08 - 2012-06-15 01:08 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-15 00:43 - 2012-06-15 00:44 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7653F41F-FE17-46EA-9F20-6831F52D6F10}
2012-06-15 00:43 - 2012-06-15 00:44 - 00000000 ____D C:\Users\signius\Local Settings\{7653F41F-FE17-46EA-9F20-6831F52D6F10}
2012-06-15 00:43 - 2012-06-15 00:44 - 00000000 ____D C:\Users\signius\AppData\Local\{7653F41F-FE17-46EA-9F20-6831F52D6F10}
2012-06-15 00:28 - 2012-06-15 00:29 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{5D2518E5-AB4D-4A32-A8B5-3C053D9C7B31}
2012-06-15 00:28 - 2012-06-15 00:29 - 00000000 ____D C:\Users\signius\Local Settings\{5D2518E5-AB4D-4A32-A8B5-3C053D9C7B31}
2012-06-15 00:28 - 2012-06-15 00:29 - 00000000 ____D C:\Users\signius\AppData\Local\{5D2518E5-AB4D-4A32-A8B5-3C053D9C7B31}
2012-06-14 08:33 - 2012-06-14 08:34 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{FCC2029A-6E99-4EDC-BDAC-466C921BA100}
2012-06-14 08:33 - 2012-06-14 08:34 - 00000000 ____D C:\Users\signius\Local Settings\{FCC2029A-6E99-4EDC-BDAC-466C921BA100}
2012-06-14 08:33 - 2012-06-14 08:34 - 00000000 ____D C:\Users\signius\AppData\Local\{FCC2029A-6E99-4EDC-BDAC-466C921BA100}
2012-06-14 08:32 - 2012-06-14 08:33 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{217F0525-347E-4FDA-B748-BB837F232BD6}
2012-06-14 08:32 - 2012-06-14 08:33 - 00000000 ____D C:\Users\signius\Local Settings\{217F0525-347E-4FDA-B748-BB837F232BD6}
2012-06-14 08:32 - 2012-06-14 08:33 - 00000000 ____D C:\Users\signius\AppData\Local\{217F0525-347E-4FDA-B748-BB837F232BD6}
2012-06-14 07:47 - 2012-04-27 22:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-14 07:47 - 2012-04-26 00:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-14 07:47 - 2012-04-26 00:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-14 07:47 - 2012-04-26 00:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-14 07:46 - 2012-04-24 00:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-14 07:46 - 2012-04-24 00:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-14 07:46 - 2012-04-24 00:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-14 07:46 - 2012-04-23 23:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-14 07:46 - 2012-04-23 23:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-14 07:46 - 2012-04-23 23:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-14 06:04 - 2012-05-04 06:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-14 06:03 - 2012-05-04 05:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-14 06:03 - 2012-05-04 05:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-14 06:01 - 2012-05-01 00:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-14 05:59 - 2012-05-14 20:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-14 05:57 - 2012-04-07 07:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-14 05:56 - 2012-04-07 06:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-14 02:24 - 2012-06-14 02:24 - 00000165 ___AH C:\Users\signius\Downloads\~$Kyabram 11am.pptx
2012-06-13 21:15 - 2012-06-13 21:16 - 02428464 ____A C:\Users\signius\Downloads\Kyabram 11am.pptx
2012-06-13 20:31 - 2012-06-13 20:31 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9157CCF5-5718-44C3-B258-012F55C89B57}
2012-06-13 20:31 - 2012-06-13 20:31 - 00000000 ____D C:\Users\signius\Local Settings\{9157CCF5-5718-44C3-B258-012F55C89B57}
2012-06-13 20:31 - 2012-06-13 20:31 - 00000000 ____D C:\Users\signius\AppData\Local\{9157CCF5-5718-44C3-B258-012F55C89B57}
2012-06-13 20:06 - 2012-06-13 20:06 - 00273466 ____A C:\Users\signius\Downloads\Survey_25983077[1].pdf
2012-06-13 20:06 - 2012-06-13 20:06 - 00109163 ____A C:\Users\signius\Downloads\Survey MonkeyResults32responses.pptx
2012-06-13 20:06 - 2012-06-13 20:06 - 00096165 ____A C:\Users\signius\Downloads\CaHM Survey Monkey Results-.pptx
2012-06-13 08:30 - 2012-06-13 20:31 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{031985B1-8969-44B5-B46A-71920CB0B4A8}
2012-06-13 08:30 - 2012-06-13 20:31 - 00000000 ____D C:\Users\signius\Local Settings\{031985B1-8969-44B5-B46A-71920CB0B4A8}
2012-06-13 08:30 - 2012-06-13 20:31 - 00000000 ____D C:\Users\signius\AppData\Local\{031985B1-8969-44B5-B46A-71920CB0B4A8}
2012-06-12 22:09 - 2012-06-12 22:09 - 00002158 ____A C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
2012-06-12 22:09 - 2012-06-12 22:09 - 00002158 ____A C:\Users\All Users\Desktop\McAfee Virtual Technician.lnk
2012-06-12 22:09 - 2012-06-12 22:09 - 00000000 ____D C:\Users\signius\Application Data\McAfee
2012-06-12 22:09 - 2012-06-12 22:09 - 00000000 ____D C:\Users\signius\AppData\Roaming\McAfee
2012-06-12 22:04 - 2012-06-12 22:04 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-12 22:04 - 2012-06-12 22:04 - 00001115 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-12 22:04 - 2012-06-12 22:04 - 00000000 ____D C:\Users\signius\Application Data\Malwarebytes
2012-06-12 22:04 - 2012-06-12 22:04 - 00000000 ____D C:\Users\signius\AppData\Roaming\Malwarebytes
2012-06-12 22:03 - 2012-06-12 22:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-12 22:03 - 2012-06-12 22:03 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-12 22:03 - 2012-06-12 22:03 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-06-12 22:03 - 2012-04-04 00:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-12 22:00 - 2012-06-12 22:01 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\signius\Downloads\mbam-setup-1.61.0.1400.exe
2012-06-12 22:00 - 2012-06-12 22:01 - 00526800 ____A (McAfee, Inc.) C:\Users\signius\Downloads\MVTInstaller.exe
2012-06-12 21:57 - 2012-06-12 21:59 - 09508968 ____A (McAfee Inc.) C:\Users\signius\Downloads\stinger.exe
2012-06-12 21:47 - 2012-06-12 21:49 - 06236280 ____A (Lavasoft Limited) C:\Users\signius\Downloads\Adaware_Installer (1).exe
2012-06-12 21:37 - 2012-06-12 21:37 - 01606656 ____A C:\Users\signius\Downloads\SteamInstall (1).msi
2012-06-12 20:49 - 2012-06-18 21:37 - 00001870 ____A C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2012-06-12 20:49 - 2012-06-18 21:37 - 00001870 ____A C:\Users\All Users\Desktop\Ad-Aware Antivirus.lnk
2012-06-12 20:49 - 2012-06-12 21:21 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\adaware
2012-06-12 20:49 - 2012-06-12 21:21 - 00000000 ____D C:\Users\signius\Local Settings\adaware
2012-06-12 20:49 - 2012-06-12 21:21 - 00000000 ____D C:\Users\signius\AppData\Local\adaware
2012-06-12 20:49 - 2012-06-12 20:49 - 00000012 ____A C:\Users\signius\Downloads\FSSC.dat
2012-06-12 20:49 - 2012-06-12 20:49 - 00000000 ____D C:\Users\All Users\Application Data\Ad-Aware Browsing Protection
2012-06-12 20:49 - 2012-06-12 20:49 - 00000000 ____D C:\Users\All Users\Ad-Aware Browsing Protection
2012-06-12 20:49 - 2011-12-18 22:21 - 00045936 ____A (GFI Software) C:\Windows\System32\sbbd.exe
2012-06-12 20:49 - 2011-12-18 21:44 - 00256632 ____A (GFI Software) C:\Windows\System32\Drivers\SbFw.sys
2012-06-12 20:49 - 2011-12-18 21:44 - 00060536 ____A (GFI Software) C:\Windows\System32\Drivers\sbhips.sys
2012-06-12 20:49 - 2011-10-25 23:23 - 00057976 ____A (GFI Software) C:\Windows\System32\Drivers\sbredrv.sys
2012-06-12 20:49 - 2011-09-28 21:16 - 00119416 ____A (GFI Software) C:\Windows\System32\Drivers\SbFwIm.sys
2012-06-12 20:48 - 2012-06-14 02:26 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2012-06-12 20:48 - 2012-06-12 20:48 - 00000000 ____D C:\Users\All Users\Lavasoft
2012-06-12 20:48 - 2012-06-12 20:48 - 00000000 ____D C:\Users\All Users\Application Data\Lavasoft
2012-06-12 20:30 - 2012-06-12 20:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3A850951-C907-45E4-976A-6EFEE4F27466}
2012-06-12 20:30 - 2012-06-12 20:30 - 00000000 ____D C:\Users\signius\Local Settings\{3A850951-C907-45E4-976A-6EFEE4F27466}
2012-06-12 20:30 - 2012-06-12 20:30 - 00000000 ____D C:\Users\signius\AppData\Local\{3A850951-C907-45E4-976A-6EFEE4F27466}
2012-06-12 20:28 - 2012-06-12 20:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{883C3AFB-7763-46CF-BCD4-BE6845B52BD7}
2012-06-12 20:28 - 2012-06-12 20:30 - 00000000 ____D C:\Users\signius\Local Settings\{883C3AFB-7763-46CF-BCD4-BE6845B52BD7}
2012-06-12 20:28 - 2012-06-12 20:30 - 00000000 ____D C:\Users\signius\AppData\Local\{883C3AFB-7763-46CF-BCD4-BE6845B52BD7}
2012-06-12 15:07 - 2012-06-12 15:04 - 00442937 ____A C:\Windows\System32\Drivers\etc\hosts.20120613-060721.backup
2012-06-12 15:04 - 2012-01-12 22:18 - 00000878 ____A C:\Windows\System32\Drivers\etc\hosts.20120613-060433.backup
2012-06-12 14:55 - 2012-06-12 15:21 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-06-12 14:55 - 2012-06-12 15:21 - 00000000 ____D C:\Users\All Users\Application Data\Spybot - Search & Destroy
2012-06-12 14:55 - 2012-06-12 14:57 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-12 14:55 - 2012-06-12 14:55 - 00001264 ____A C:\Users\signius\Desktop\Spybot - Search & Destroy.lnk
2012-06-12 14:51 - 2012-06-12 14:52 - 16409960 ____A (Safer Networking Limited ) C:\Users\signius\Downloads\spybotsd162.exe
2012-06-12 14:47 - 2012-06-12 22:07 - 00000000 ____D C:\Users\signius\Application Data\Ad-Aware Antivirus
2012-06-12 14:47 - 2012-06-12 22:07 - 00000000 ____D C:\Users\signius\AppData\Roaming\Ad-Aware Antivirus
2012-06-12 14:46 - 2012-06-12 14:46 - 06236280 ____A (Lavasoft Limited) C:\Users\signius\Downloads\Adaware_Installer.exe
2012-06-12 14:32 - 2012-06-12 14:32 - 00000000 ____D C:\Windows\AutoKMS
2012-06-12 14:25 - 2011-08-02 03:57 - 37329920 ____A C:\Users\signius\Downloads\Office 2010 Toolkit.exe
2012-06-12 14:15 - 2012-06-12 14:20 - 17957111 ____A C:\Users\signius\Downloads\OTK2010V223.zip
2012-06-12 13:42 - 2012-06-12 14:50 - 00000000 ____D C:\sh4ldr
2012-06-12 13:42 - 2012-06-12 13:42 - 00000000 ____D C:\Program Files\Enigma Software Group
2012-06-12 13:41 - 2012-06-12 14:50 - 00000000 ____D C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-12 13:38 - 2012-06-12 13:38 - 00725408 ____A (Enigma Software Group USA, LLC.) C:\Users\signius\Downloads\SpyHunter-Installer.exe
2012-06-12 13:27 - 2012-06-12 13:27 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-12 13:27 - 2012-06-12 13:27 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-12 13:27 - 2012-06-12 13:27 - 00000000 ____D C:\Windows\System32\Macromed
2012-06-12 13:00 - 2012-06-12 13:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2012-06-12 12:54 - 2012-06-12 23:25 - 00367394 ____A C:\Users\signius\Downloads\Kyabram.pptx
2012-06-12 11:51 - 2012-06-12 11:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{BC8BFE13-BB89-44A0-A91E-C3D8ABC36F67}
2012-06-12 11:51 - 2012-06-12 11:51 - 00000000 ____D C:\Users\signius\Local Settings\{BC8BFE13-BB89-44A0-A91E-C3D8ABC36F67}
2012-06-12 11:51 - 2012-06-12 11:51 - 00000000 ____D C:\Users\signius\AppData\Local\{BC8BFE13-BB89-44A0-A91E-C3D8ABC36F67}
2012-06-11 23:51 - 2012-06-11 23:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{5AD3154E-41D5-43DD-A086-DD6144D2BBC7}
2012-06-11 23:51 - 2012-06-11 23:51 - 00000000 ____D C:\Users\signius\Local Settings\{5AD3154E-41D5-43DD-A086-DD6144D2BBC7}
2012-06-11 23:51 - 2012-06-11 23:51 - 00000000 ____D C:\Users\signius\AppData\Local\{5AD3154E-41D5-43DD-A086-DD6144D2BBC7}
2012-06-11 11:51 - 2012-06-11 11:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{68DF11AD-F672-4C7F-A97E-E847B133117F}
2012-06-11 11:51 - 2012-06-11 11:51 - 00000000 ____D C:\Users\signius\Local Settings\{68DF11AD-F672-4C7F-A97E-E847B133117F}
2012-06-11 11:51 - 2012-06-11 11:51 - 00000000 ____D C:\Users\signius\AppData\Local\{68DF11AD-F672-4C7F-A97E-E847B133117F}
2012-06-11 11:50 - 2012-06-11 11:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{18B9AA2F-BA60-4169-B1E0-F8EE4F2A8868}
2012-06-11 11:50 - 2012-06-11 11:51 - 00000000 ____D C:\Users\signius\Local Settings\{18B9AA2F-BA60-4169-B1E0-F8EE4F2A8868}
2012-06-11 11:50 - 2012-06-11 11:51 - 00000000 ____D C:\Users\signius\AppData\Local\{18B9AA2F-BA60-4169-B1E0-F8EE4F2A8868}
2012-06-10 23:50 - 2012-06-10 23:50 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9BA3CFBE-7B25-4298-B97C-F0631D85F38F}
2012-06-10 23:50 - 2012-06-10 23:50 - 00000000 ____D C:\Users\signius\Local Settings\{9BA3CFBE-7B25-4298-B97C-F0631D85F38F}
2012-06-10 23:50 - 2012-06-10 23:50 - 00000000 ____D C:\Users\signius\AppData\Local\{9BA3CFBE-7B25-4298-B97C-F0631D85F38F}
2012-06-10 23:49 - 2012-06-10 23:50 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{D3601FA7-5B42-44F6-9524-7D4129046809}
2012-06-10 23:49 - 2012-06-10 23:50 - 00000000 ____D C:\Users\signius\Local Settings\{D3601FA7-5B42-44F6-9524-7D4129046809}
2012-06-10 23:49 - 2012-06-10 23:50 - 00000000 ____D C:\Users\signius\AppData\Local\{D3601FA7-5B42-44F6-9524-7D4129046809}
2012-06-10 11:09 - 2012-06-11 09:53 - 325376750 ____A C:\Users\signius\Downloads\Day[9] Daily #472 P1 - Stephano's Fast Max ZvP(HD_720_quality).m4v
2012-06-10 11:09 - 2012-06-11 02:24 - 357931615 ____A C:\Users\signius\Downloads\Day[9] Daily #472 P3 - Stephano's Fast Max ZvP(HD_720_quality).m4v
2012-06-10 11:09 - 2012-06-11 01:53 - 366866202 ____A C:\Users\signius\Downloads\Day[9] Daily #472 P2 - Stephano's Fast Max ZvP(HD_720_quality).m4v
2012-06-10 10:30 - 2012-06-10 10:31 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{1A4E9118-7000-45FF-A592-35B82BF1232A}
2012-06-10 10:30 - 2012-06-10 10:31 - 00000000 ____D C:\Users\signius\Local Settings\{1A4E9118-7000-45FF-A592-35B82BF1232A}
2012-06-10 10:30 - 2012-06-10 10:31 - 00000000 ____D C:\Users\signius\AppData\Local\{1A4E9118-7000-45FF-A592-35B82BF1232A}
2012-06-10 10:30 - 2012-06-10 10:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F582B103-DBAF-4599-A050-025E3CB13E32}
2012-06-10 10:30 - 2012-06-10 10:30 - 00000000 ____D C:\Users\signius\Local Settings\{F582B103-DBAF-4599-A050-025E3CB13E32}
2012-06-10 10:30 - 2012-06-10 10:30 - 00000000 ____D C:\Users\signius\AppData\Local\{F582B103-DBAF-4599-A050-025E3CB13E32}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F6A3E0C5-020C-4A82-BCB6-9EBFD80BECC8}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9EDD74A7-0A3B-4216-B198-617DE2C64D22}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\Local Settings\{F6A3E0C5-020C-4A82-BCB6-9EBFD80BECC8}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\Local Settings\{9EDD74A7-0A3B-4216-B198-617DE2C64D22}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\AppData\Local\{F6A3E0C5-020C-4A82-BCB6-9EBFD80BECC8}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\AppData\Local\{9EDD74A7-0A3B-4216-B198-617DE2C64D22}
2012-06-09 10:30 - 2012-06-09 10:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9C83F97D-537B-4E80-8196-294F73312E3D}
2012-06-09 10:30 - 2012-06-09 10:30 - 00000000 ____D C:\Users\signius\Local Settings\{9C83F97D-537B-4E80-8196-294F73312E3D}
2012-06-09 10:30 - 2012-06-09 10:30 - 00000000 ____D C:\Users\signius\AppData\Local\{9C83F97D-537B-4E80-8196-294F73312E3D}
2012-06-08 22:30 - 2012-06-08 22:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{5D520DA5-94AE-4DAA-A7C1-9A1D795C4246}
2012-06-08 22:30 - 2012-06-08 22:30 - 00000000 ____D C:\Users\signius\Local Settings\{5D520DA5-94AE-4DAA-A7C1-9A1D795C4246}
2012-06-08 22:30 - 2012-06-08 22:30 - 00000000 ____D C:\Users\signius\AppData\Local\{5D520DA5-94AE-4DAA-A7C1-9A1D795C4246}
2012-06-08 08:39 - 2012-06-08 08:39 - 00301834 ____A C:\Users\signius\Downloads\201206081345.pdf
2012-06-08 03:36 - 2012-06-08 03:36 - 00118874 ____A C:\Users\signius\Downloads\Generic_Intern_Employment_2013.pdf
2012-06-08 03:20 - 2012-06-08 03:20 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3C23D317-8F63-4D8E-A587-3147D1874587}
2012-06-08 03:20 - 2012-06-08 03:20 - 00000000 ____D C:\Users\signius\Local Settings\{3C23D317-8F63-4D8E-A587-3147D1874587}
2012-06-08 03:20 - 2012-06-08 03:20 - 00000000 ____D C:\Users\signius\AppData\Local\{3C23D317-8F63-4D8E-A587-3147D1874587}
2012-06-08 03:19 - 2012-06-08 03:20 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C182A238-93FC-4836-8F50-70E30B17B31D}
2012-06-08 03:19 - 2012-06-08 03:20 - 00000000 ____D C:\Users\signius\Local Settings\{C182A238-93FC-4836-8F50-70E30B17B31D}
2012-06-08 03:19 - 2012-06-08 03:20 - 00000000 ____D C:\Users\signius\AppData\Local\{C182A238-93FC-4836-8F50-70E30B17B31D}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7E2EE6C7-21C4-42F3-B914-743B0072BF32}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{30E4CA17-E192-4E42-8CA7-4452F261DA7B}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\Local Settings\{7E2EE6C7-21C4-42F3-B914-743B0072BF32}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\Local Settings\{30E4CA17-E192-4E42-8CA7-4452F261DA7B}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\AppData\Local\{7E2EE6C7-21C4-42F3-B914-743B0072BF32}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\AppData\Local\{30E4CA17-E192-4E42-8CA7-4452F261DA7B}
2012-06-07 13:07 - 2012-06-07 13:07 - 00053138 ____A C:\Users\signius\Downloads\Intern_Match_-_Important_Dates_FINAL_2012_v2.pdf
2012-06-07 13:07 - 2012-06-07 13:07 - 00053138 ____A C:\Users\signius\Downloads\Intern_Match_-_Important_Dates_FINAL_2012_v2 (1).pdf
2012-06-07 03:19 - 2012-06-07 03:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{CB1A492D-707D-42E7-B37C-51E6575A5082}
2012-06-07 03:19 - 2012-06-07 03:19 - 00000000 ____D C:\Users\signius\Local Settings\{CB1A492D-707D-42E7-B37C-51E6575A5082}
2012-06-07 03:19 - 2012-06-07 03:19 - 00000000 ____D C:\Users\signius\AppData\Local\{CB1A492D-707D-42E7-B37C-51E6575A5082}
2012-06-07 03:18 - 2012-06-07 03:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{10AE30DC-E75C-4D46-A08D-508E73D46021}
2012-06-07 03:18 - 2012-06-07 03:19 - 00000000 ____D C:\Users\signius\Local Settings\{10AE30DC-E75C-4D46-A08D-508E73D46021}
2012-06-07 03:18 - 2012-06-07 03:19 - 00000000 ____D C:\Users\signius\AppData\Local\{10AE30DC-E75C-4D46-A08D-508E73D46021}
2012-06-06 15:18 - 2012-06-06 15:18 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{DC4A11F7-1FDD-4604-AE12-4561F606B30D}
2012-06-06 15:18 - 2012-06-06 15:18 - 00000000 ____D C:\Users\signius\Local Settings\{DC4A11F7-1FDD-4604-AE12-4561F606B30D}
2012-06-06 15:18 - 2012-06-06 15:18 - 00000000 ____D C:\Users\signius\AppData\Local\{DC4A11F7-1FDD-4604-AE12-4561F606B30D}
2012-06-06 03:18 - 2012-06-06 03:18 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B5659D60-8E23-43F0-AC90-905994E8C4F7}
2012-06-06 03:18 - 2012-06-06 03:18 - 00000000 ____D C:\Users\signius\Local Settings\{B5659D60-8E23-43F0-AC90-905994E8C4F7}
2012-06-06 03:18 - 2012-06-06 03:18 - 00000000 ____D C:\Users\signius\AppData\Local\{B5659D60-8E23-43F0-AC90-905994E8C4F7}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3B28D35A-6F6C-4379-8450-8CE1FF6A705A}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{203DF7FD-F5DB-44A7-BCCD-F07E2B9D5ECB}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\Local Settings\{3B28D35A-6F6C-4379-8450-8CE1FF6A705A}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\Local Settings\{203DF7FD-F5DB-44A7-BCCD-F07E2B9D5ECB}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\AppData\Local\{3B28D35A-6F6C-4379-8450-8CE1FF6A705A}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\AppData\Local\{203DF7FD-F5DB-44A7-BCCD-F07E2B9D5ECB}
2012-06-05 00:12 - 2012-06-05 00:15 - 00898872 ____A C:\Users\signius\Downloads\PMCV_-_Intern_Match_Hopsital_Directory_2012_v5.pdf
2012-06-05 00:12 - 2012-06-05 00:13 - 00167992 ____A C:\Users\signius\Downloads\Distribution_of_Positions_&_Parent-Rotation_Hosptials_v3.pdf
2012-06-04 21:51 - 2012-06-04 21:51 - 00210832 ____A C:\Users\signius\Downloads\2013checklistforptapsupportingdocumentation (1).pdf
2012-06-04 12:56 - 2012-06-04 12:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4B76A646-6022-48C9-B357-09A249A54F87}
2012-06-04 12:56 - 2012-06-04 12:56 - 00000000 ____D C:\Users\signius\Local Settings\{4B76A646-6022-48C9-B357-09A249A54F87}
2012-06-04 12:56 - 2012-06-04 12:56 - 00000000 ____D C:\Users\signius\AppData\Local\{4B76A646-6022-48C9-B357-09A249A54F87}
2012-06-04 12:55 - 2012-06-04 12:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{42023310-C170-427B-A0A0-9206485001B3}
2012-06-04 12:55 - 2012-06-04 12:56 - 00000000 ____D C:\Users\signius\Local Settings\{42023310-C170-427B-A0A0-9206485001B3}
2012-06-04 12:55 - 2012-06-04 12:56 - 00000000 ____D C:\Users\signius\AppData\Local\{42023310-C170-427B-A0A0-9206485001B3}
2012-06-04 00:55 - 2012-06-04 00:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4CAFC50A-8D47-4D98-A8AE-E07B260EFB85}
2012-06-04 00:55 - 2012-06-04 00:55 - 00000000 ____D C:\Users\signius\Local Settings\{4CAFC50A-8D47-4D98-A8AE-E07B260EFB85}
2012-06-04 00:55 - 2012-06-04 00:55 - 00000000 ____D C:\Users\signius\AppData\Local\{4CAFC50A-8D47-4D98-A8AE-E07B260EFB85}
2012-06-04 00:54 - 2012-06-04 00:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{686885F6-CE53-46A6-8ABE-8C81A4424EE7}
2012-06-04 00:54 - 2012-06-04 00:55 - 00000000 ____D C:\Users\signius\Local Settings\{686885F6-CE53-46A6-8ABE-8C81A4424EE7}
2012-06-04 00:54 - 2012-06-04 00:55 - 00000000 ____D C:\Users\signius\AppData\Local\{686885F6-CE53-46A6-8ABE-8C81A4424EE7}
2012-06-03 12:54 - 2012-06-03 12:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{72E8B9E1-C5CB-4802-A82E-55D5E3D88568}
2012-06-03 12:54 - 2012-06-03 12:54 - 00000000 ____D C:\Users\signius\Local Settings\{72E8B9E1-C5CB-4802-A82E-55D5E3D88568}
2012-06-03 12:54 - 2012-06-03 12:54 - 00000000 ____D C:\Users\signius\AppData\Local\{72E8B9E1-C5CB-4802-A82E-55D5E3D88568}
2012-06-03 00:54 - 2012-06-03 00:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{DF29DC35-68BC-4105-929B-946140F85E2F}
2012-06-03 00:54 - 2012-06-03 00:54 - 00000000 ____D C:\Users\signius\Local Settings\{DF29DC35-68BC-4105-929B-946140F85E2F}
2012-06-03 00:54 - 2012-06-03 00:54 - 00000000 ____D C:\Users\signius\AppData\Local\{DF29DC35-68BC-4105-929B-946140F85E2F}
2012-06-02 12:54 - 2012-06-02 12:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{EB2DC676-F736-49E7-B887-52BA1FB7D89F}
2012-06-02 12:54 - 2012-06-02 12:54 - 00000000 ____D C:\Users\signius\Local Settings\{EB2DC676-F736-49E7-B887-52BA1FB7D89F}
2012-06-02 12:54 - 2012-06-02 12:54 - 00000000 ____D C:\Users\signius\AppData\Local\{EB2DC676-F736-49E7-B887-52BA1FB7D89F}
2012-06-02 08:53 - 2012-04-20 22:29 - 08126435 ____A C:\Users\signius\Desktop\rutherglenslides.pdf
2012-06-02 08:50 - 2012-06-02 08:52 - 07943038 ____A C:\Users\signius\Downloads\rutherglenslides.zip
2012-06-02 00:54 - 2012-06-02 00:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9220BB6E-5D00-468B-9836-E153D7A31A87}
2012-06-02 00:54 - 2012-06-02 00:54 - 00000000 ____D C:\Users\signius\Local Settings\{9220BB6E-5D00-468B-9836-E153D7A31A87}
2012-06-02 00:54 - 2012-06-02 00:54 - 00000000 ____D C:\Users\signius\AppData\Local\{9220BB6E-5D00-468B-9836-E153D7A31A87}
2012-06-01 12:54 - 2012-06-01 12:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{D2EEBD27-DC7E-4FEF-88AB-AD7A73D31005}
2012-06-01 12:54 - 2012-06-01 12:54 - 00000000 ____D C:\Users\signius\Local Settings\{D2EEBD27-DC7E-4FEF-88AB-AD7A73D31005}
2012-06-01 12:54 - 2012-06-01 12:54 - 00000000 ____D C:\Users\signius\AppData\Local\{D2EEBD27-DC7E-4FEF-88AB-AD7A73D31005}
2012-06-01 00:55 - 2012-06-01 00:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4B516BCA-5725-4D0C-889A-99EC2FE7556C}
2012-06-01 00:55 - 2012-06-01 00:55 - 00000000 ____D C:\Users\signius\Local Settings\{4B516BCA-5725-4D0C-889A-99EC2FE7556C}
2012-06-01 00:55 - 2012-06-01 00:55 - 00000000 ____D C:\Users\signius\AppData\Local\{4B516BCA-5725-4D0C-889A-99EC2FE7556C}
2012-06-01 00:54 - 2012-06-01 00:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A220D68C-24C9-4BA2-A29D-41B07A1A82BC}
2012-06-01 00:54 - 2012-06-01 00:55 - 00000000 ____D C:\Users\signius\Local Settings\{A220D68C-24C9-4BA2-A29D-41B07A1A82BC}
2012-06-01 00:54 - 2012-06-01 00:55 - 00000000 ____D C:\Users\signius\AppData\Local\{A220D68C-24C9-4BA2-A29D-41B07A1A82BC}
2012-05-30 01:11 - 2012-06-12 08:05 - 00000000 ____D C:\Users\signius\Desktop\Internship Applications
2012-05-29 18:17 - 2012-06-13 21:07 - 00000000 ____D C:\Users\signius\Desktop\Rural
2012-05-28 02:55 - 2012-05-28 02:55 - 00160550 ____A C:\Users\signius\Desktop\SHR exam content info.pdf
2012-05-28 02:55 - 2012-05-28 02:55 - 00098557 ____A C:\Users\signius\Downloads\Student Placements Report, RHM, Rotation 3, 2012.pdf
2012-05-28 02:52 - 2012-05-28 02:52 - 00208171 ____A C:\Users\signius\Downloads\Dookie Campus Site Map.pdf
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B33B3769-280F-4EB6-B220-91AA9E45B92B}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9F4F046C-F7D0-456F-B751-072DC2DA6843}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{B33B3769-280F-4EB6-B220-91AA9E45B92B}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{9F4F046C-F7D0-456F-B751-072DC2DA6843}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{B33B3769-280F-4EB6-B220-91AA9E45B92B}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{9F4F046C-F7D0-456F-B751-072DC2DA6843}
2012-05-26 22:28 - 2012-05-26 22:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{78F52F12-80D0-4546-BE59-5A3E3C694549}
2012-05-26 22:28 - 2012-05-26 22:28 - 00000000 ____D C:\Users\signius\Local Settings\{78F52F12-80D0-4546-BE59-5A3E3C694549}
2012-05-26 22:28 - 2012-05-26 22:28 - 00000000 ____D C:\Users\signius\AppData\Local\{78F52F12-80D0-4546-BE59-5A3E3C694549}
2012-05-26 10:27 - 2012-05-26 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{30220E70-3A4E-4DF4-814D-A79757DE0CD5}
2012-05-26 10:27 - 2012-05-26 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{30220E70-3A4E-4DF4-814D-A79757DE0CD5}
2012-05-26 10:27 - 2012-05-26 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{30220E70-3A4E-4DF4-814D-A79757DE0CD5}
2012-05-26 10:26 - 2012-05-26 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{8D7DDAE5-2C5F-40E4-BAD8-AFFF93EB697D}
2012-05-26 10:26 - 2012-05-26 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{8D7DDAE5-2C5F-40E4-BAD8-AFFF93EB697D}
2012-05-26 10:26 - 2012-05-26 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{8D7DDAE5-2C5F-40E4-BAD8-AFFF93EB697D}
2012-05-25 22:26 - 2012-05-25 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{E3216933-3634-43A7-8051-B1757F009631}
2012-05-25 22:26 - 2012-05-25 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{E3216933-3634-43A7-8051-B1757F009631}
2012-05-25 22:26 - 2012-05-25 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{E3216933-3634-43A7-8051-B1757F009631}
2012-05-25 22:25 - 2012-05-25 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{62212A6D-0473-4372-97EF-5F74C1609262}
2012-05-25 22:25 - 2012-05-25 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{62212A6D-0473-4372-97EF-5F74C1609262}
2012-05-25 22:25 - 2012-05-25 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{62212A6D-0473-4372-97EF-5F74C1609262}
2012-05-25 10:28 - 2012-05-25 10:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A807E90D-D724-44AD-8393-18A16B740633}
2012-05-25 10:28 - 2012-05-25 10:28 - 00000000 ____D C:\Users\signius\Local Settings\{A807E90D-D724-44AD-8393-18A16B740633}
2012-05-25 10:28 - 2012-05-25 10:28 - 00000000 ____D C:\Users\signius\AppData\Local\{A807E90D-D724-44AD-8393-18A16B740633}
2012-05-24 22:28 - 2012-05-24 22:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{69A947BC-3EFD-4A44-8F61-DB46B44AE377}
2012-05-24 22:28 - 2012-05-24 22:28 - 00000000 ____D C:\Users\signius\Local Settings\{69A947BC-3EFD-4A44-8F61-DB46B44AE377}
2012-05-24 22:28 - 2012-05-24 22:28 - 00000000 ____D C:\Users\signius\AppData\Local\{69A947BC-3EFD-4A44-8F61-DB46B44AE377}
2012-05-24 22:27 - 2012-05-24 22:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F80CEAF5-29A7-4F86-97B5-3FA719F382CA}
2012-05-24 22:27 - 2012-05-24 22:28 - 00000000 ____D C:\Users\signius\Local Settings\{F80CEAF5-29A7-4F86-97B5-3FA719F382CA}
2012-05-24 22:27 - 2012-05-24 22:28 - 00000000 ____D C:\Users\signius\AppData\Local\{F80CEAF5-29A7-4F86-97B5-3FA719F382CA}
2012-05-24 19:35 - 2012-05-24 19:36 - 04478976 ____A C:\Users\signius\Downloads\Med students intro to ECG.ppt
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C212E090-51C8-44C6-A81A-FAD016AD0A6D}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A9825DAD-DA54-42F2-B711-95E1CB672271}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{C212E090-51C8-44C6-A81A-FAD016AD0A6D}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{A9825DAD-DA54-42F2-B711-95E1CB672271}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{C212E090-51C8-44C6-A81A-FAD016AD0A6D}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{A9825DAD-DA54-42F2-B711-95E1CB672271}
2012-05-24 00:00 - 2012-05-24 00:00 - 00167311 ____A C:\Users\signius\Downloads\Junior Medical Officer Referee Report .pdf
2012-05-23 23:48 - 2012-05-23 23:48 - 00210832 ____A C:\Users\signius\Downloads\2013checklistforptapsupportingdocumentation.pdf
2012-05-23 23:47 - 2012-05-23 23:47 - 00075865 ____A C:\Users\signius\Downloads\2013keydatesamended1may2012.pdf
2012-05-23 22:26 - 2012-05-23 22:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{2A81BE96-62AA-47D0-926A-56E4A9281102}
2012-05-23 22:26 - 2012-05-23 22:27 - 00000000 ____D C:\Users\signius\Local Settings\{2A81BE96-62AA-47D0-926A-56E4A9281102}
2012-05-23 22:26 - 2012-05-23 22:27 - 00000000 ____D C:\Users\signius\AppData\Local\{2A81BE96-62AA-47D0-926A-56E4A9281102}
2012-05-23 22:26 - 2012-05-23 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{CB6EF408-019D-428E-A06D-CFA85B324F81}
2012-05-23 22:26 - 2012-05-23 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{CB6EF408-019D-428E-A06D-CFA85B324F81}
2012-05-23 22:26 - 2012-05-23 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{CB6EF408-019D-428E-A06D-CFA85B324F81}
2012-05-23 15:39 - 2012-05-23 15:39 - 01374378 ____A C:\Users\signius\Downloads\InternDir2012.pdf
2012-05-23 15:38 - 2012-05-23 15:40 - 06405508 ____A C:\Users\signius\Downloads\intern_residents_guide_2012.pdf
2012-05-23 10:26 - 2012-05-23 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C550C875-2DCB-490C-94F7-07FFAB00FAD6}
2012-05-23 10:26 - 2012-05-23 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{C550C875-2DCB-490C-94F7-07FFAB00FAD6}
2012-05-23 10:26 - 2012-05-23 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{C550C875-2DCB-490C-94F7-07FFAB00FAD6}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F3645AAD-AF55-4D00-9F74-70D6B2231FB1}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{AC28C23C-C859-4EC5-9E38-5AE7EDFA7139}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\Local Settings\{F3645AAD-AF55-4D00-9F74-70D6B2231FB1}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\Local Settings\{AC28C23C-C859-4EC5-9E38-5AE7EDFA7139}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\AppData\Local\{F3645AAD-AF55-4D00-9F74-70D6B2231FB1}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\AppData\Local\{AC28C23C-C859-4EC5-9E38-5AE7EDFA7139}
2012-05-22 10:27 - 2012-05-22 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3D2F5C73-E6FE-4C42-A010-1A51B26135EA}
2012-05-22 10:27 - 2012-05-22 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{3D2F5C73-E6FE-4C42-A010-1A51B26135EA}
2012-05-22 10:27 - 2012-05-22 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{3D2F5C73-E6FE-4C42-A010-1A51B26135EA}
2012-05-22 10:26 - 2012-05-22 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7BFC0256-9EAE-4042-9F92-A366DFD72E9A}
2012-05-22 10:26 - 2012-05-22 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{7BFC0256-9EAE-4042-9F92-A366DFD72E9A}
2012-05-22 10:26 - 2012-05-22 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{7BFC0256-9EAE-4042-9F92-A366DFD72E9A}
2012-05-21 23:48 - 2012-05-21 23:48 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2012-05-21 23:48 - 2012-05-21 23:48 - 00001847 ____A C:\Users\All Users\Desktop\QuickTime Player.lnk
2012-05-21 23:47 - 2012-05-21 23:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-05-21 22:48 - 2012-05-21 22:49 - 00000000 ____D C:\Users\signius\Desktop\Black Lagoon OVA Roberta's Blood Trail
2012-05-21 22:48 - 2012-05-21 22:48 - 00000000 ____D C:\Users\signius\Desktop\Another
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7F19D941-709F-4321-A007-F34023D84CAD}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{386266E3-4E19-46F0-A010-E55AB9A4A00C}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{7F19D941-709F-4321-A007-F34023D84CAD}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{386266E3-4E19-46F0-A010-E55AB9A4A00C}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{7F19D941-709F-4321-A007-F34023D84CAD}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{386266E3-4E19-46F0-A010-E55AB9A4A00C}
2012-05-21 10:26 - 2012-05-21 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7C6F607E-15F2-424D-9DC4-D7A1FF4855A4}
2012-05-21 10:26 - 2012-05-21 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{7C6F607E-15F2-424D-9DC4-D7A1FF4855A4}
2012-05-21 10:26 - 2012-05-21 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{7C6F607E-15F2-424D-9DC4-D7A1FF4855A4}

============ 3 Months Modified Files and Folders =============

2012-06-20 10:50 - 2012-06-20 10:49 - 00000000 ____D C:\FRST
2012-06-19 18:04 - 2011-02-06 20:18 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000UA.job
2012-06-19 18:02 - 2010-12-30 04:18 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2012-06-19 17:41 - 2011-12-23 10:35 - 00000936 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000UA.job
2012-06-19 08:40 - 2011-12-23 10:35 - 00000914 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000Core.job
2012-06-19 08:03 - 2011-02-06 20:18 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000Core.job
2012-06-19 06:11 - 2009-07-13 23:45 - 00013664 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-19 06:11 - 2009-07-13 23:45 - 00013664 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-18 21:49 - 2009-07-14 00:13 - 00736426 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-18 21:37 - 2012-06-12 20:49 - 00001870 ____A C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2012-06-18 21:37 - 2012-06-12 20:49 - 00001870 ____A C:\Users\All Users\Desktop\Ad-Aware Antivirus.lnk
2012-06-18 21:36 - 2012-06-18 21:36 - 00275576 ____A C:\Windows\Minidump\061912-15974-01.dmp
2012-06-18 21:36 - 2012-05-05 03:39 - 00000000 ____D C:\Windows\Minidump
2012-06-18 21:36 - 2012-05-05 03:38 - 313720118 ____A C:\Windows\MEMORY.DMP
2012-06-18 21:36 - 2011-02-05 09:29 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
2012-06-18 21:36 - 2011-02-05 09:29 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2012-06-18 21:36 - 2011-02-05 09:29 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2012-06-18 21:36 - 2011-02-05 09:29 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2012-06-18 21:36 - 2011-02-05 09:29 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2012-06-18 21:36 - 2011-02-05 09:29 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2012-06-18 21:36 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-18 21:36 - 2009-07-13 23:51 - 00058971 ____A C:\Windows\setupact.log
2012-06-18 21:27 - 2010-12-30 02:29 - 01935891 ____A C:\Windows\WindowsUpdate.log
2012-06-18 15:05 - 2012-06-18 15:05 - 00275576 ____A C:\Windows\Minidump\061912-17752-01.dmp
2012-06-18 13:32 - 2012-06-18 13:32 - 00275520 ____A C:\Windows\Minidump\061912-16660-01.dmp
2012-06-18 09:07 - 2012-06-18 09:07 - 00271392 ____A C:\Windows\Minidump\061912-42525-01.dmp
2012-06-18 09:05 - 2012-06-18 09:05 - 00271392 ____A C:\Windows\Minidump\061912-44210-01.dmp
2012-06-18 06:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2012-06-18 05:59 - 2010-12-30 04:03 - 00000000 ____D C:\Users\All Users\Sonic
2012-06-18 05:59 - 2010-12-30 04:03 - 00000000 ____D C:\Users\All Users\Application Data\Sonic
2012-06-18 05:04 - 2012-06-18 05:04 - 00275576 ____A C:\Windows\Minidump\061812-15958-01.dmp
2012-06-18 05:02 - 2012-06-18 05:02 - 00275576 ____A C:\Windows\Minidump\061812-15553-01.dmp
2012-06-18 05:00 - 2012-06-18 05:00 - 00000000 ____A C:\Windows\Minidump\061812-14757-01.dmp
2012-06-18 04:58 - 2012-06-18 04:58 - 00000000 ____A C:\Windows\Minidump\061812-14742-01.dmp
2012-06-18 04:57 - 2012-06-18 04:57 - 00000000 ____A C:\Windows\Minidump\061812-15771-01.dmp
2012-06-18 04:56 - 2012-06-18 04:56 - 00000000 ____A C:\Windows\Minidump\061812-14976-01.dmp
2012-06-18 03:48 - 2012-06-18 03:48 - 00272512 ____A C:\Windows\Minidump\061812-62852-01.dmp
2012-06-18 03:48 - 2009-07-13 23:45 - 00487488 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-18 03:45 - 2010-12-30 03:46 - 00048828 ____A C:\Windows\PFRO.log
2012-06-18 03:32 - 2011-10-18 00:57 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-06-18 03:32 - 2011-10-18 00:57 - 00000000 ____D C:\Users\All Users\Application Data\Microsoft Help
2012-06-17 23:55 - 2012-06-17 23:55 - 00275520 ____A C:\Windows\Minidump\061812-51074-01.dmp
2012-06-17 23:12 - 2009-07-13 21:34 - 00000478 ____A C:\Windows\win.ini
2012-06-17 19:13 - 2011-02-10 02:25 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-17 18:19 - 2012-06-17 18:19 - 00275576 ____A C:\Windows\Minidump\061812-15132-01.dmp
2012-06-17 18:19 - 2012-06-17 18:19 - 00000000 ____A C:\Windows\Minidump\061812-15147-01.dmp
2012-06-17 18:18 - 2012-06-17 18:18 - 00000000 ____A C:\Windows\Minidump\061812-14991-02.dmp
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default\Local Settings\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default User\Local Settings\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\Microsoft Help
2012-06-17 16:12 - 2012-06-17 16:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2012-06-17 14:54 - 2012-06-17 14:54 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-17 13:08 - 2012-06-17 13:08 - 00271392 ____A C:\Windows\Minidump\061812-14383-01.dmp
2012-06-17 13:00 - 2012-06-17 13:00 - 00275576 ____A C:\Windows\Minidump\061812-13525-01.dmp
2012-06-17 12:59 - 2012-06-17 12:59 - 00000000 ____A C:\Windows\Minidump\061812-23197-01.dmp
2012-06-17 12:58 - 2012-06-17 12:58 - 00000000 ____A C:\Windows\Minidump\061812-13962-01.dmp
2012-06-17 12:39 - 2012-06-17 12:39 - 00275576 ____A C:\Windows\Minidump\061812-13572-01.dmp
2012-06-17 12:39 - 2012-06-17 12:39 - 00000000 ____A C:\Windows\Minidump\061812-14040-01.dmp
2012-06-17 11:24 - 2012-06-17 11:24 - 00027807 ____A C:\ComboFix.txt
2012-06-17 11:24 - 2012-06-17 01:40 - 00000000 ___AD C:\Qoobox
2012-06-17 09:33 - 2009-07-13 21:34 - 00000215 ____A C:\Windows\system.ini
2012-06-17 09:32 - 2009-07-13 21:34 - 00000027 ____A C:\Windows\System32\Drivers\etc\hosts
2012-06-17 09:31 - 2012-06-17 09:31 - 00271392 ____A C:\Windows\Minidump\061812-18033-01.dmp
2012-06-17 09:31 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\config\TxR
2012-06-17 07:45 - 2012-06-17 01:34 - 00000948 ____A C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
2012-06-17 07:21 - 2012-06-17 07:21 - 00271392 ____A C:\Windows\Minidump\061712-17331-01.dmp
2012-06-17 06:59 - 2012-06-17 06:59 - 00001738 ____A C:\Windows\SysWOW64\EmailAVConfig.xml
2012-06-17 06:59 - 2012-06-17 06:59 - 00001188 ____A C:\Windows\SysWOW64\ServiceConfig.xml
2012-06-17 06:59 - 2012-06-17 06:59 - 00000438 ____A C:\Windows\SysWOW64\WSCConfig.xml
2012-06-17 06:03 - 2012-06-17 06:03 - 00275576 ____A C:\Windows\Minidump\061712-15678-01.dmp
2012-06-17 05:48 - 2012-06-17 05:48 - 00316208 ____A C:\Windows\Minidump\061712-15381-01.dmp
2012-06-17 05:47 - 2012-06-17 05:47 - 00000000 ____A C:\Windows\Minidump\061712-15974-01.dmp
2012-06-17 05:40 - 2012-06-17 05:40 - 00271392 ____A C:\Windows\Minidump\061712-16255-01.dmp
2012-06-17 05:39 - 2012-06-17 05:39 - 00000000 ____A C:\Windows\Minidump\061712-15600-01.dmp
2012-06-17 05:39 - 2012-06-17 05:39 - 00000000 ____A C:\Windows\Minidump\061712-15288-01.dmp
2012-06-17 05:38 - 2012-06-17 05:38 - 00000000 ____A C:\Windows\Minidump\061712-15724-01.dmp
2012-06-17 05:19 - 2012-06-17 05:18 - 00271392 ____A C:\Windows\Minidump\061712-15256-01.dmp
2012-06-17 05:10 - 2012-06-17 05:10 - 00275576 ____A C:\Windows\Minidump\061712-16411-01.dmp
2012-06-17 05:03 - 2012-06-17 05:03 - 00275576 ____A C:\Windows\Minidump\061712-16005-01.dmp
2012-06-17 03:44 - 2012-06-16 14:26 - 00000000 ____D C:\Users\signius\Desktop\BC
2012-06-17 03:39 - 2012-06-17 01:41 - 00000000 ____D C:\Windows\erdnt
2012-06-17 03:33 - 2012-06-17 03:33 - 00275576 ____A C:\Windows\Minidump\061712-16052-01.dmp
2012-06-17 01:24 - 2012-06-17 01:44 - 04560591 ____R (Swearware) C:\Users\signius\Desktop\ComboFix.exe
2012-06-17 01:08 - 2011-02-06 04:50 - 00000000 ____D C:\Program Files\Starcraft
2012-06-16 20:56 - 2012-06-16 20:56 - 00100864 ____A (GMER) C:\pftirfog.sys
2012-06-16 15:22 - 2012-06-16 15:22 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B74DFBCB-9CB3-48AD-ACA2-0C826B4FBF56}
2012-06-16 15:22 - 2012-06-16 15:22 - 00000000 ____D C:\Users\signius\Local Settings\{B74DFBCB-9CB3-48AD-ACA2-0C826B4FBF56}
2012-06-16 15:22 - 2012-06-16 15:22 - 00000000 ____D C:\Users\signius\AppData\Local\{B74DFBCB-9CB3-48AD-ACA2-0C826B4FBF56}
2012-06-16 14:37 - 2012-06-16 14:37 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4CA12EB5-7865-4C66-81B2-9F7FFAB5421A}
2012-06-16 14:37 - 2012-06-16 14:37 - 00000000 ____D C:\Users\signius\Local Settings\{4CA12EB5-7865-4C66-81B2-9F7FFAB5421A}
2012-06-16 14:37 - 2012-06-16 14:37 - 00000000 ____D C:\Users\signius\AppData\Local\{4CA12EB5-7865-4C66-81B2-9F7FFAB5421A}
2012-06-16 14:17 - 2012-06-16 14:17 - 00000578 ____A C:\Users\signius\Downloads\defogger_disable.log
2012-06-16 14:17 - 2012-06-16 14:17 - 00000188 ____A C:\Users\signius\defogger_reenable
2012-06-16 14:17 - 2011-02-05 09:27 - 00000000 ____D C:\users\signius
2012-06-16 13:40 - 2012-06-16 13:40 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{663C5A25-A7B4-4E14-B5D7-6B48762937B7}
2012-06-16 13:40 - 2012-06-16 13:40 - 00000000 ____D C:\Users\signius\Local Settings\{663C5A25-A7B4-4E14-B5D7-6B48762937B7}
2012-06-16 13:40 - 2012-06-16 13:40 - 00000000 ____D C:\Users\signius\AppData\Local\{663C5A25-A7B4-4E14-B5D7-6B48762937B7}
2012-06-15 08:44 - 2012-06-15 08:43 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C6D720FC-0CC7-4695-BDA2-EC1647661C2E}
2012-06-15 08:44 - 2012-06-15 08:43 - 00000000 ____D C:\Users\signius\Local Settings\{C6D720FC-0CC7-4695-BDA2-EC1647661C2E}
2012-06-15 08:44 - 2012-06-15 08:43 - 00000000 ____D C:\Users\signius\AppData\Local\{C6D720FC-0CC7-4695-BDA2-EC1647661C2E}
2012-06-15 08:39 - 2012-06-15 08:38 - 00001866 ____A C:\Users\signius\Downloads\SuperDAT.log
2012-06-15 03:41 - 2012-06-15 02:42 - 114787289 ____A C:\Users\signius\Downloads\avvepo6742dat.zip
2012-06-15 03:39 - 2012-06-15 02:42 - 103322544 ____A (McAfee, Inc.) C:\Users\signius\Downloads\6742xdat.exe
2012-06-15 02:48 - 2011-02-13 06:06 - 00000000 ____D C:\Program Files (x86)\JDownloader
2012-06-15 01:43 - 2012-06-15 01:43 - 00475712 ____A (McAfee, Inc.) C:\Users\signius\Downloads\rootkitremover.exe
2012-06-15 01:43 - 2011-02-05 15:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-06-15 01:08 - 2012-06-15 01:08 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-15 00:44 - 2012-06-15 00:43 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7653F41F-FE17-46EA-9F20-6831F52D6F10}
2012-06-15 00:44 - 2012-06-15 00:43 - 00000000 ____D C:\Users\signius\Local Settings\{7653F41F-FE17-46EA-9F20-6831F52D6F10}
2012-06-15 00:44 - 2012-06-15 00:43 - 00000000 ____D C:\Users\signius\AppData\Local\{7653F41F-FE17-46EA-9F20-6831F52D6F10}
2012-06-15 00:29 - 2012-06-15 00:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{5D2518E5-AB4D-4A32-A8B5-3C053D9C7B31}
2012-06-15 00:29 - 2012-06-15 00:28 - 00000000 ____D C:\Users\signius\Local Settings\{5D2518E5-AB4D-4A32-A8B5-3C053D9C7B31}
2012-06-15 00:29 - 2012-06-15 00:28 - 00000000 ____D C:\Users\signius\AppData\Local\{5D2518E5-AB4D-4A32-A8B5-3C053D9C7B31}
2012-06-14 08:40 - 2012-03-18 16:23 - 00000000 ____D C:\Users\signius\Desktop\RAPP
2012-06-14 08:40 - 2011-02-23 14:56 - 00000000 ____D C:\Users\signius\Local Settings\Windows Live
2012-06-14 08:40 - 2011-02-23 14:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\Windows Live
2012-06-14 08:40 - 2011-02-23 14:56 - 00000000 ____D C:\Users\signius\AppData\Local\Windows Live
2012-06-14 08:34 - 2012-06-14 08:33 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{FCC2029A-6E99-4EDC-BDAC-466C921BA100}
2012-06-14 08:34 - 2012-06-14 08:33 - 00000000 ____D C:\Users\signius\Local Settings\{FCC2029A-6E99-4EDC-BDAC-466C921BA100}
2012-06-14 08:34 - 2012-06-14 08:33 - 00000000 ____D C:\Users\signius\AppData\Local\{FCC2029A-6E99-4EDC-BDAC-466C921BA100}
2012-06-14 08:33 - 2012-06-14 08:32 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{217F0525-347E-4FDA-B748-BB837F232BD6}
2012-06-14 08:33 - 2012-06-14 08:32 - 00000000 ____D C:\Users\signius\Local Settings\{217F0525-347E-4FDA-B748-BB837F232BD6}
2012-06-14 08:33 - 2012-06-14 08:32 - 00000000 ____D C:\Users\signius\AppData\Local\{217F0525-347E-4FDA-B748-BB837F232BD6}
2012-06-14 02:26 - 2012-06-12 20:48 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2012-06-14 02:24 - 2012-06-14 02:24 - 00000165 ___AH C:\Users\signius\Downloads\~$Kyabram 11am.pptx
2012-06-13 21:16 - 2012-06-13 21:15 - 02428464 ____A C:\Users\signius\Downloads\Kyabram 11am.pptx
2012-06-13 21:07 - 2012-05-29 18:17 - 00000000 ____D C:\Users\signius\Desktop\Rural
2012-06-13 20:31 - 2012-06-13 20:31 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9157CCF5-5718-44C3-B258-012F55C89B57}
2012-06-13 20:31 - 2012-06-13 20:31 - 00000000 ____D C:\Users\signius\Local Settings\{9157CCF5-5718-44C3-B258-012F55C89B57}
2012-06-13 20:31 - 2012-06-13 20:31 - 00000000 ____D C:\Users\signius\AppData\Local\{9157CCF5-5718-44C3-B258-012F55C89B57}
2012-06-13 20:31 - 2012-06-13 08:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{031985B1-8969-44B5-B46A-71920CB0B4A8}
2012-06-13 20:31 - 2012-06-13 08:30 - 00000000 ____D C:\Users\signius\Local Settings\{031985B1-8969-44B5-B46A-71920CB0B4A8}
2012-06-13 20:31 - 2012-06-13 08:30 - 00000000 ____D C:\Users\signius\AppData\Local\{031985B1-8969-44B5-B46A-71920CB0B4A8}
2012-06-13 20:06 - 2012-06-13 20:06 - 00273466 ____A C:\Users\signius\Downloads\Survey_25983077[1].pdf
2012-06-13 20:06 - 2012-06-13 20:06 - 00109163 ____A C:\Users\signius\Downloads\Survey MonkeyResults32responses.pptx
2012-06-13 20:06 - 2012-06-13 20:06 - 00096165 ____A C:\Users\signius\Downloads\CaHM Survey Monkey Results-.pptx
2012-06-12 23:25 - 2012-06-12 12:54 - 00367394 ____A C:\Users\signius\Downloads\Kyabram.pptx
2012-06-12 22:09 - 2012-06-12 22:09 - 00002158 ____A C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
2012-06-12 22:09 - 2012-06-12 22:09 - 00002158 ____A C:\Users\All Users\Desktop\McAfee Virtual Technician.lnk
2012-06-12 22:09 - 2012-06-12 22:09 - 00000000 ____D C:\Users\signius\Application Data\McAfee
2012-06-12 22:09 - 2012-06-12 22:09 - 00000000 ____D C:\Users\signius\AppData\Roaming\McAfee
2012-06-12 22:07 - 2012-06-12 14:47 - 00000000 ____D C:\Users\signius\Application Data\Ad-Aware Antivirus
2012-06-12 22:07 - 2012-06-12 14:47 - 00000000 ____D C:\Users\signius\AppData\Roaming\Ad-Aware Antivirus
2012-06-12 22:07 - 2010-12-30 03:54 - 00000000 ____D C:\Users\All Users\McAfee
2012-06-12 22:07 - 2010-12-30 03:54 - 00000000 ____D C:\Users\All Users\Application Data\McAfee
2012-06-12 22:07 - 2010-12-30 03:54 - 00000000 ____D C:\Program Files (x86)\McAfee
2012-06-12 22:04 - 2012-06-12 22:04 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-12 22:04 - 2012-06-12 22:04 - 00001115 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-12 22:04 - 2012-06-12 22:04 - 00000000 ____D C:\Users\signius\Application Data\Malwarebytes
2012-06-12 22:04 - 2012-06-12 22:04 - 00000000 ____D C:\Users\signius\AppData\Roaming\Malwarebytes
2012-06-12 22:04 - 2012-06-12 22:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-12 22:03 - 2012-06-12 22:03 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-12 22:03 - 2012-06-12 22:03 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-06-12 22:01 - 2012-06-12 22:00 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\signius\Downloads\mbam-setup-1.61.0.1400.exe
2012-06-12 22:01 - 2012-06-12 22:00 - 00526800 ____A (McAfee, Inc.) C:\Users\signius\Downloads\MVTInstaller.exe
2012-06-12 21:59 - 2012-06-12 21:57 - 09508968 ____A (McAfee Inc.) C:\Users\signius\Downloads\stinger.exe
2012-06-12 21:49 - 2012-06-12 21:47 - 06236280 ____A (Lavasoft Limited) C:\Users\signius\Downloads\Adaware_Installer (1).exe
2012-06-12 21:37 - 2012-06-12 21:37 - 01606656 ____A C:\Users\signius\Downloads\SteamInstall (1).msi
2012-06-12 21:21 - 2012-06-12 20:49 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\adaware
2012-06-12 21:21 - 2012-06-12 20:49 - 00000000 ____D C:\Users\signius\Local Settings\adaware
2012-06-12 21:21 - 2012-06-12 20:49 - 00000000 ____D C:\Users\signius\AppData\Local\adaware
2012-06-12 20:49 - 2012-06-12 20:49 - 00000012 ____A C:\Users\signius\Downloads\FSSC.dat
2012-06-12 20:49 - 2012-06-12 20:49 - 00000000 ____D C:\Users\All Users\Application Data\Ad-Aware Browsing Protection
2012-06-12 20:49 - 2012-06-12 20:49 - 00000000 ____D C:\Users\All Users\Ad-Aware Browsing Protection
2012-06-12 20:48 - 2012-06-12 20:48 - 00000000 ____D C:\Users\All Users\Lavasoft
2012-06-12 20:48 - 2012-06-12 20:48 - 00000000 ____D C:\Users\All Users\Application Data\Lavasoft
2012-06-12 20:30 - 2012-06-12 20:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3A850951-C907-45E4-976A-6EFEE4F27466}
2012-06-12 20:30 - 2012-06-12 20:30 - 00000000 ____D C:\Users\signius\Local Settings\{3A850951-C907-45E4-976A-6EFEE4F27466}
2012-06-12 20:30 - 2012-06-12 20:30 - 00000000 ____D C:\Users\signius\AppData\Local\{3A850951-C907-45E4-976A-6EFEE4F27466}
2012-06-12 20:30 - 2012-06-12 20:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{883C3AFB-7763-46CF-BCD4-BE6845B52BD7}
2012-06-12 20:30 - 2012-06-12 20:28 - 00000000 ____D C:\Users\signius\Local Settings\{883C3AFB-7763-46CF-BCD4-BE6845B52BD7}
2012-06-12 20:30 - 2012-06-12 20:28 - 00000000 ____D C:\Users\signius\AppData\Local\{883C3AFB-7763-46CF-BCD4-BE6845B52BD7}
2012-06-12 20:00 - 2012-05-14 00:55 - 00000000 ____D C:\Users\signius\Application Data\mIRC
2012-06-12 20:00 - 2012-05-14 00:55 - 00000000 ____D C:\Users\signius\AppData\Roaming\mIRC
2012-06-12 15:21 - 2012-06-12 14:55 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-06-12 15:21 - 2012-06-12 14:55 - 00000000 ____D C:\Users\All Users\Application Data\Spybot - Search & Destroy
2012-06-12 15:07 - 2009-07-13 21:34 - 00442937 ___RA C:\Windows\System32\Drivers\etc\hosts.20120615-160835.backup
2012-06-12 15:04 - 2012-06-12 15:07 - 00442937 ____A C:\Windows\System32\Drivers\etc\hosts.20120613-060721.backup
2012-06-12 14:57 - 2012-06-12 14:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-12 14:55 - 2012-06-12 14:55 - 00001264 ____A C:\Users\signius\Desktop\Spybot - Search & Destroy.lnk
2012-06-12 14:52 - 2012-06-12 14:51 - 16409960 ____A (Safer Networking Limited ) C:\Users\signius\Downloads\spybotsd162.exe
2012-06-12 14:50 - 2012-06-12 13:42 - 00000000 ____D C:\sh4ldr
2012-06-12 14:50 - 2012-06-12 13:41 - 00000000 ____D C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-12 14:46 - 2012-06-12 14:46 - 06236280 ____A (Lavasoft Limited) C:\Users\signius\Downloads\Adaware_Installer.exe
2012-06-12 14:32 - 2012-06-12 14:32 - 00000000 ____D C:\Windows\AutoKMS
2012-06-12 14:20 - 2012-06-12 14:15 - 17957111 ____A C:\Users\signius\Downloads\OTK2010V223.zip
2012-06-12 13:42 - 2012-06-12 13:42 - 00000000 ____D C:\Program Files\Enigma Software Group
2012-06-12 13:42 - 2011-02-05 09:27 - 00131816 ____A C:\Users\signius\Local Settings\GDIPFONTCACHEV1.DAT
2012-06-12 13:42 - 2011-02-05 09:27 - 00131816 ____A C:\Users\signius\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-06-12 13:42 - 2011-02-05 09:27 - 00131816 ____A C:\Users\signius\AppData\Local\GDIPFONTCACHEV1.DAT
2012-06-12 13:38 - 2012-06-12 13:38 - 00725408 ____A (Enigma Software Group USA, LLC.) C:\Users\signius\Downloads\SpyHunter-Installer.exe
2012-06-12 13:27 - 2012-06-12 13:27 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-12 13:27 - 2012-06-12 13:27 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-12 13:27 - 2012-06-12 13:27 - 00000000 ____D C:\Windows\System32\Macromed
2012-06-12 13:09 - 2011-02-16 07:33 - 00000000 ____D C:\Users\signius\Application Data\SoftGrid Client
2012-06-12 13:09 - 2011-02-16 07:33 - 00000000 ____D C:\Users\signius\AppData\Roaming\SoftGrid Client
2012-06-12 13:04 - 2010-12-30 04:25 - 00000000 ____D C:\Windows\ShellNew
2012-06-12 13:03 - 2010-12-30 03:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2012-06-12 13:01 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2012-06-12 13:00 - 2012-06-12 13:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2012-06-12 11:51 - 2012-06-12 11:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{BC8BFE13-BB89-44A0-A91E-C3D8ABC36F67}
2012-06-12 11:51 - 2012-06-12 11:51 - 00000000 ____D C:\Users\signius\Local Settings\{BC8BFE13-BB89-44A0-A91E-C3D8ABC36F67}
2012-06-12 11:51 - 2012-06-12 11:51 - 00000000 ____D C:\Users\signius\AppData\Local\{BC8BFE13-BB89-44A0-A91E-C3D8ABC36F67}
2012-06-12 08:05 - 2012-05-30 01:11 - 00000000 ____D C:\Users\signius\Desktop\Internship Applications
2012-06-12 01:13 - 2011-04-28 06:47 - 00000000 ____D C:\Users\signius\Downloads\???ED??????????/supercell
2012-06-11 23:51 - 2012-06-11 23:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{5AD3154E-41D5-43DD-A086-DD6144D2BBC7}
2012-06-11 23:51 - 2012-06-11 23:51 - 00000000 ____D C:\Users\signius\Local Settings\{5AD3154E-41D5-43DD-A086-DD6144D2BBC7}
2012-06-11 23:51 - 2012-06-11 23:51 - 00000000 ____D C:\Users\signius\AppData\Local\{5AD3154E-41D5-43DD-A086-DD6144D2BBC7}
2012-06-11 11:51 - 2012-06-11 11:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{68DF11AD-F672-4C7F-A97E-E847B133117F}
2012-06-11 11:51 - 2012-06-11 11:51 - 00000000 ____D C:\Users\signius\Local Settings\{68DF11AD-F672-4C7F-A97E-E847B133117F}
2012-06-11 11:51 - 2012-06-11 11:51 - 00000000 ____D C:\Users\signius\AppData\Local\{68DF11AD-F672-4C7F-A97E-E847B133117F}
2012-06-11 11:51 - 2012-06-11 11:50 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{18B9AA2F-BA60-4169-B1E0-F8EE4F2A8868}
2012-06-11 11:51 - 2012-06-11 11:50 - 00000000 ____D C:\Users\signius\Local Settings\{18B9AA2F-BA60-4169-B1E0-F8EE4F2A8868}
2012-06-11 11:51 - 2012-06-11 11:50 - 00000000 ____D C:\Users\signius\AppData\Local\{18B9AA2F-BA60-4169-B1E0-F8EE4F2A8868}
2012-06-11 09:53 - 2012-06-10 11:09 - 325376750 ____A C:\Users\signius\Downloads\Day[9] Daily #472 P1 - Stephano's Fast Max ZvP(HD_720_quality).m4v
2012-06-11 02:24 - 2012-06-10 11:09 - 357931615 ____A C:\Users\signius\Downloads\Day[9] Daily #472 P3 - Stephano's Fast Max ZvP(HD_720_quality).m4v
2012-06-11 01:53 - 2012-06-10 11:09 - 366866202 ____A C:\Users\signius\Downloads\Day[9] Daily #472 P2 - Stephano's Fast Max ZvP(HD_720_quality).m4v
2012-06-10 23:50 - 2012-06-10 23:50 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9BA3CFBE-7B25-4298-B97C-F0631D85F38F}
2012-06-10 23:50 - 2012-06-10 23:50 - 00000000 ____D C:\Users\signius\Local Settings\{9BA3CFBE-7B25-4298-B97C-F0631D85F38F}
2012-06-10 23:50 - 2012-06-10 23:50 - 00000000 ____D C:\Users\signius\AppData\Local\{9BA3CFBE-7B25-4298-B97C-F0631D85F38F}
2012-06-10 23:50 - 2012-06-10 23:49 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{D3601FA7-5B42-44F6-9524-7D4129046809}
2012-06-10 23:50 - 2012-06-10 23:49 - 00000000 ____D C:\Users\signius\Local Settings\{D3601FA7-5B42-44F6-9524-7D4129046809}
2012-06-10 23:50 - 2012-06-10 23:49 - 00000000 ____D C:\Users\signius\AppData\Local\{D3601FA7-5B42-44F6-9524-7D4129046809}
2012-06-10 10:31 - 2012-06-10 10:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{1A4E9118-7000-45FF-A592-35B82BF1232A}
2012-06-10 10:31 - 2012-06-10 10:30 - 00000000 ____D C:\Users\signius\Local Settings\{1A4E9118-7000-45FF-A592-35B82BF1232A}
2012-06-10 10:31 - 2012-06-10 10:30 - 00000000 ____D C:\Users\signius\AppData\Local\{1A4E9118-7000-45FF-A592-35B82BF1232A}
2012-06-10 10:30 - 2012-06-10 10:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F582B103-DBAF-4599-A050-025E3CB13E32}
2012-06-10 10:30 - 2012-06-10 10:30 - 00000000 ____D C:\Users\signius\Local Settings\{F582B103-DBAF-4599-A050-025E3CB13E32}
2012-06-10 10:30 - 2012-06-10 10:30 - 00000000 ____D C:\Users\signius\AppData\Local\{F582B103-DBAF-4599-A050-025E3CB13E32}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F6A3E0C5-020C-4A82-BCB6-9EBFD80BECC8}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9EDD74A7-0A3B-4216-B198-617DE2C64D22}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\Local Settings\{F6A3E0C5-020C-4A82-BCB6-9EBFD80BECC8}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\Local Settings\{9EDD74A7-0A3B-4216-B198-617DE2C64D22}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\AppData\Local\{F6A3E0C5-020C-4A82-BCB6-9EBFD80BECC8}
2012-06-09 22:30 - 2012-06-09 22:30 - 00000000 ____D C:\Users\signius\AppData\Local\{9EDD74A7-0A3B-4216-B198-617DE2C64D22}
2012-06-09 10:30 - 2012-06-09 10:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9C83F97D-537B-4E80-8196-294F73312E3D}
2012-06-09 10:30 - 2012-06-09 10:30 - 00000000 ____D C:\Users\signius\Local Settings\{9C83F97D-537B-4E80-8196-294F73312E3D}
2012-06-09 10:30 - 2012-06-09 10:30 - 00000000 ____D C:\Users\signius\AppData\Local\{9C83F97D-537B-4E80-8196-294F73312E3D}
2012-06-08 22:30 - 2012-06-08 22:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{5D520DA5-94AE-4DAA-A7C1-9A1D795C4246}
2012-06-08 22:30 - 2012-06-08 22:30 - 00000000 ____D C:\Users\signius\Local Settings\{5D520DA5-94AE-4DAA-A7C1-9A1D795C4246}
2012-06-08 22:30 - 2012-06-08 22:30 - 00000000 ____D C:\Users\signius\AppData\Local\{5D520DA5-94AE-4DAA-A7C1-9A1D795C4246}
2012-06-08 08:39 - 2012-06-08 08:39 - 00301834 ____A C:\Users\signius\Downloads\201206081345.pdf
2012-06-08 03:36 - 2012-06-08 03:36 - 00118874 ____A C:\Users\signius\Downloads\Generic_Intern_Employment_2013.pdf
2012-06-08 03:20 - 2012-06-08 03:20 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3C23D317-8F63-4D8E-A587-3147D1874587}
2012-06-08 03:20 - 2012-06-08 03:20 - 00000000 ____D C:\Users\signius\Local Settings\{3C23D317-8F63-4D8E-A587-3147D1874587}
2012-06-08 03:20 - 2012-06-08 03:20 - 00000000 ____D C:\Users\signius\AppData\Local\{3C23D317-8F63-4D8E-A587-3147D1874587}
2012-06-08 03:20 - 2012-06-08 03:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C182A238-93FC-4836-8F50-70E30B17B31D}
2012-06-08 03:20 - 2012-06-08 03:19 - 00000000 ____D C:\Users\signius\Local Settings\{C182A238-93FC-4836-8F50-70E30B17B31D}
2012-06-08 03:20 - 2012-06-08 03:19 - 00000000 ____D C:\Users\signius\AppData\Local\{C182A238-93FC-4836-8F50-70E30B17B31D}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7E2EE6C7-21C4-42F3-B914-743B0072BF32}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{30E4CA17-E192-4E42-8CA7-4452F261DA7B}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\Local Settings\{7E2EE6C7-21C4-42F3-B914-743B0072BF32}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\Local Settings\{30E4CA17-E192-4E42-8CA7-4452F261DA7B}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\AppData\Local\{7E2EE6C7-21C4-42F3-B914-743B0072BF32}
2012-06-07 15:19 - 2012-06-07 15:19 - 00000000 ____D C:\Users\signius\AppData\Local\{30E4CA17-E192-4E42-8CA7-4452F261DA7B}
2012-06-07 13:07 - 2012-06-07 13:07 - 00053138 ____A C:\Users\signius\Downloads\Intern_Match_-_Important_Dates_FINAL_2012_v2.pdf
2012-06-07 13:07 - 2012-06-07 13:07 - 00053138 ____A C:\Users\signius\Downloads\Intern_Match_-_Important_Dates_FINAL_2012_v2 (1).pdf
2012-06-07 10:37 - 2012-04-27 09:45 - 00165694 ____A C:\Users\signius\Downloads\DotA Calc Dropdown.xlsx
2012-06-07 03:19 - 2012-06-07 03:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{CB1A492D-707D-42E7-B37C-51E6575A5082}
2012-06-07 03:19 - 2012-06-07 03:19 - 00000000 ____D C:\Users\signius\Local Settings\{CB1A492D-707D-42E7-B37C-51E6575A5082}
2012-06-07 03:19 - 2012-06-07 03:19 - 00000000 ____D C:\Users\signius\AppData\Local\{CB1A492D-707D-42E7-B37C-51E6575A5082}
2012-06-07 03:19 - 2012-06-07 03:18 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{10AE30DC-E75C-4D46-A08D-508E73D46021}
2012-06-07 03:19 - 2012-06-07 03:18 - 00000000 ____D C:\Users\signius\Local Settings\{10AE30DC-E75C-4D46-A08D-508E73D46021}
2012-06-07 03:19 - 2012-06-07 03:18 - 00000000 ____D C:\Users\signius\AppData\Local\{10AE30DC-E75C-4D46-A08D-508E73D46021}
2012-06-06 15:18 - 2012-06-06 15:18 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{DC4A11F7-1FDD-4604-AE12-4561F606B30D}
2012-06-06 15:18 - 2012-06-06 15:18 - 00000000 ____D C:\Users\signius\Local Settings\{DC4A11F7-1FDD-4604-AE12-4561F606B30D}
2012-06-06 15:18 - 2012-06-06 15:18 - 00000000 ____D C:\Users\signius\AppData\Local\{DC4A11F7-1FDD-4604-AE12-4561F606B30D}
2012-06-06 03:18 - 2012-06-06 03:18 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B5659D60-8E23-43F0-AC90-905994E8C4F7}
2012-06-06 03:18 - 2012-06-06 03:18 - 00000000 ____D C:\Users\signius\Local Settings\{B5659D60-8E23-43F0-AC90-905994E8C4F7}
2012-06-06 03:18 - 2012-06-06 03:18 - 00000000 ____D C:\Users\signius\AppData\Local\{B5659D60-8E23-43F0-AC90-905994E8C4F7}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3B28D35A-6F6C-4379-8450-8CE1FF6A705A}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{203DF7FD-F5DB-44A7-BCCD-F07E2B9D5ECB}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\Local Settings\{3B28D35A-6F6C-4379-8450-8CE1FF6A705A}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\Local Settings\{203DF7FD-F5DB-44A7-BCCD-F07E2B9D5ECB}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\AppData\Local\{3B28D35A-6F6C-4379-8450-8CE1FF6A705A}
2012-06-05 00:56 - 2012-06-05 00:56 - 00000000 ____D C:\Users\signius\AppData\Local\{203DF7FD-F5DB-44A7-BCCD-F07E2B9D5ECB}
2012-06-05 00:15 - 2012-06-05 00:12 - 00898872 ____A C:\Users\signius\Downloads\PMCV_-_Intern_Match_Hopsital_Directory_2012_v5.pdf
2012-06-05 00:13 - 2012-06-05 00:12 - 00167992 ____A C:\Users\signius\Downloads\Distribution_of_Positions_&_Parent-Rotation_Hosptials_v3.pdf
2012-06-04 21:51 - 2012-06-04 21:51 - 00210832 ____A C:\Users\signius\Downloads\2013checklistforptapsupportingdocumentation (1).pdf
2012-06-04 12:56 - 2012-06-04 12:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4B76A646-6022-48C9-B357-09A249A54F87}
2012-06-04 12:56 - 2012-06-04 12:56 - 00000000 ____D C:\Users\signius\Local Settings\{4B76A646-6022-48C9-B357-09A249A54F87}
2012-06-04 12:56 - 2012-06-04 12:56 - 00000000 ____D C:\Users\signius\AppData\Local\{4B76A646-6022-48C9-B357-09A249A54F87}
2012-06-04 12:56 - 2012-06-04 12:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{42023310-C170-427B-A0A0-9206485001B3}
2012-06-04 12:56 - 2012-06-04 12:55 - 00000000 ____D C:\Users\signius\Local Settings\{42023310-C170-427B-A0A0-9206485001B3}
2012-06-04 12:56 - 2012-06-04 12:55 - 00000000 ____D C:\Users\signius\AppData\Local\{42023310-C170-427B-A0A0-9206485001B3}
2012-06-04 00:55 - 2012-06-04 00:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4CAFC50A-8D47-4D98-A8AE-E07B260EFB85}
2012-06-04 00:55 - 2012-06-04 00:55 - 00000000 ____D C:\Users\signius\Local Settings\{4CAFC50A-8D47-4D98-A8AE-E07B260EFB85}
2012-06-04 00:55 - 2012-06-04 00:55 - 00000000 ____D C:\Users\signius\AppData\Local\{4CAFC50A-8D47-4D98-A8AE-E07B260EFB85}
2012-06-04 00:55 - 2012-06-04 00:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{686885F6-CE53-46A6-8ABE-8C81A4424EE7}
2012-06-04 00:55 - 2012-06-04 00:54 - 00000000 ____D C:\Users\signius\Local Settings\{686885F6-CE53-46A6-8ABE-8C81A4424EE7}
2012-06-04 00:55 - 2012-06-04 00:54 - 00000000 ____D C:\Users\signius\AppData\Local\{686885F6-CE53-46A6-8ABE-8C81A4424EE7}
2012-06-03 12:54 - 2012-06-03 12:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{72E8B9E1-C5CB-4802-A82E-55D5E3D88568}
2012-06-03 12:54 - 2012-06-03 12:54 - 00000000 ____D C:\Users\signius\Local Settings\{72E8B9E1-C5CB-4802-A82E-55D5E3D88568}
2012-06-03 12:54 - 2012-06-03 12:54 - 00000000 ____D C:\Users\signius\AppData\Local\{72E8B9E1-C5CB-4802-A82E-55D5E3D88568}
2012-06-03 00:54 - 2012-06-03 00:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{DF29DC35-68BC-4105-929B-946140F85E2F}
2012-06-03 00:54 - 2012-06-03 00:54 - 00000000 ____D C:\Users\signius\Local Settings\{DF29DC35-68BC-4105-929B-946140F85E2F}
2012-06-03 00:54 - 2012-06-03 00:54 - 00000000 ____D C:\Users\signius\AppData\Local\{DF29DC35-68BC-4105-929B-946140F85E2F}
2012-06-02 12:54 - 2012-06-02 12:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{EB2DC676-F736-49E7-B887-52BA1FB7D89F}
2012-06-02 12:54 - 2012-06-02 12:54 - 00000000 ____D C:\Users\signius\Local Settings\{EB2DC676-F736-49E7-B887-52BA1FB7D89F}
2012-06-02 12:54 - 2012-06-02 12:54 - 00000000 ____D C:\Users\signius\AppData\Local\{EB2DC676-F736-49E7-B887-52BA1FB7D89F}
2012-06-02 08:52 - 2012-06-02 08:50 - 07943038 ____A C:\Users\signius\Downloads\rutherglenslides.zip
2012-06-02 00:54 - 2012-06-02 00:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9220BB6E-5D00-468B-9836-E153D7A31A87}
2012-06-02 00:54 - 2012-06-02 00:54 - 00000000 ____D C:\Users\signius\Local Settings\{9220BB6E-5D00-468B-9836-E153D7A31A87}
2012-06-02 00:54 - 2012-06-02 00:54 - 00000000 ____D C:\Users\signius\AppData\Local\{9220BB6E-5D00-468B-9836-E153D7A31A87}
2012-06-01 12:54 - 2012-06-01 12:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{D2EEBD27-DC7E-4FEF-88AB-AD7A73D31005}
2012-06-01 12:54 - 2012-06-01 12:54 - 00000000 ____D C:\Users\signius\Local Settings\{D2EEBD27-DC7E-4FEF-88AB-AD7A73D31005}
2012-06-01 12:54 - 2012-06-01 12:54 - 00000000 ____D C:\Users\signius\AppData\Local\{D2EEBD27-DC7E-4FEF-88AB-AD7A73D31005}
2012-06-01 00:55 - 2012-06-01 00:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4B516BCA-5725-4D0C-889A-99EC2FE7556C}
2012-06-01 00:55 - 2012-06-01 00:55 - 00000000 ____D C:\Users\signius\Local Settings\{4B516BCA-5725-4D0C-889A-99EC2FE7556C}
2012-06-01 00:55 - 2012-06-01 00:55 - 00000000 ____D C:\Users\signius\AppData\Local\{4B516BCA-5725-4D0C-889A-99EC2FE7556C}
2012-06-01 00:55 - 2012-06-01 00:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A220D68C-24C9-4BA2-A29D-41B07A1A82BC}
2012-06-01 00:55 - 2012-06-01 00:54 - 00000000 ____D C:\Users\signius\Local Settings\{A220D68C-24C9-4BA2-A29D-41B07A1A82BC}
2012-06-01 00:55 - 2012-06-01 00:54 - 00000000 ____D C:\Users\signius\AppData\Local\{A220D68C-24C9-4BA2-A29D-41B07A1A82BC}
2012-05-29 18:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\NDF
2012-05-28 02:55 - 2012-05-28 02:55 - 00160550 ____A C:\Users\signius\Desktop\SHR exam content info.pdf
2012-05-28 02:55 - 2012-05-28 02:55 - 00098557 ____A C:\Users\signius\Downloads\Student Placements Report, RHM, Rotation 3, 2012.pdf
2012-05-28 02:52 - 2012-05-28 02:52 - 00208171 ____A C:\Users\signius\Downloads\Dookie Campus Site Map.pdf
2012-05-27 14:16 - 2012-05-09 19:33 - 00000000 ____D C:\Users\signius\Desktop\The Mentalist
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B33B3769-280F-4EB6-B220-91AA9E45B92B}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9F4F046C-F7D0-456F-B751-072DC2DA6843}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{B33B3769-280F-4EB6-B220-91AA9E45B92B}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{9F4F046C-F7D0-456F-B751-072DC2DA6843}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{B33B3769-280F-4EB6-B220-91AA9E45B92B}
2012-05-27 10:26 - 2012-05-27 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{9F4F046C-F7D0-456F-B751-072DC2DA6843}
2012-05-26 22:28 - 2012-05-26 22:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{78F52F12-80D0-4546-BE59-5A3E3C694549}
2012-05-26 22:28 - 2012-05-26 22:28 - 00000000 ____D C:\Users\signius\Local Settings\{78F52F12-80D0-4546-BE59-5A3E3C694549}
2012-05-26 22:28 - 2012-05-26 22:28 - 00000000 ____D C:\Users\signius\AppData\Local\{78F52F12-80D0-4546-BE59-5A3E3C694549}
2012-05-26 10:27 - 2012-05-26 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{30220E70-3A4E-4DF4-814D-A79757DE0CD5}
2012-05-26 10:27 - 2012-05-26 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{30220E70-3A4E-4DF4-814D-A79757DE0CD5}
2012-05-26 10:27 - 2012-05-26 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{30220E70-3A4E-4DF4-814D-A79757DE0CD5}
2012-05-26 10:27 - 2012-05-26 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{8D7DDAE5-2C5F-40E4-BAD8-AFFF93EB697D}
2012-05-26 10:27 - 2012-05-26 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{8D7DDAE5-2C5F-40E4-BAD8-AFFF93EB697D}
2012-05-26 10:27 - 2012-05-26 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{8D7DDAE5-2C5F-40E4-BAD8-AFFF93EB697D}
2012-05-25 22:26 - 2012-05-25 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{E3216933-3634-43A7-8051-B1757F009631}
2012-05-25 22:26 - 2012-05-25 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{E3216933-3634-43A7-8051-B1757F009631}
2012-05-25 22:26 - 2012-05-25 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{E3216933-3634-43A7-8051-B1757F009631}
2012-05-25 22:26 - 2012-05-25 22:25 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{62212A6D-0473-4372-97EF-5F74C1609262}
2012-05-25 22:26 - 2012-05-25 22:25 - 00000000 ____D C:\Users\signius\Local Settings\{62212A6D-0473-4372-97EF-5F74C1609262}
2012-05-25 22:26 - 2012-05-25 22:25 - 00000000 ____D C:\Users\signius\AppData\Local\{62212A6D-0473-4372-97EF-5F74C1609262}
2012-05-25 10:28 - 2012-05-25 10:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A807E90D-D724-44AD-8393-18A16B740633}
2012-05-25 10:28 - 2012-05-25 10:28 - 00000000 ____D C:\Users\signius\Local Settings\{A807E90D-D724-44AD-8393-18A16B740633}
2012-05-25 10:28 - 2012-05-25 10:28 - 00000000 ____D C:\Users\signius\AppData\Local\{A807E90D-D724-44AD-8393-18A16B740633}
2012-05-24 22:28 - 2012-05-24 22:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{69A947BC-3EFD-4A44-8F61-DB46B44AE377}
2012-05-24 22:28 - 2012-05-24 22:28 - 00000000 ____D C:\Users\signius\Local Settings\{69A947BC-3EFD-4A44-8F61-DB46B44AE377}
2012-05-24 22:28 - 2012-05-24 22:28 - 00000000 ____D C:\Users\signius\AppData\Local\{69A947BC-3EFD-4A44-8F61-DB46B44AE377}
2012-05-24 22:28 - 2012-05-24 22:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F80CEAF5-29A7-4F86-97B5-3FA719F382CA}
2012-05-24 22:28 - 2012-05-24 22:27 - 00000000 ____D C:\Users\signius\Local Settings\{F80CEAF5-29A7-4F86-97B5-3FA719F382CA}
2012-05-24 22:28 - 2012-05-24 22:27 - 00000000 ____D C:\Users\signius\AppData\Local\{F80CEAF5-29A7-4F86-97B5-3FA719F382CA}
2012-05-24 19:36 - 2012-05-24 19:35 - 04478976 ____A C:\Users\signius\Downloads\Med students intro to ECG.ppt
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C212E090-51C8-44C6-A81A-FAD016AD0A6D}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A9825DAD-DA54-42F2-B711-95E1CB672271}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{C212E090-51C8-44C6-A81A-FAD016AD0A6D}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{A9825DAD-DA54-42F2-B711-95E1CB672271}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{C212E090-51C8-44C6-A81A-FAD016AD0A6D}
2012-05-24 10:27 - 2012-05-24 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{A9825DAD-DA54-42F2-B711-95E1CB672271}
2012-05-24 00:21 - 2011-02-10 02:34 - 00000000 ____D C:\Users\signius\Local Settings\CutePDF Writer
2012-05-24 00:21 - 2011-02-10 02:34 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\CutePDF Writer
2012-05-24 00:21 - 2011-02-10 02:34 - 00000000 ____D C:\Users\signius\AppData\Local\CutePDF Writer
2012-05-24 00:00 - 2012-05-24 00:00 - 00167311 ____A C:\Users\signius\Downloads\Junior Medical Officer Referee Report .pdf
2012-05-23 23:48 - 2012-05-23 23:48 - 00210832 ____A C:\Users\signius\Downloads\2013checklistforptapsupportingdocumentation.pdf
2012-05-23 23:47 - 2012-05-23 23:47 - 00075865 ____A C:\Users\signius\Downloads\2013keydatesamended1may2012.pdf
2012-05-23 22:27 - 2012-05-23 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{2A81BE96-62AA-47D0-926A-56E4A9281102}
2012-05-23 22:27 - 2012-05-23 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{2A81BE96-62AA-47D0-926A-56E4A9281102}
2012-05-23 22:27 - 2012-05-23 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{2A81BE96-62AA-47D0-926A-56E4A9281102}
2012-05-23 22:26 - 2012-05-23 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{CB6EF408-019D-428E-A06D-CFA85B324F81}
2012-05-23 22:26 - 2012-05-23 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{CB6EF408-019D-428E-A06D-CFA85B324F81}
2012-05-23 22:26 - 2012-05-23 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{CB6EF408-019D-428E-A06D-CFA85B324F81}
2012-05-23 15:40 - 2012-05-23 15:38 - 06405508 ____A C:\Users\signius\Downloads\intern_residents_guide_2012.pdf
2012-05-23 15:39 - 2012-05-23 15:39 - 01374378 ____A C:\Users\signius\Downloads\InternDir2012.pdf
2012-05-23 10:26 - 2012-05-23 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C550C875-2DCB-490C-94F7-07FFAB00FAD6}
2012-05-23 10:26 - 2012-05-23 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{C550C875-2DCB-490C-94F7-07FFAB00FAD6}
2012-05-23 10:26 - 2012-05-23 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{C550C875-2DCB-490C-94F7-07FFAB00FAD6}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F3645AAD-AF55-4D00-9F74-70D6B2231FB1}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{AC28C23C-C859-4EC5-9E38-5AE7EDFA7139}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\Local Settings\{F3645AAD-AF55-4D00-9F74-70D6B2231FB1}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\Local Settings\{AC28C23C-C859-4EC5-9E38-5AE7EDFA7139}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\AppData\Local\{F3645AAD-AF55-4D00-9F74-70D6B2231FB1}
2012-05-22 22:27 - 2012-05-22 22:27 - 00000000 ____D C:\Users\signius\AppData\Local\{AC28C23C-C859-4EC5-9E38-5AE7EDFA7139}
2012-05-22 10:27 - 2012-05-22 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3D2F5C73-E6FE-4C42-A010-1A51B26135EA}
2012-05-22 10:27 - 2012-05-22 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{3D2F5C73-E6FE-4C42-A010-1A51B26135EA}
2012-05-22 10:27 - 2012-05-22 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{3D2F5C73-E6FE-4C42-A010-1A51B26135EA}
2012-05-22 10:27 - 2012-05-22 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7BFC0256-9EAE-4042-9F92-A366DFD72E9A}
2012-05-22 10:27 - 2012-05-22 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{7BFC0256-9EAE-4042-9F92-A366DFD72E9A}
2012-05-22 10:27 - 2012-05-22 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{7BFC0256-9EAE-4042-9F92-A366DFD72E9A}
2012-05-21 23:48 - 2012-05-21 23:48 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2012-05-21 23:48 - 2012-05-21 23:48 - 00001847 ____A C:\Users\All Users\Desktop\QuickTime Player.lnk
2012-05-21 23:48 - 2012-05-21 23:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-05-21 22:49 - 2012-05-21 22:48 - 00000000 ____D C:\Users\signius\Desktop\Black Lagoon OVA Roberta's Blood Trail
2012-05-21 22:48 - 2012-05-21 22:48 - 00000000 ____D C:\Users\signius\Desktop\Another
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7F19D941-709F-4321-A007-F34023D84CAD}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{386266E3-4E19-46F0-A010-E55AB9A4A00C}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{7F19D941-709F-4321-A007-F34023D84CAD}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{386266E3-4E19-46F0-A010-E55AB9A4A00C}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{7F19D941-709F-4321-A007-F34023D84CAD}
2012-05-21 22:26 - 2012-05-21 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{386266E3-4E19-46F0-A010-E55AB9A4A00C}
2012-05-21 10:26 - 2012-05-21 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7C6F607E-15F2-424D-9DC4-D7A1FF4855A4}
2012-05-21 10:26 - 2012-05-21 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{7C6F607E-15F2-424D-9DC4-D7A1FF4855A4}
2012-05-21 10:26 - 2012-05-21 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{7C6F607E-15F2-424D-9DC4-D7A1FF4855A4}
2012-05-20 22:28 - 2012-05-20 22:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{E316C2DB-A116-48E9-A085-9DCE25F80694}
2012-05-20 22:28 - 2012-05-20 22:28 - 00000000 ____D C:\Users\signius\Local Settings\{E316C2DB-A116-48E9-A085-9DCE25F80694}
2012-05-20 22:28 - 2012-05-20 22:28 - 00000000 ____D C:\Users\signius\AppData\Local\{E316C2DB-A116-48E9-A085-9DCE25F80694}
2012-05-20 10:28 - 2012-05-20 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9BF1B69E-6A25-4574-8A67-B9DAA9EC8271}
2012-05-20 10:28 - 2012-05-20 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{9BF1B69E-6A25-4574-8A67-B9DAA9EC8271}
2012-05-20 10:28 - 2012-05-20 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{9BF1B69E-6A25-4574-8A67-B9DAA9EC8271}
2012-05-20 10:27 - 2012-05-20 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{CC5FF63D-49FF-482A-9D2B-2197EAC13C6E}
2012-05-20 10:27 - 2012-05-20 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{CC5FF63D-49FF-482A-9D2B-2197EAC13C6E}
2012-05-20 10:27 - 2012-05-20 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{CC5FF63D-49FF-482A-9D2B-2197EAC13C6E}
2012-05-19 22:27 - 2012-05-19 22:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{18848E78-A5F5-4DE9-A834-89F565218209}
2012-05-19 22:27 - 2012-05-19 22:27 - 00000000 ____D C:\Users\signius\Local Settings\{18848E78-A5F5-4DE9-A834-89F565218209}
2012-05-19 22:27 - 2012-05-19 22:27 - 00000000 ____D C:\Users\signius\AppData\Local\{18848E78-A5F5-4DE9-A834-89F565218209}
2012-05-19 22:27 - 2012-05-19 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{8870D05A-F916-4076-8704-F961D64CD5FB}
2012-05-19 22:27 - 2012-05-19 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{8870D05A-F916-4076-8704-F961D64CD5FB}
2012-05-19 22:27 - 2012-05-19 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{8870D05A-F916-4076-8704-F961D64CD5FB}
2012-05-19 09:21 - 2012-05-19 09:21 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C07D90CD-5A12-4B69-8B92-A2D2EBF13551}
2012-05-19 09:21 - 2012-05-19 09:21 - 00000000 ____D C:\Users\signius\Local Settings\{C07D90CD-5A12-4B69-8B92-A2D2EBF13551}
2012-05-19 09:21 - 2012-05-19 09:21 - 00000000 ____D C:\Users\signius\AppData\Local\{C07D90CD-5A12-4B69-8B92-A2D2EBF13551}
2012-05-19 09:21 - 2012-05-19 09:20 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A2FD7E82-9E49-4408-BCAB-9A6524DA1A67}
2012-05-19 09:21 - 2012-05-19 09:20 - 00000000 ____D C:\Users\signius\Local Settings\{A2FD7E82-9E49-4408-BCAB-9A6524DA1A67}
2012-05-19 09:21 - 2012-05-19 09:20 - 00000000 ____D C:\Users\signius\AppData\Local\{A2FD7E82-9E49-4408-BCAB-9A6524DA1A67}
2012-05-18 21:20 - 2012-05-18 21:20 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3A0F0217-37B5-411C-959D-DDA03A0BF30C}
2012-05-18 21:20 - 2012-05-18 21:20 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{21CFB512-7B69-4B58-BFBB-9F7620C798D5}
2012-05-18 21:20 - 2012-05-18 21:20 - 00000000 ____D C:\Users\signius\Local Settings\{3A0F0217-37B5-411C-959D-DDA03A0BF30C}
2012-05-18 21:20 - 2012-05-18 21:20 - 00000000 ____D C:\Users\signius\Local Settings\{21CFB512-7B69-4B58-BFBB-9F7620C798D5}
2012-05-18 21:20 - 2012-05-18 21:20 - 00000000 ____D C:\Users\signius\AppData\Local\{3A0F0217-37B5-411C-959D-DDA03A0BF30C}
2012-05-18 21:20 - 2012-05-18 21:20 - 00000000 ____D C:\Users\signius\AppData\Local\{21CFB512-7B69-4B58-BFBB-9F7620C798D5}
2012-05-18 09:20 - 2012-05-18 09:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{56DA7BB1-3074-482C-BDD9-E29E34DD40EF}
2012-05-18 09:20 - 2012-05-18 09:19 - 00000000 ____D C:\Users\signius\Local Settings\{56DA7BB1-3074-482C-BDD9-E29E34DD40EF}
2012-05-18 09:20 - 2012-05-18 09:19 - 00000000 ____D C:\Users\signius\AppData\Local\{56DA7BB1-3074-482C-BDD9-E29E34DD40EF}
2012-05-18 09:19 - 2012-05-18 09:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{FF0A5850-3289-42B9-BCC3-0117F46440FB}
2012-05-18 09:19 - 2012-05-18 09:19 - 00000000 ____D C:\Users\signius\Local Settings\{FF0A5850-3289-42B9-BCC3-0117F46440FB}
2012-05-18 09:19 - 2012-05-18 09:19 - 00000000 ____D C:\Users\signius\AppData\Local\{FF0A5850-3289-42B9-BCC3-0117F46440FB}
2012-05-18 03:00 - 2012-05-09 19:33 - 00000000 ____D C:\Users\signius\Desktop\HIMYM
2012-05-18 00:43 - 2012-05-18 00:43 - 00000000 ____D C:\Users\signius\Downloads\XDCC Browser 452
2012-05-18 00:40 - 2012-05-18 00:40 - 00344353 ____A C:\Users\signius\Downloads\XDCC Browser 452.rar
2012-05-17 21:19 - 2012-05-17 21:19 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{8A709B79-AE63-4492-85B6-A53529822EBD}
2012-05-17 21:19 - 2012-05-17 21:19 - 00000000 ____D C:\Users\signius\Local Settings\{8A709B79-AE63-4492-85B6-A53529822EBD}
2012-05-17 21:19 - 2012-05-17 21:19 - 00000000 ____D C:\Users\signius\AppData\Local\{8A709B79-AE63-4492-85B6-A53529822EBD}
2012-05-17 21:11 - 2009-07-14 00:08 - 00032584 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-05-17 11:02 - 2012-05-17 11:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-05-17 11:02 - 2012-05-17 11:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-17 10:27 - 2012-05-17 10:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{1BF94041-A4A0-46DF-8B29-3D04BCB4D209}
2012-05-17 10:27 - 2012-05-17 10:27 - 00000000 ____D C:\Users\signius\Local Settings\{1BF94041-A4A0-46DF-8B29-3D04BCB4D209}
2012-05-17 10:27 - 2012-05-17 10:27 - 00000000 ____D C:\Users\signius\AppData\Local\{1BF94041-A4A0-46DF-8B29-3D04BCB4D209}
2012-05-16 22:27 - 2012-05-16 22:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{D534F824-3B9F-4E0C-A773-161B35A54B22}
2012-05-16 22:27 - 2012-05-16 22:27 - 00000000 ____D C:\Users\signius\Local Settings\{D534F824-3B9F-4E0C-A773-161B35A54B22}
2012-05-16 22:27 - 2012-05-16 22:27 - 00000000 ____D C:\Users\signius\AppData\Local\{D534F824-3B9F-4E0C-A773-161B35A54B22}
2012-05-16 22:27 - 2012-05-16 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{1EF4BB48-7E4E-4070-8238-B928049323FB}
2012-05-16 22:27 - 2012-05-16 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{1EF4BB48-7E4E-4070-8238-B928049323FB}
2012-05-16 22:27 - 2012-05-16 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{1EF4BB48-7E4E-4070-8238-B928049323FB}
2012-05-16 10:26 - 2012-05-16 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{9866785C-1AE2-41B7-BFF7-0B29CEBAA6C1}
2012-05-16 10:26 - 2012-05-16 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{9866785C-1AE2-41B7-BFF7-0B29CEBAA6C1}
2012-05-16 10:26 - 2012-05-16 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{9866785C-1AE2-41B7-BFF7-0B29CEBAA6C1}
2012-05-16 00:40 - 2011-12-24 15:27 - 00000000 ____D C:\Users\signius\Desktop\Person of Interest
2012-05-15 22:26 - 2012-05-15 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{5CFC2AC8-9489-44E2-8D57-3879F8BA3329}
2012-05-15 22:26 - 2012-05-15 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{5CFC2AC8-9489-44E2-8D57-3879F8BA3329}
2012-05-15 22:26 - 2012-05-15 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{5CFC2AC8-9489-44E2-8D57-3879F8BA3329}
2012-05-15 10:26 - 2012-05-15 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{31F299E5-F8C3-4F19-B421-924D81FEF155}
2012-05-15 10:26 - 2012-05-15 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{31F299E5-F8C3-4F19-B421-924D81FEF155}
2012-05-15 10:26 - 2012-05-15 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{31F299E5-F8C3-4F19-B421-924D81FEF155}
2012-05-14 22:26 - 2012-05-14 22:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F314219F-E496-44F6-8967-A1CA01705E12}
2012-05-14 22:26 - 2012-05-14 22:26 - 00000000 ____D C:\Users\signius\Local Settings\{F314219F-E496-44F6-8967-A1CA01705E12}
2012-05-14 22:26 - 2012-05-14 22:26 - 00000000 ____D C:\Users\signius\AppData\Local\{F314219F-E496-44F6-8967-A1CA01705E12}
2012-05-14 20:32 - 2012-06-14 05:59 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-14 14:32 - 2012-05-09 19:33 - 00000000 ____D C:\Users\signius\Desktop\TBBT
2012-05-14 12:38 - 2012-05-13 17:59 - 357653529 ____A C:\Users\signius\Downloads\tm.s04e23.hxa.u34800.RMTeam.rar
2012-05-14 10:26 - 2012-05-14 10:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A6C65535-B720-41A8-AEC2-B69467F22410}
2012-05-14 10:26 - 2012-05-14 10:26 - 00000000 ____D C:\Users\signius\Local Settings\{A6C65535-B720-41A8-AEC2-B69467F22410}
2012-05-14 10:26 - 2012-05-14 10:26 - 00000000 ____D C:\Users\signius\AppData\Local\{A6C65535-B720-41A8-AEC2-B69467F22410}
2012-05-14 00:55 - 2012-05-14 00:55 - 00000957 ____A C:\Users\Public\Desktop\mIRC.lnk
2012-05-14 00:55 - 2012-05-14 00:55 - 00000957 ____A C:\Users\All Users\Desktop\mIRC.lnk
2012-05-14 00:55 - 2012-05-14 00:55 - 00000000 ____D C:\Program Files (x86)\mIRC
2012-05-14 00:06 - 2012-05-14 00:03 - 01909192 ____A (mIRC Co. Ltd.) C:\Users\signius\Downloads\mirc722.exe
2012-05-12 20:30 - 2010-12-30 04:25 - 00000000 ____D C:\Program Files\Windows Journal
2012-05-10 14:23 - 2012-05-14 12:39 - 00000238 ____A C:\Users\signius\Downloads\info.txt
2012-05-10 14:23 - 2012-05-14 12:39 - 00000057 ____A C:\Users\signius\Downloads\release.url
2012-05-10 14:23 - 2012-05-14 12:39 - 00000046 ____A C:\Users\signius\Downloads\rapidmoviez.url
2012-05-09 19:32 - 2011-07-30 15:57 - 00000000 ____D C:\Users\signius\Desktop\Castle
2012-05-08 06:48 - 2012-05-08 06:48 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A6B820D2-0F0F-4DC0-8EF9-067D3A72841B}
2012-05-08 06:48 - 2012-05-08 06:48 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{630857DB-D90D-4502-934F-A4773E535AF1}
2012-05-08 06:48 - 2012-05-08 06:48 - 00000000 ____D C:\Users\signius\Local Settings\{A6B820D2-0F0F-4DC0-8EF9-067D3A72841B}
2012-05-08 06:48 - 2012-05-08 06:48 - 00000000 ____D C:\Users\signius\Local Settings\{630857DB-D90D-4502-934F-A4773E535AF1}
2012-05-08 06:48 - 2012-05-08 06:48 - 00000000 ____D C:\Users\signius\AppData\Local\{A6B820D2-0F0F-4DC0-8EF9-067D3A72841B}
2012-05-08 06:48 - 2012-05-08 06:48 - 00000000 ____D C:\Users\signius\AppData\Local\{630857DB-D90D-4502-934F-A4773E535AF1}
2012-05-07 18:48 - 2012-05-07 18:47 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{62AC7051-E020-4EDC-B792-3169F392BD77}
2012-05-07 18:48 - 2012-05-07 18:47 - 00000000 ____D C:\Users\signius\Local Settings\{62AC7051-E020-4EDC-B792-3169F392BD77}
2012-05-07 18:48 - 2012-05-07 18:47 - 00000000 ____D C:\Users\signius\AppData\Local\{62AC7051-E020-4EDC-B792-3169F392BD77}
2012-05-07 18:47 - 2012-05-07 18:47 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{03B90D43-33C6-406C-92F1-C57605FA05C9}
2012-05-07 18:47 - 2012-05-07 18:47 - 00000000 ____D C:\Users\signius\Local Settings\{03B90D43-33C6-406C-92F1-C57605FA05C9}
2012-05-07 18:47 - 2012-05-07 18:47 - 00000000 ____D C:\Users\signius\AppData\Local\{03B90D43-33C6-406C-92F1-C57605FA05C9}
2012-05-07 06:47 - 2012-05-07 06:47 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{CD698F36-6082-4CAA-B9D7-617DE553899A}
2012-05-07 06:47 - 2012-05-07 06:47 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7C88613F-7864-4B71-91CB-4813CDF45985}
2012-05-07 06:47 - 2012-05-07 06:47 - 00000000 ____D C:\Users\signius\Local Settings\{CD698F36-6082-4CAA-B9D7-617DE553899A}
2012-05-07 06:47 - 2012-05-07 06:47 - 00000000 ____D C:\Users\signius\Local Settings\{7C88613F-7864-4B71-91CB-4813CDF45985}
2012-05-07 06:47 - 2012-05-07 06:47 - 00000000 ____D C:\Users\signius\AppData\Local\{CD698F36-6082-4CAA-B9D7-617DE553899A}
2012-05-07 06:47 - 2012-05-07 06:47 - 00000000 ____D C:\Users\signius\AppData\Local\{7C88613F-7864-4B71-91CB-4813CDF45985}
2012-05-06 15:42 - 2012-05-06 15:42 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{499EA057-D906-4D24-BF4B-C21F13BC1D51}
2012-05-06 15:42 - 2012-05-06 15:42 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{280780D1-808E-43FB-9C17-BA227E551919}
2012-05-06 15:42 - 2012-05-06 15:42 - 00000000 ____D C:\Users\signius\Local Settings\{499EA057-D906-4D24-BF4B-C21F13BC1D51}
2012-05-06 15:42 - 2012-05-06 15:42 - 00000000 ____D C:\Users\signius\Local Settings\{280780D1-808E-43FB-9C17-BA227E551919}
2012-05-06 15:42 - 2012-05-06 15:42 - 00000000 ____D C:\Users\signius\AppData\Local\{499EA057-D906-4D24-BF4B-C21F13BC1D51}
2012-05-06 15:42 - 2012-05-06 15:42 - 00000000 ____D C:\Users\signius\AppData\Local\{280780D1-808E-43FB-9C17-BA227E551919}
2012-05-06 03:42 - 2012-05-06 03:42 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F2F436AF-DF9C-4F5B-A5F8-9A4BF30F94EF}
2012-05-06 03:42 - 2012-05-06 03:42 - 00000000 ____D C:\Users\signius\Local Settings\{F2F436AF-DF9C-4F5B-A5F8-9A4BF30F94EF}
2012-05-06 03:42 - 2012-05-06 03:42 - 00000000 ____D C:\Users\signius\AppData\Local\{F2F436AF-DF9C-4F5B-A5F8-9A4BF30F94EF}
2012-05-06 03:42 - 2012-05-06 03:41 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{44185381-1474-4A0F-8BFE-E8744074642F}
2012-05-06 03:42 - 2012-05-06 03:41 - 00000000 ____D C:\Users\signius\Local Settings\{44185381-1474-4A0F-8BFE-E8744074642F}
2012-05-06 03:42 - 2012-05-06 03:41 - 00000000 ____D C:\Users\signius\AppData\Local\{44185381-1474-4A0F-8BFE-E8744074642F}
2012-05-05 15:41 - 2012-05-05 15:41 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C406E75D-CC7A-450A-98DC-E304064AE534}
2012-05-05 15:41 - 2012-05-05 15:41 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{1CBB87F2-6774-400C-AC06-EABDEB9E2B2C}
2012-05-05 15:41 - 2012-05-05 15:41 - 00000000 ____D C:\Users\signius\Local Settings\{C406E75D-CC7A-450A-98DC-E304064AE534}
2012-05-05 15:41 - 2012-05-05 15:41 - 00000000 ____D C:\Users\signius\Local Settings\{1CBB87F2-6774-400C-AC06-EABDEB9E2B2C}
2012-05-05 15:41 - 2012-05-05 15:41 - 00000000 ____D C:\Users\signius\AppData\Local\{C406E75D-CC7A-450A-98DC-E304064AE534}
2012-05-05 15:41 - 2012-05-05 15:41 - 00000000 ____D C:\Users\signius\AppData\Local\{1CBB87F2-6774-400C-AC06-EABDEB9E2B2C}
2012-05-05 03:41 - 2012-05-05 03:41 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{0005DF0B-8FA1-4185-873F-C4F62E43C5B9}
2012-05-05 03:41 - 2012-05-05 03:41 - 00000000 ____D C:\Users\signius\Local Settings\{0005DF0B-8FA1-4185-873F-C4F62E43C5B9}
2012-05-05 03:41 - 2012-05-05 03:41 - 00000000 ____D C:\Users\signius\AppData\Local\{0005DF0B-8FA1-4185-873F-C4F62E43C5B9}
2012-05-05 03:39 - 2012-05-05 03:39 - 00275680 ____A C:\Windows\Minidump\050512-24601-01.dmp
2012-05-04 06:06 - 2012-06-14 06:04 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 05:03 - 2012-06-14 06:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 05:03 - 2012-06-14 06:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-01 21:12 - 2012-05-01 15:49 - 183191539 ____A C:\Users\signius\Downloads\how.i.met.your.mother.s07e20.hdtv.xvid-2hd.rar
2012-05-01 00:40 - 2012-06-14 06:01 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-30 16:28 - 2012-04-28 16:19 - 372683896 ____A C:\Users\signius\Downloads\Person.of.Interest.S01E20.Matsya.Nyaya.HDTV.XviD-FQM.rar
2012-04-30 07:39 - 2012-02-06 17:35 - 00000000 ____D C:\Users\signius\Desktop\Psych
2012-04-30 01:56 - 2012-04-30 01:39 - 01401897 ____A C:\Users\signius\Desktop\assess elderly tc.pptm
2012-04-29 15:56 - 2012-04-29 15:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{8DE6D984-9FDB-4F94-8F08-8143828F2BF8}
2012-04-29 15:56 - 2012-04-29 15:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{8D1AE832-0DD9-4B20-9DBA-8C40AFFE3D74}
2012-04-29 15:56 - 2012-04-29 15:56 - 00000000 ____D C:\Users\signius\Local Settings\{8DE6D984-9FDB-4F94-8F08-8143828F2BF8}
2012-04-29 15:56 - 2012-04-29 15:56 - 00000000 ____D C:\Users\signius\Local Settings\{8D1AE832-0DD9-4B20-9DBA-8C40AFFE3D74}
2012-04-29 15:56 - 2012-04-29 15:56 - 00000000 ____D C:\Users\signius\AppData\Local\{8DE6D984-9FDB-4F94-8F08-8143828F2BF8}
2012-04-29 15:56 - 2012-04-29 15:56 - 00000000 ____D C:\Users\signius\AppData\Local\{8D1AE832-0DD9-4B20-9DBA-8C40AFFE3D74}
2012-04-28 21:07 - 2012-04-28 21:07 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{789BA257-8007-431C-BFD6-958F4C81FA35}
2012-04-28 21:07 - 2012-04-28 21:07 - 00000000 ____D C:\Users\signius\Local Settings\{789BA257-8007-431C-BFD6-958F4C81FA35}
2012-04-28 21:07 - 2012-04-28 21:07 - 00000000 ____D C:\Users\signius\AppData\Local\{789BA257-8007-431C-BFD6-958F4C81FA35}
2012-04-28 21:07 - 2012-04-28 21:06 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7976CB79-77D8-4AC4-A1FD-B67E6406FDCF}
2012-04-28 21:07 - 2012-04-28 21:06 - 00000000 ____D C:\Users\signius\Local Settings\{7976CB79-77D8-4AC4-A1FD-B67E6406FDCF}
2012-04-28 21:07 - 2012-04-28 21:06 - 00000000 ____D C:\Users\signius\AppData\Local\{7976CB79-77D8-4AC4-A1FD-B67E6406FDCF}
2012-04-28 09:06 - 2012-04-28 09:06 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{8ACD2258-7ACB-4B14-B13E-7E271A90BF88}
2012-04-28 09:06 - 2012-04-28 09:06 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7C414194-8B6C-41FA-93F3-CBB55433A96C}
2012-04-28 09:06 - 2012-04-28 09:06 - 00000000 ____D C:\Users\signius\Local Settings\{8ACD2258-7ACB-4B14-B13E-7E271A90BF88}
2012-04-28 09:06 - 2012-04-28 09:06 - 00000000 ____D C:\Users\signius\Local Settings\{7C414194-8B6C-41FA-93F3-CBB55433A96C}
2012-04-28 09:06 - 2012-04-28 09:06 - 00000000 ____D C:\Users\signius\AppData\Local\{8ACD2258-7ACB-4B14-B13E-7E271A90BF88}
2012-04-28 09:06 - 2012-04-28 09:06 - 00000000 ____D C:\Users\signius\AppData\Local\{7C414194-8B6C-41FA-93F3-CBB55433A96C}
2012-04-27 22:55 - 2012-06-14 07:47 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-27 21:06 - 2012-04-27 21:06 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{A0A38FA3-5788-4D6A-924D-DB66B4E24C08}
2012-04-27 21:06 - 2012-04-27 21:06 - 00000000 ____D C:\Users\signius\Local Settings\{A0A38FA3-5788-4D6A-924D-DB66B4E24C08}
2012-04-27 21:06 - 2012-04-27 21:06 - 00000000 ____D C:\Users\signius\AppData\Local\{A0A38FA3-5788-4D6A-924D-DB66B4E24C08}
2012-04-27 09:43 - 2012-04-27 09:43 - 00083968 ____A C:\Users\signius\Downloads\DotA Calc.xls
2012-04-27 09:23 - 2012-04-22 06:24 - 00073340 ____A C:\Users\signius\Downloads\DotA Calc.xlsx
2012-04-27 09:07 - 2012-04-27 09:07 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{388C91F0-F905-4B56-A65B-66BB0E12283D}
2012-04-27 09:07 - 2012-04-27 09:07 - 00000000 ____D C:\Users\signius\Local Settings\{388C91F0-F905-4B56-A65B-66BB0E12283D}
2012-04-27 09:07 - 2012-04-27 09:07 - 00000000 ____D C:\Users\signius\AppData\Local\{388C91F0-F905-4B56-A65B-66BB0E12283D}
2012-04-26 19:08 - 2012-04-26 19:08 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C5122CD6-874B-4836-89B2-A7F7CF668AA3}
2012-04-26 19:08 - 2012-04-26 19:08 - 00000000 ____D C:\Users\signius\Local Settings\{C5122CD6-874B-4836-89B2-A7F7CF668AA3}
2012-04-26 19:08 - 2012-04-26 19:08 - 00000000 ____D C:\Users\signius\AppData\Local\{C5122CD6-874B-4836-89B2-A7F7CF668AA3}
2012-04-26 07:06 - 2012-04-26 07:05 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{5C6D9A1C-A88D-469B-BE80-4FAF3A3D70D5}
2012-04-26 07:06 - 2012-04-26 07:05 - 00000000 ____D C:\Users\signius\Local Settings\{5C6D9A1C-A88D-469B-BE80-4FAF3A3D70D5}
2012-04-26 07:06 - 2012-04-26 07:05 - 00000000 ____D C:\Users\signius\AppData\Local\{5C6D9A1C-A88D-469B-BE80-4FAF3A3D70D5}
2012-04-26 07:05 - 2012-04-26 07:05 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{1027F0B7-AC72-4B1A-BB76-03DCB9F1D334}
2012-04-26 07:05 - 2012-04-26 07:05 - 00000000 ____D C:\Users\signius\Local Settings\{1027F0B7-AC72-4B1A-BB76-03DCB9F1D334}
2012-04-26 07:05 - 2012-04-26 07:05 - 00000000 ____D C:\Users\signius\AppData\Local\{1027F0B7-AC72-4B1A-BB76-03DCB9F1D334}
2012-04-26 00:41 - 2012-06-14 07:47 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-26 00:41 - 2012-06-14 07:47 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-26 00:34 - 2012-06-14 07:47 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-25 19:07 - 2012-04-25 19:02 - 01680532 ____A C:\Users\signius\Downloads\Application-for-Police-Record-Check-VP820B-May-11.pdf
2012-04-25 17:32 - 2012-04-25 17:31 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{6BA076D8-4B2C-4078-A36E-FDF165C16FFE}
2012-04-25 17:32 - 2012-04-25 17:31 - 00000000 ____D C:\Users\signius\Local Settings\{6BA076D8-4B2C-4078-A36E-FDF165C16FFE}
2012-04-25 17:32 - 2012-04-25 17:31 - 00000000 ____D C:\Users\signius\AppData\Local\{6BA076D8-4B2C-4078-A36E-FDF165C16FFE}
2012-04-25 17:31 - 2012-04-25 17:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3D4D35FF-4116-4A5E-B1E4-BE65D2E898F2}
2012-04-25 17:31 - 2012-04-25 17:30 - 00000000 ____D C:\Users\signius\Local Settings\{3D4D35FF-4116-4A5E-B1E4-BE65D2E898F2}
2012-04-25 17:31 - 2012-04-25 17:30 - 00000000 ____D C:\Users\signius\AppData\Local\{3D4D35FF-4116-4A5E-B1E4-BE65D2E898F2}
2012-04-25 05:30 - 2012-04-25 05:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{75F79E21-3839-470B-9DD4-9F26B8393FC7}
2012-04-25 05:30 - 2012-04-25 05:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{462EA09E-CC2C-423C-AEAC-06C5F735D4A2}
2012-04-25 05:30 - 2012-04-25 05:30 - 00000000 ____D C:\Users\signius\Local Settings\{75F79E21-3839-470B-9DD4-9F26B8393FC7}
2012-04-25 05:30 - 2012-04-25 05:30 - 00000000 ____D C:\Users\signius\Local Settings\{462EA09E-CC2C-423C-AEAC-06C5F735D4A2}
2012-04-25 05:30 - 2012-04-25 05:30 - 00000000 ____D C:\Users\signius\AppData\Local\{75F79E21-3839-470B-9DD4-9F26B8393FC7}
2012-04-25 05:30 - 2012-04-25 05:30 - 00000000 ____D C:\Users\signius\AppData\Local\{462EA09E-CC2C-423C-AEAC-06C5F735D4A2}
2012-04-24 09:37 - 2012-04-24 09:37 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3204E85C-9254-4C6F-9330-54FF21DA59B9}
2012-04-24 09:37 - 2012-04-24 09:37 - 00000000 ____D C:\Users\signius\Local Settings\{3204E85C-9254-4C6F-9330-54FF21DA59B9}
2012-04-24 09:37 - 2012-04-24 09:37 - 00000000 ____D C:\Users\signius\AppData\Local\{3204E85C-9254-4C6F-9330-54FF21DA59B9}
2012-04-24 06:45 - 2012-04-24 06:46 - 00157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-04-24 06:45 - 2012-04-24 06:46 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-04-24 06:45 - 2012-04-24 06:46 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-04-24 06:45 - 2011-02-13 08:29 - 00472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-04-24 00:37 - 2012-06-14 07:46 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-24 00:37 - 2012-06-14 07:46 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-24 00:37 - 2012-06-14 07:46 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 23:38 - 2012-03-12 06:51 - 00000000 ____D C:\Users\signius\Desktop\FF8
2012-04-23 23:36 - 2012-06-14 07:46 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 23:36 - 2012-06-14 07:46 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 23:36 - 2012-06-14 07:46 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-04-23 21:37 - 2012-04-23 21:37 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B3781992-7D79-4724-A98B-B1633DFA77C3}
2012-04-23 21:37 - 2012-04-23 21:37 - 00000000 ____D C:\Users\signius\Local Settings\{B3781992-7D79-4724-A98B-B1633DFA77C3}
2012-04-23 21:37 - 2012-04-23 21:37 - 00000000 ____D C:\Users\signius\AppData\Local\{B3781992-7D79-4724-A98B-B1633DFA77C3}
2012-04-23 08:36 - 2012-04-23 08:36 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-04-23 08:36 - 2012-04-23 08:36 - 00001785 ____A C:\Users\All Users\Desktop\iTunes.lnk
2012-04-23 08:36 - 2012-04-23 08:35 - 00000000 ____D C:\Program Files\iTunes
2012-04-23 08:35 - 2012-04-23 08:35 - 00000000 ____D C:\Program Files\iPod
2012-04-23 08:35 - 2012-03-11 21:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-04-23 08:14 - 2012-04-23 08:14 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{183FB351-7BFF-4A5D-9F6D-0B62DD73AC3B}
2012-04-23 08:14 - 2012-04-23 08:14 - 00000000 ____D C:\Users\signius\Local Settings\{183FB351-7BFF-4A5D-9F6D-0B62DD73AC3B}
2012-04-23 08:14 - 2012-04-23 08:14 - 00000000 ____D C:\Users\signius\AppData\Local\{183FB351-7BFF-4A5D-9F6D-0B62DD73AC3B}
2012-04-23 08:14 - 2012-04-23 08:13 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{E2F06851-C105-4B68-A2E5-8E63ED792362}
2012-04-23 08:14 - 2012-04-23 08:13 - 00000000 ____D C:\Users\signius\Local Settings\{E2F06851-C105-4B68-A2E5-8E63ED792362}
2012-04-23 08:14 - 2012-04-23 08:13 - 00000000 ____D C:\Users\signius\AppData\Local\{E2F06851-C105-4B68-A2E5-8E63ED792362}
2012-04-22 15:38 - 2012-04-05 10:04 - 00000000 ____D C:\Users\signius\Desktop\Final Fantasy VII
2012-04-22 13:57 - 2012-04-22 13:57 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{997BBB1C-BF72-4792-9307-88DA6D00100C}
2012-04-22 13:57 - 2012-04-22 13:57 - 00000000 ____D C:\Users\signius\Local Settings\{997BBB1C-BF72-4792-9307-88DA6D00100C}
2012-04-22 13:57 - 2012-04-22 13:57 - 00000000 ____D C:\Users\signius\AppData\Local\{997BBB1C-BF72-4792-9307-88DA6D00100C}
2012-04-22 01:58 - 2012-04-22 01:58 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C4BDFC75-A251-4C8A-A063-FB477665EA9C}
2012-04-22 01:58 - 2012-04-22 01:58 - 00000000 ____D C:\Users\signius\Local Settings\{C4BDFC75-A251-4C8A-A063-FB477665EA9C}
2012-04-22 01:58 - 2012-04-22 01:58 - 00000000 ____D C:\Users\signius\AppData\Local\{C4BDFC75-A251-4C8A-A063-FB477665EA9C}
2012-04-21 13:58 - 2012-04-21 13:58 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F369B074-A03E-45BA-917C-67CB6AA98DE6}
2012-04-21 13:58 - 2012-04-21 13:58 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4AC6ED68-05B9-4728-A03F-DD7C82B5EEB0}
2012-04-21 13:58 - 2012-04-21 13:58 - 00000000 ____D C:\Users\signius\Local Settings\{F369B074-A03E-45BA-917C-67CB6AA98DE6}
2012-04-21 13:58 - 2012-04-21 13:58 - 00000000 ____D C:\Users\signius\Local Settings\{4AC6ED68-05B9-4728-A03F-DD7C82B5EEB0}
2012-04-21 13:58 - 2012-04-21 13:58 - 00000000 ____D C:\Users\signius\AppData\Local\{F369B074-A03E-45BA-917C-67CB6AA98DE6}
2012-04-21 13:58 - 2012-04-21 13:58 - 00000000 ____D C:\Users\signius\AppData\Local\{4AC6ED68-05B9-4728-A03F-DD7C82B5EEB0}
2012-04-21 07:54 - 2012-04-21 07:53 - 00000000 ____D C:\Users\signius\Downloads\avidemux_2.5.6_win64
2012-04-21 07:54 - 2012-04-21 07:52 - 00000000 ____D C:\Users\signius\Application Data\avidemux
2012-04-21 07:54 - 2012-04-21 07:52 - 00000000 ____D C:\Users\signius\AppData\Roaming\avidemux
2012-04-21 01:58 - 2012-04-21 01:58 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{0A150EC3-DFE0-4B7A-A997-AF0FA88B9062}
2012-04-21 01:58 - 2012-04-21 01:58 - 00000000 ____D C:\Users\signius\Local Settings\{0A150EC3-DFE0-4B7A-A997-AF0FA88B9062}
2012-04-21 01:58 - 2012-04-21 01:58 - 00000000 ____D C:\Users\signius\AppData\Local\{0A150EC3-DFE0-4B7A-A997-AF0FA88B9062}
2012-04-21 01:58 - 2012-04-21 01:57 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4B2CFDF9-6E76-4DC6-AA00-2BAD760C9B2F}
2012-04-21 01:58 - 2012-04-21 01:57 - 00000000 ____D C:\Users\signius\Local Settings\{4B2CFDF9-6E76-4DC6-AA00-2BAD760C9B2F}
2012-04-21 01:58 - 2012-04-21 01:57 - 00000000 ____D C:\Users\signius\AppData\Local\{4B2CFDF9-6E76-4DC6-AA00-2BAD760C9B2F}
2012-04-20 22:29 - 2012-06-02 08:53 - 08126435 ____A C:\Users\signius\Desktop\rutherglenslides.pdf
2012-04-20 09:08 - 2012-04-08 09:53 - 00000000 ____D C:\Users\signius\Downloads\Fever_Ray-Fever_Ray-(RABID039)-WEB-2009-XXW
2012-04-20 08:27 - 2012-04-20 08:27 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{14613F6C-2C65-437A-9EB4-99457E6343FA}
2012-04-20 08:27 - 2012-04-20 08:27 - 00000000 ____D C:\Users\signius\Local Settings\{14613F6C-2C65-437A-9EB4-99457E6343FA}
2012-04-20 08:27 - 2012-04-20 08:27 - 00000000 ____D C:\Users\signius\AppData\Local\{14613F6C-2C65-437A-9EB4-99457E6343FA}
2012-04-20 08:27 - 2012-04-20 08:26 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{0956BA1F-0E33-40DE-9376-2A3256E5DD43}
2012-04-20 08:27 - 2012-04-20 08:26 - 00000000 ____D C:\Users\signius\Local Settings\{0956BA1F-0E33-40DE-9376-2A3256E5DD43}
2012-04-20 08:27 - 2012-04-20 08:26 - 00000000 ____D C:\Users\signius\AppData\Local\{0956BA1F-0E33-40DE-9376-2A3256E5DD43}
2012-04-19 18:56 - 2012-04-19 18:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7F483B69-7595-4570-B834-1385BFED4866}
2012-04-19 18:56 - 2012-04-19 18:55 - 00000000 ____D C:\Users\signius\Local Settings\{7F483B69-7595-4570-B834-1385BFED4866}
2012-04-19 18:56 - 2012-04-19 18:55 - 00000000 ____D C:\Users\signius\AppData\Local\{7F483B69-7595-4570-B834-1385BFED4866}
2012-04-19 18:55 - 2012-04-19 18:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{78FF10EE-8913-4487-A02D-3F7DEDCCB3E6}
2012-04-19 18:55 - 2012-04-19 18:55 - 00000000 ____D C:\Users\signius\Local Settings\{78FF10EE-8913-4487-A02D-3F7DEDCCB3E6}
2012-04-19 18:55 - 2012-04-19 18:55 - 00000000 ____D C:\Users\signius\AppData\Local\{78FF10EE-8913-4487-A02D-3F7DEDCCB3E6}
2012-04-19 15:23 - 2012-04-19 05:11 - 267386880 ____A C:\Users\signius\Downloads\The.Cabin.in.the.Woods.2011.DVDrip.XviD.part1.rar
2012-04-19 13:44 - 2012-04-19 07:53 - 267386880 ____A C:\Users\signius\Downloads\The.Cabin.in.the.Woods.2011.DVDrip.XviD.part2.rar
2012-04-19 06:55 - 2012-04-19 06:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{ACBCD278-D0EB-4870-8251-85FCFFD104F8}
2012-04-19 06:55 - 2012-04-19 06:55 - 00000000 ____D C:\Users\signius\Local Settings\{ACBCD278-D0EB-4870-8251-85FCFFD104F8}
2012-04-19 06:55 - 2012-04-19 06:55 - 00000000 ____D C:\Users\signius\AppData\Local\{ACBCD278-D0EB-4870-8251-85FCFFD104F8}
2012-04-19 06:55 - 2012-04-19 06:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{6139ADB1-CA99-4C82-8B77-3A60850276DA}
2012-04-19 06:55 - 2012-04-19 06:54 - 00000000 ____D C:\Users\signius\Local Settings\{6139ADB1-CA99-4C82-8B77-3A60850276DA}
2012-04-19 06:55 - 2012-04-19 06:54 - 00000000 ____D C:\Users\signius\AppData\Local\{6139ADB1-CA99-4C82-8B77-3A60850276DA}
2012-04-18 20:59 - 2012-04-18 20:56 - 17012880 ____A C:\Users\signius\Downloads\avidemux_2.5.6_win64.zip
2012-04-18 18:54 - 2012-04-18 18:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{76681536-00E8-46DD-BBA4-0E2FC18EBF28}
2012-04-18 18:54 - 2012-04-18 18:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3C23E651-E127-4CBC-BFC2-1030CE349434}
2012-04-18 18:54 - 2012-04-18 18:54 - 00000000 ____D C:\Users\signius\Local Settings\{76681536-00E8-46DD-BBA4-0E2FC18EBF28}
2012-04-18 18:54 - 2012-04-18 18:54 - 00000000 ____D C:\Users\signius\Local Settings\{3C23E651-E127-4CBC-BFC2-1030CE349434}
2012-04-18 18:54 - 2012-04-18 18:54 - 00000000 ____D C:\Users\signius\AppData\Local\{76681536-00E8-46DD-BBA4-0E2FC18EBF28}
2012-04-18 18:54 - 2012-04-18 18:54 - 00000000 ____D C:\Users\signius\AppData\Local\{3C23E651-E127-4CBC-BFC2-1030CE349434}
2012-04-18 06:54 - 2012-04-18 06:53 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{ACF434C0-D091-4313-BB0F-0B26E68056D2}
2012-04-18 06:54 - 2012-04-18 06:53 - 00000000 ____D C:\Users\signius\Local Settings\{ACF434C0-D091-4313-BB0F-0B26E68056D2}
2012-04-18 06:54 - 2012-04-18 06:53 - 00000000 ____D C:\Users\signius\AppData\Local\{ACF434C0-D091-4313-BB0F-0B26E68056D2}
2012-04-18 06:53 - 2012-04-18 06:53 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{D5996C45-9632-4745-8117-10D2FC054FF4}
2012-04-18 06:53 - 2012-04-18 06:53 - 00000000 ____D C:\Users\signius\Local Settings\{D5996C45-9632-4745-8117-10D2FC054FF4}
2012-04-18 06:53 - 2012-04-18 06:53 - 00000000 ____D C:\Users\signius\AppData\Local\{D5996C45-9632-4745-8117-10D2FC054FF4}
2012-04-18 05:56 - 2012-04-18 05:56 - 00094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2012-04-18 05:56 - 2012-04-18 05:56 - 00069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2012-04-17 18:53 - 2012-04-17 18:53 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{AA9892B5-55BB-4F12-A5A6-5ABEED285DCA}
2012-04-17 18:53 - 2012-04-17 18:53 - 00000000 ____D C:\Users\signius\Local Settings\{AA9892B5-55BB-4F12-A5A6-5ABEED285DCA}
2012-04-17 18:53 - 2012-04-17 18:53 - 00000000 ____D C:\Users\signius\AppData\Local\{AA9892B5-55BB-4F12-A5A6-5ABEED285DCA}
2012-04-17 18:53 - 2012-04-17 18:52 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{61C3B420-0918-405A-AB79-A6068FF84D3C}
2012-04-17 18:53 - 2012-04-17 18:52 - 00000000 ____D C:\Users\signius\Local Settings\{61C3B420-0918-405A-AB79-A6068FF84D3C}
2012-04-17 18:53 - 2012-04-17 18:52 - 00000000 ____D C:\Users\signius\AppData\Local\{61C3B420-0918-405A-AB79-A6068FF84D3C}
2012-04-17 14:25 - 2012-04-17 14:24 - 00000000 ____D C:\Users\signius\Downloads\Final Fantasy VII Advent Children COMPLETE
2012-04-17 11:45 - 2012-04-17 11:45 - 00022351 ____A C:\Users\signius\Downloads\7ecf05a95394915ccc49e94b24f5496bfc61b141 (1).zip
2012-04-17 11:45 - 2012-04-17 11:45 - 00022319 ____A C:\Users\signius\Downloads\0db147f09afd35e50e3b4c33e6882fd5044ecd76.zip
2012-04-17 11:45 - 2012-04-17 11:45 - 00020493 ____A C:\Users\signius\Downloads\9d09e75807a8241f473169a95017a6db5c5ef99a.zip
2012-04-17 11:37 - 2012-04-17 11:36 - 00022351 ____A C:\Users\signius\Downloads\7ecf05a95394915ccc49e94b24f5496bfc61b141.zip
2012-04-17 06:56 - 2012-04-17 06:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{52BB3E7C-9D5D-46D8-91C2-6A6A96032953}
2012-04-17 06:56 - 2012-04-17 06:56 - 00000000 ____D C:\Users\signius\Local Settings\{52BB3E7C-9D5D-46D8-91C2-6A6A96032953}
2012-04-17 06:56 - 2012-04-17 06:56 - 00000000 ____D C:\Users\signius\AppData\Local\{52BB3E7C-9D5D-46D8-91C2-6A6A96032953}
2012-04-16 18:56 - 2012-04-16 18:56 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{133388D9-7E99-4979-B138-654568C3792E}
2012-04-16 18:56 - 2012-04-16 18:56 - 00000000 ____D C:\Users\signius\Local Settings\{133388D9-7E99-4979-B138-654568C3792E}
2012-04-16 18:56 - 2012-04-16 18:56 - 00000000 ____D C:\Users\signius\AppData\Local\{133388D9-7E99-4979-B138-654568C3792E}
2012-04-16 18:56 - 2012-04-16 18:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{08D6C941-2247-4FAD-B761-F804EBEAFF5D}
2012-04-16 18:56 - 2012-04-16 18:54 - 00000000 ____D C:\Users\signius\Local Settings\{08D6C941-2247-4FAD-B761-F804EBEAFF5D}
2012-04-16 18:56 - 2012-04-16 18:54 - 00000000 ____D C:\Users\signius\AppData\Local\{08D6C941-2247-4FAD-B761-F804EBEAFF5D}
2012-04-16 06:54 - 2012-04-16 06:53 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7A366D21-1B63-463F-B616-10869AA6064D}
2012-04-16 06:54 - 2012-04-16 06:53 - 00000000 ____D C:\Users\signius\Local Settings\{7A366D21-1B63-463F-B616-10869AA6064D}
2012-04-16 06:54 - 2012-04-16 06:53 - 00000000 ____D C:\Users\signius\AppData\Local\{7A366D21-1B63-463F-B616-10869AA6064D}
2012-04-16 06:53 - 2012-04-16 06:53 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{783A512E-B737-4125-BBF4-9AF6FED51BAB}
2012-04-16 06:53 - 2012-04-16 06:53 - 00000000 ____D C:\Users\signius\Local Settings\{783A512E-B737-4125-BBF4-9AF6FED51BAB}
2012-04-16 06:53 - 2012-04-16 06:53 - 00000000 ____D C:\Users\signius\AppData\Local\{783A512E-B737-4125-BBF4-9AF6FED51BAB}
2012-04-15 18:53 - 2012-04-15 18:53 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B7CF9F57-4F83-42CD-870F-6DD209484089}
2012-04-15 18:53 - 2012-04-15 18:53 - 00000000 ____D C:\Users\signius\Local Settings\{B7CF9F57-4F83-42CD-870F-6DD209484089}
2012-04-15 18:53 - 2012-04-15 18:53 - 00000000 ____D C:\Users\signius\AppData\Local\{B7CF9F57-4F83-42CD-870F-6DD209484089}
2012-04-15 18:53 - 2012-04-15 18:52 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{FD2BAEF5-7128-43A2-ABE7-E7ACAB9FE336}
2012-04-15 18:53 - 2012-04-15 18:52 - 00000000 ____D C:\Users\signius\Local Settings\{FD2BAEF5-7128-43A2-ABE7-E7ACAB9FE336}
2012-04-15 18:53 - 2012-04-15 18:52 - 00000000 ____D C:\Users\signius\AppData\Local\{FD2BAEF5-7128-43A2-ABE7-E7ACAB9FE336}
2012-04-15 18:51 - 2012-04-15 18:51 - 00000000 ____D C:\Windows\en
2012-04-15 18:48 - 2012-04-15 18:48 - 00000000 ____D C:\Program Files\Windows Live
2012-04-15 18:48 - 2011-02-23 15:00 - 00000000 ____D C:\Program Files (x86)\Windows Live
2012-04-15 18:47 - 2010-12-30 04:00 - 00188631 ____A C:\Windows\DirectX.log
2012-04-15 04:07 - 2012-04-30 21:02 - 00361706 ____A C:\Users\signius\Desktop\BPSD Overview.pptx
2012-04-14 14:55 - 2011-02-05 16:24 - 00000000 ____D C:\Program Files\Warcraft III
2012-04-14 05:56 - 2011-11-26 02:12 - 00000156 ____A C:\Users\signius\Downloads\prepatch.log
2012-04-13 00:19 - 2012-04-13 00:17 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{49C98A62-EAA3-4571-BDC7-C2CA199D2DA2}
2012-04-13 00:19 - 2012-04-13 00:17 - 00000000 ____D C:\Users\signius\Local Settings\{49C98A62-EAA3-4571-BDC7-C2CA199D2DA2}
2012-04-13 00:19 - 2012-04-13 00:17 - 00000000 ____D C:\Users\signius\AppData\Local\{49C98A62-EAA3-4571-BDC7-C2CA199D2DA2}
2012-04-08 12:51 - 2012-04-08 09:28 - 86836564 ____A C:\Users\signius\Downloads\poll.rar
2012-04-08 03:30 - 2012-05-01 21:12 - 00000222 ____A C:\Users\signius\Downloads\Scenerls.org.txt
2012-04-08 03:17 - 2012-04-08 03:17 - 00000000 ____D C:\Users\signius\Downloads\Excel Tips
2012-04-08 02:56 - 2012-04-08 02:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{3693B0F5-5332-4E79-BE01-8817313D47E4}
2012-04-08 02:56 - 2012-04-08 02:55 - 00000000 ____D C:\Users\signius\Local Settings\{3693B0F5-5332-4E79-BE01-8817313D47E4}
2012-04-08 02:56 - 2012-04-08 02:55 - 00000000 ____D C:\Users\signius\AppData\Local\{3693B0F5-5332-4E79-BE01-8817313D47E4}
2012-04-07 14:55 - 2012-04-07 14:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{42EA2D18-7F4C-4089-8FC3-F0399DBAFC7B}
2012-04-07 14:55 - 2012-04-07 14:55 - 00000000 ____D C:\Users\signius\Local Settings\{42EA2D18-7F4C-4089-8FC3-F0399DBAFC7B}
2012-04-07 14:55 - 2012-04-07 14:55 - 00000000 ____D C:\Users\signius\AppData\Local\{42EA2D18-7F4C-4089-8FC3-F0399DBAFC7B}
2012-04-07 07:31 - 2012-06-14 05:57 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-04-07 06:46 - 2012-04-05 10:02 - 00000000 ____D C:\Program Files (x86)\Final Fantasy VII
2012-04-07 06:26 - 2012-06-14 05:56 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-04-07 02:55 - 2012-04-07 02:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B86987A3-5E33-40AF-B67E-D391CF842E57}
2012-04-07 02:55 - 2012-04-07 02:55 - 00000000 ____D C:\Users\signius\Local Settings\{B86987A3-5E33-40AF-B67E-D391CF842E57}
2012-04-07 02:55 - 2012-04-07 02:55 - 00000000 ____D C:\Users\signius\AppData\Local\{B86987A3-5E33-40AF-B67E-D391CF842E57}
2012-04-06 14:55 - 2012-04-06 14:55 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{BB627C0B-6876-4B84-AC44-113583B65869}
2012-04-06 14:55 - 2012-04-06 14:55 - 00000000 ____D C:\Users\signius\Local Settings\{BB627C0B-6876-4B84-AC44-113583B65869}
2012-04-06 14:55 - 2012-04-06 14:55 - 00000000 ____D C:\Users\signius\AppData\Local\{BB627C0B-6876-4B84-AC44-113583B65869}
2012-04-06 02:55 - 2012-04-06 02:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{895B7A45-83FA-473B-A113-961C1EEFFC14}
2012-04-06 02:55 - 2012-04-06 02:54 - 00000000 ____D C:\Users\signius\Local Settings\{895B7A45-83FA-473B-A113-961C1EEFFC14}
2012-04-06 02:55 - 2012-04-06 02:54 - 00000000 ____D C:\Users\signius\AppData\Local\{895B7A45-83FA-473B-A113-961C1EEFFC14}
2012-04-05 20:52 - 2012-04-05 20:52 - 00000483 ____A C:\Users\signius\Downloads\ff7input.zip
2012-04-05 14:54 - 2012-04-05 14:54 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4E20BC28-EFFF-4AF8-9A86-BFB25CB2325B}
2012-04-05 14:54 - 2012-04-05 14:54 - 00000000 ____D C:\Users\signius\Local Settings\{4E20BC28-EFFF-4AF8-9A86-BFB25CB2325B}
2012-04-05 14:54 - 2012-04-05 14:54 - 00000000 ____D C:\Users\signius\AppData\Local\{4E20BC28-EFFF-4AF8-9A86-BFB25CB2325B}
2012-04-05 09:03 - 2012-04-05 09:03 - 00073304 ____A C:\Users\signius\Desktop\Intern_Information_Sessions_Schedule_2012_v4-4-12.pdf
2012-04-05 09:01 - 2012-04-05 09:01 - 00053138 ____A C:\Users\signius\Desktop\Intern_Match_-_Important_Dates_FINAL_2012_v2.pdf
2012-04-05 02:54 - 2012-04-05 02:53 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{200D3EC3-3DC5-4505-83B5-522E67BAC16B}
2012-04-05 02:54 - 2012-04-05 02:53 - 00000000 ____D C:\Users\signius\Local Settings\{200D3EC3-3DC5-4505-83B5-522E67BAC16B}
2012-04-05 02:54 - 2012-04-05 02:53 - 00000000 ____D C:\Users\signius\AppData\Local\{200D3EC3-3DC5-4505-83B5-522E67BAC16B}
2012-04-04 14:40 - 2012-04-04 14:40 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{35957ADD-6C30-423C-92D1-3302A7904D8D}
2012-04-04 14:40 - 2012-04-04 14:40 - 00000000 ____D C:\Users\signius\Local Settings\{35957ADD-6C30-423C-92D1-3302A7904D8D}
2012-04-04 14:40 - 2012-04-04 14:40 - 00000000 ____D C:\Users\signius\AppData\Local\{35957ADD-6C30-423C-92D1-3302A7904D8D}
2012-04-04 02:40 - 2012-04-04 02:40 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7B84B514-B3E6-4FCF-8082-2500E963C76C}
2012-04-04 02:40 - 2012-04-04 02:40 - 00000000 ____D C:\Users\signius\Local Settings\{7B84B514-B3E6-4FCF-8082-2500E963C76C}
2012-04-04 02:40 - 2012-04-04 02:40 - 00000000 ____D C:\Users\signius\AppData\Local\{7B84B514-B3E6-4FCF-8082-2500E963C76C}
2012-04-04 00:56 - 2012-06-12 22:03 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-03 14:40 - 2012-04-03 14:39 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C12DA2AC-6452-4E2A-AA19-18A50C3B58FC}
2012-04-03 14:40 - 2012-04-03 14:39 - 00000000 ____D C:\Users\signius\Local Settings\{C12DA2AC-6452-4E2A-AA19-18A50C3B58FC}
2012-04-03 14:40 - 2012-04-03 14:39 - 00000000 ____D C:\Users\signius\AppData\Local\{C12DA2AC-6452-4E2A-AA19-18A50C3B58FC}
2012-04-03 04:59 - 2012-03-20 01:42 - 00000000 ____D C:\Users\signius\Desktop\ICU
2012-04-03 02:40 - 2012-04-03 02:40 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{31772A6E-8D3A-44C6-9749-D1DA6D7B60F6}
2012-04-03 02:40 - 2012-04-03 02:40 - 00000000 ____D C:\Users\signius\Local Settings\{31772A6E-8D3A-44C6-9749-D1DA6D7B60F6}
2012-04-03 02:40 - 2012-04-03 02:40 - 00000000 ____D C:\Users\signius\AppData\Local\{31772A6E-8D3A-44C6-9749-D1DA6D7B60F6}
2012-04-02 13:36 - 2012-04-02 13:36 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{BE95CCA7-700F-4781-A7E1-1129B5E888F0}
2012-04-02 13:36 - 2012-04-02 13:36 - 00000000 ____D C:\Users\signius\Local Settings\{BE95CCA7-700F-4781-A7E1-1129B5E888F0}
2012-04-02 13:36 - 2012-04-02 13:36 - 00000000 ____D C:\Users\signius\AppData\Local\{BE95CCA7-700F-4781-A7E1-1129B5E888F0}
2012-04-02 01:36 - 2012-04-02 01:36 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{36A97983-0912-4C79-8338-B94F9B2F9C54}
2012-04-02 01:36 - 2012-04-02 01:36 - 00000000 ____D C:\Users\signius\Local Settings\{36A97983-0912-4C79-8338-B94F9B2F9C54}
2012-04-02 01:36 - 2012-04-02 01:36 - 00000000 ____D C:\Users\signius\AppData\Local\{36A97983-0912-4C79-8338-B94F9B2F9C54}
2012-04-02 01:30 - 2012-04-02 01:30 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{697A14BE-AC03-4D3B-BC0A-D477DE214438}
2012-04-02 01:30 - 2012-04-02 01:30 - 00000000 ____D C:\Users\signius\Local Settings\{697A14BE-AC03-4D3B-BC0A-D477DE214438}
2012-04-02 01:30 - 2012-04-02 01:30 - 00000000 ____D C:\Users\signius\AppData\Local\{697A14BE-AC03-4D3B-BC0A-D477DE214438}
2012-04-01 11:23 - 2012-04-01 11:23 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7C61255E-5CAE-4E07-B14F-34EDB4C52373}
2012-04-01 11:23 - 2012-04-01 11:23 - 00000000 ____D C:\Users\signius\Local Settings\{7C61255E-5CAE-4E07-B14F-34EDB4C52373}
2012-04-01 11:23 - 2012-04-01 11:23 - 00000000 ____D C:\Users\signius\AppData\Local\{7C61255E-5CAE-4E07-B14F-34EDB4C52373}
2012-03-31 23:23 - 2012-03-31 23:23 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{907589D9-61C0-4738-BCC1-9F2834B63A4A}
2012-03-31 23:23 - 2012-03-31 23:23 - 00000000 ____D C:\Users\signius\Local Settings\{907589D9-61C0-4738-BCC1-9F2834B63A4A}
2012-03-31 23:23 - 2012-03-31 23:23 - 00000000 ____D C:\Users\signius\AppData\Local\{907589D9-61C0-4738-BCC1-9F2834B63A4A}
2012-03-31 11:23 - 2012-03-31 11:22 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{7A79C253-6D04-4EC7-B99A-7EA65DFC27FA}
2012-03-31 11:23 - 2012-03-31 11:22 - 00000000 ____D C:\Users\signius\Local Settings\{7A79C253-6D04-4EC7-B99A-7EA65DFC27FA}
2012-03-31 11:23 - 2012-03-31 11:22 - 00000000 ____D C:\Users\signius\AppData\Local\{7A79C253-6D04-4EC7-B99A-7EA65DFC27FA}
2012-03-31 03:42 - 2012-03-30 08:30 - 366499925 ____A C:\Users\signius\Downloads\Castle.2009.S04E19.HDTV.XviD-2HD.rar
2012-03-30 23:23 - 2012-03-30 23:23 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{0DA97745-D3BF-493E-8587-C22ADF02B07C}
2012-03-30 23:23 - 2012-03-30 23:23 - 00000000 ____D C:\Users\signius\Local Settings\{0DA97745-D3BF-493E-8587-C22ADF02B07C}
2012-03-30 23:23 - 2012-03-30 23:23 - 00000000 ____D C:\Users\signius\AppData\Local\{0DA97745-D3BF-493E-8587-C22ADF02B07C}
2012-03-30 06:35 - 2012-05-09 11:57 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-30 02:46 - 2012-03-30 02:45 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{080F07CC-5188-4B59-B4DA-075B31F4ECB5}
2012-03-30 02:46 - 2012-03-30 02:45 - 00000000 ____D C:\Users\signius\Local Settings\{080F07CC-5188-4B59-B4DA-075B31F4ECB5}
2012-03-30 02:46 - 2012-03-30 02:45 - 00000000 ____D C:\Users\signius\AppData\Local\{080F07CC-5188-4B59-B4DA-075B31F4ECB5}
2012-03-29 12:40 - 2012-03-29 10:47 - 00021325 ____A C:\Users\signius\Downloads\Starcraft Corsair vs. Scout DT rush.xlsx
2012-03-29 09:45 - 2012-03-29 09:44 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{2A53E577-1A42-4EC0-B45A-DBDF93402555}
2012-03-29 09:45 - 2012-03-29 09:44 - 00000000 ____D C:\Users\signius\Local Settings\{2A53E577-1A42-4EC0-B45A-DBDF93402555}
2012-03-29 09:45 - 2012-03-29 09:44 - 00000000 ____D C:\Users\signius\AppData\Local\{2A53E577-1A42-4EC0-B45A-DBDF93402555}
2012-03-28 21:44 - 2012-03-28 21:44 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{146E8B27-CABC-4908-A820-B394A6F5DB1E}
2012-03-28 21:44 - 2012-03-28 21:44 - 00000000 ____D C:\Users\signius\Local Settings\{146E8B27-CABC-4908-A820-B394A6F5DB1E}
2012-03-28 21:44 - 2012-03-28 21:44 - 00000000 ____D C:\Users\signius\AppData\Local\{146E8B27-CABC-4908-A820-B394A6F5DB1E}
2012-03-28 09:44 - 2012-03-28 09:44 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{CC57636E-6AA9-46AE-8B28-005C254C358E}
2012-03-28 09:44 - 2012-03-28 09:44 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{50D35052-40F0-4DE4-ADF3-B7F806B7FF9C}
2012-03-28 09:44 - 2012-03-28 09:44 - 00000000 ____D C:\Users\signius\Local Settings\{CC57636E-6AA9-46AE-8B28-005C254C358E}
2012-03-28 09:44 - 2012-03-28 09:44 - 00000000 ____D C:\Users\signius\Local Settings\{50D35052-40F0-4DE4-ADF3-B7F806B7FF9C}
2012-03-28 09:44 - 2012-03-28 09:44 - 00000000 ____D C:\Users\signius\AppData\Local\{CC57636E-6AA9-46AE-8B28-005C254C358E}
2012-03-28 09:44 - 2012-03-28 09:44 - 00000000 ____D C:\Users\signius\AppData\Local\{50D35052-40F0-4DE4-ADF3-B7F806B7FF9C}
2012-03-27 21:44 - 2012-03-27 21:44 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{0F7BE766-98E3-4791-9420-23449A16299A}
2012-03-27 21:44 - 2012-03-27 21:44 - 00000000 ____D C:\Users\signius\Local Settings\{0F7BE766-98E3-4791-9420-23449A16299A}
2012-03-27 21:44 - 2012-03-27 21:44 - 00000000 ____D C:\Users\signius\AppData\Local\{0F7BE766-98E3-4791-9420-23449A16299A}
2012-03-27 01:29 - 2012-03-27 01:29 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{B6C8EE08-3AEC-4BAD-A5EE-9BE78E794133}
2012-03-27 01:29 - 2012-03-27 01:29 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{726C4287-4E5A-42DF-A5FC-DC97ED2845A6}
2012-03-27 01:29 - 2012-03-27 01:29 - 00000000 ____D C:\Users\signius\Local Settings\{B6C8EE08-3AEC-4BAD-A5EE-9BE78E794133}
2012-03-27 01:29 - 2012-03-27 01:29 - 00000000 ____D C:\Users\signius\Local Settings\{726C4287-4E5A-42DF-A5FC-DC97ED2845A6}
2012-03-27 01:29 - 2012-03-27 01:29 - 00000000 ____D C:\Users\signius\AppData\Local\{B6C8EE08-3AEC-4BAD-A5EE-9BE78E794133}
2012-03-27 01:29 - 2012-03-27 01:29 - 00000000 ____D C:\Users\signius\AppData\Local\{726C4287-4E5A-42DF-A5FC-DC97ED2845A6}
2012-03-26 13:29 - 2012-03-26 13:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{1752A130-9713-41B9-9DD4-429D63F4CF79}
2012-03-26 13:29 - 2012-03-26 13:28 - 00000000 ____D C:\Users\signius\Local Settings\{1752A130-9713-41B9-9DD4-429D63F4CF79}
2012-03-26 13:29 - 2012-03-26 13:28 - 00000000 ____D C:\Users\signius\AppData\Local\{1752A130-9713-41B9-9DD4-429D63F4CF79}
2012-03-26 13:28 - 2012-03-26 13:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{C1A08D41-5ECF-47F2-85FA-CE07201B762A}
2012-03-26 13:28 - 2012-03-26 13:28 - 00000000 ____D C:\Users\signius\Local Settings\{C1A08D41-5ECF-47F2-85FA-CE07201B762A}
2012-03-26 13:28 - 2012-03-26 13:28 - 00000000 ____D C:\Users\signius\AppData\Local\{C1A08D41-5ECF-47F2-85FA-CE07201B762A}
2012-03-26 01:28 - 2012-03-26 01:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{F2ADE0EF-6154-4B43-925E-AD13DC02E020}
2012-03-26 01:28 - 2012-03-26 01:28 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{E805FCF3-9D3B-4DE1-9426-885240EC9A7C}
2012-03-26 01:28 - 2012-03-26 01:28 - 00000000 ____D C:\Users\signius\Local Settings\{F2ADE0EF-6154-4B43-925E-AD13DC02E020}
2012-03-26 01:28 - 2012-03-26 01:28 - 00000000 ____D C:\Users\signius\Local Settings\{E805FCF3-9D3B-4DE1-9426-885240EC9A7C}
2012-03-26 01:28 - 2012-03-26 01:28 - 00000000 ____D C:\Users\signius\AppData\Local\{F2ADE0EF-6154-4B43-925E-AD13DC02E020}
2012-03-26 01:28 - 2012-03-26 01:28 - 00000000 ____D C:\Users\signius\AppData\Local\{E805FCF3-9D3B-4DE1-9426-885240EC9A7C}
2012-03-25 09:52 - 2012-03-25 09:52 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{99144577-8EF7-4041-8EF5-4C6013321F75}
2012-03-25 09:52 - 2012-03-25 09:52 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4E69DF08-EC7B-4856-AC04-DDA908B39709}
2012-03-25 09:52 - 2012-03-25 09:52 - 00000000 ____D C:\Users\signius\Local Settings\{99144577-8EF7-4041-8EF5-4C6013321F75}
2012-03-25 09:52 - 2012-03-25 09:52 - 00000000 ____D C:\Users\signius\Local Settings\{4E69DF08-EC7B-4856-AC04-DDA908B39709}
2012-03-25 09:52 - 2012-03-25 09:52 - 00000000 ____D C:\Users\signius\AppData\Local\{99144577-8EF7-4041-8EF5-4C6013321F75}
2012-03-25 09:52 - 2012-03-25 09:52 - 00000000 ____D C:\Users\signius\AppData\Local\{4E69DF08-EC7B-4856-AC04-DDA908B39709}
2012-03-24 21:52 - 2012-03-24 21:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{DB2BEE3F-F273-4456-94A1-1348DB80AE9F}
2012-03-24 21:52 - 2012-03-24 21:51 - 00000000 ____D C:\Users\signius\Local Settings\{DB2BEE3F-F273-4456-94A1-1348DB80AE9F}
2012-03-24 21:52 - 2012-03-24 21:51 - 00000000 ____D C:\Users\signius\AppData\Local\{DB2BEE3F-F273-4456-94A1-1348DB80AE9F}
2012-03-24 21:51 - 2012-03-24 21:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{164837E0-835C-481A-8D3E-81DF7B27B8A4}
2012-03-24 21:51 - 2012-03-24 21:51 - 00000000 ____D C:\Users\signius\Local Settings\{164837E0-835C-481A-8D3E-81DF7B27B8A4}
2012-03-24 21:51 - 2012-03-24 21:51 - 00000000 ____D C:\Users\signius\AppData\Local\{164837E0-835C-481A-8D3E-81DF7B27B8A4}
2012-03-24 10:12 - 2012-03-24 10:11 - 00000000 ____D C:\Users\signius\Desktop\Produkey x64
2012-03-24 10:10 - 2012-03-24 10:10 - 00064813 ____A C:\Users\signius\Downloads\produkey-x64.zip
2012-03-24 08:51 - 2012-03-24 08:51 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{372E8BE2-C52A-43BC-B6EC-EA153B32AC00}
2012-03-24 08:51 - 2012-03-24 08:51 - 00000000 ____D C:\Users\signius\Local Settings\{372E8BE2-C52A-43BC-B6EC-EA153B32AC00}
2012-03-24 08:51 - 2012-03-24 08:51 - 00000000 ____D C:\Users\signius\AppData\Local\{372E8BE2-C52A-43BC-B6EC-EA153B32AC00}
2012-03-24 08:51 - 2012-03-24 08:50 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{BCC3E315-EFFB-4760-9AD6-E7A7087E2FE1}
2012-03-24 08:51 - 2012-03-24 08:50 - 00000000 ____D C:\Users\signius\Local Settings\{BCC3E315-EFFB-4760-9AD6-E7A7087E2FE1}
2012-03-24 08:51 - 2012-03-24 08:50 - 00000000 ____D C:\Users\signius\AppData\Local\{BCC3E315-EFFB-4760-9AD6-E7A7087E2FE1}
2012-03-23 20:50 - 2012-03-23 20:50 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{DC2E8DFB-D0E0-4002-8F1F-DBFE04484B65}
2012-03-23 20:50 - 2012-03-23 20:50 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{599B6C12-2BEE-400A-B04D-FEC6CE4029AA}
2012-03-23 20:50 - 2012-03-23 20:50 - 00000000 ____D C:\Users\signius\Local Settings\{DC2E8DFB-D0E0-4002-8F1F-DBFE04484B65}
2012-03-23 20:50 - 2012-03-23 20:50 - 00000000 ____D C:\Users\signius\Local Settings\{599B6C12-2BEE-400A-B04D-FEC6CE4029AA}
2012-03-23 20:50 - 2012-03-23 20:50 - 00000000 ____D C:\Users\signius\AppData\Local\{DC2E8DFB-D0E0-4002-8F1F-DBFE04484B65}
2012-03-23 20:50 - 2012-03-23 20:50 - 00000000 ____D C:\Users\signius\AppData\Local\{599B6C12-2BEE-400A-B04D-FEC6CE4029AA}
2012-03-23 06:57 - 2012-03-23 06:58 - 00080114 ____A C:\Users\signius\Downloads\Lock crack.gif
2012-03-23 03:36 - 2012-03-23 03:35 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4AADE1DA-B808-4FBA-9692-D2D6D94B3C3B}
2012-03-23 03:36 - 2012-03-23 03:35 - 00000000 ____D C:\Users\signius\Local Settings\{4AADE1DA-B808-4FBA-9692-D2D6D94B3C3B}
2012-03-23 03:36 - 2012-03-23 03:35 - 00000000 ____D C:\Users\signius\AppData\Local\{4AADE1DA-B808-4FBA-9692-D2D6D94B3C3B}
2012-03-23 03:35 - 2012-03-23 03:35 - 00000000 ____D C:\Users\signius\Local Settings\Application Data\{4651838B-18E0-4BD4-AB1A-F717F5DAC694}
2012-03-23 03:35 - 2012-03-23 03:35 - 00000000 ____D C:\Users\signius\Local Settings\{4651838B-18E0-4BD4-AB1A-F717F5DAC694}
2012-03-23 03:35 - 2012-03-23 03:35 - 00000000 ____D C:\Users\signius\AppData\Local\{4651838B-18E0-4BD4-AB1A-F717F5DAC694}

ZeroAccess:
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U

ZeroAccess:
C:\Users\signius\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}
C:\Users\signius\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@
C:\Users\signius\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L
C:\Users\signius\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 16%
Total physical RAM: 3958.69 MB
Available physical RAM: 3288.31 MB
Total Pagefile: 3956.84 MB
Available Pagefile: 3284.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:44.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
3 Drive e: (Recovery) (Fixed) (Total:14.65 GB) (Free:8.44 GB) NTFS
5 Drive g: (NANO) (Removable) (Total:7.46 GB) (Free:1.01 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 7644 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 100 MB 1024 KB
Partition 2 Primary 14 GB 101 MB
Partition 3 Primary 283 GB 14 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 DELLUTILITY FAT Partition 100 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 E Recovery NTFS Partition 14 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 283 GB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7640 MB 4032 KB

======================================================================================================

Disk: 2
Partition 1
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G NANO FAT32 Removable 7640 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-06-17 09:55

======================= End Of Log ==========================

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:09 PM

Posted 20 June 2012 - 07:40 AM

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
C:\Windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}
C:\Users\signius\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Raebo

Raebo
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 21 June 2012 - 02:05 AM

Is it possible to run it in safe mode? Tried it in normal mode, and the computer crashed before it could output a log.

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:09 PM

Posted 21 June 2012 - 02:26 AM

yes go ahead and try in safe mode


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Raebo

Raebo
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 21 June 2012 - 08:50 AM

ComboFix 12-06-16.02 - signius 6/2012 Thu 12:47:46.4.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.936.86.1033.18.3959.2582 [GMT 10:00]
执行位置: c:\users\signius\Desktop\ComboFix.exe
Command switches used :: c:\users\signius\Desktop\CFScript.txt
AV: Lavasoft Ad-Aware *Enabled/Outdated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: Lavasoft Ad-Aware *Enabled/Outdated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* 成功创造新还原点
.
.
((((((((((((((((((((((((((((((((((((((( 被删除的档案 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- 早前运行的结果 -------
.
c:\users\signius\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@
.
.
((((((((((((((((((((((((( 2012-05-21 至 2012-06-21 的新的档案 )))))))))))))))))))))))))))))))
.
.
2012-06-21 02:56 . 2012-06-21 02:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-20 15:49 . 2012-06-20 15:51 -------- d-----w- C:\FRST
2012-06-17 21:12 . 2012-06-17 21:12 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-06-17 19:54 . 2012-06-17 19:54 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-06-17 01:56 . 2012-06-17 01:56 100864 ----a-w- C:\pftirfog.sys
2012-06-15 06:08 . 2012-06-15 06:08 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-06-14 12:47 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 12:47 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 12:47 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 12:47 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 12:46 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 12:46 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-14 12:46 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 12:46 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-14 12:46 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-14 12:46 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-14 11:04 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-14 11:03 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-14 11:03 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-14 11:01 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 10:59 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-14 10:57 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-14 10:56 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-13 03:09 . 2012-06-13 03:09 -------- d-----w- c:\users\signius\AppData\Roaming\McAfee
2012-06-13 03:04 . 2012-06-13 03:04 -------- d-----w- c:\users\signius\AppData\Roaming\Malwarebytes
2012-06-13 03:03 . 2012-06-13 03:03 -------- d-----w- c:\programdata\Malwarebytes
2012-06-13 03:03 . 2012-04-04 05:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-13 03:03 . 2012-06-13 03:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-13 01:49 . 2012-06-13 02:21 -------- d-----w- c:\users\signius\AppData\Local\adaware
2012-06-13 01:49 . 2012-06-13 01:49 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-06-13 01:49 . 2011-12-19 02:44 60536 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-06-13 01:49 . 2011-12-19 02:44 256632 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-06-13 01:49 . 2011-09-29 02:16 119416 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-06-13 01:49 . 2011-12-19 03:21 45936 ----a-w- c:\windows\system32\sbbd.exe
2012-06-13 01:49 . 2011-10-26 04:23 57976 ----a-w- c:\windows\system32\drivers\sbredrv.sys
2012-06-13 01:48 . 2012-06-14 07:26 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
2012-06-13 01:48 . 2012-06-13 01:48 -------- d-----w- c:\programdata\Lavasoft
2012-06-12 19:55 . 2012-06-12 20:21 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-06-12 19:55 . 2012-06-12 19:57 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-06-12 19:47 . 2012-06-13 03:07 -------- d-----w- c:\users\signius\AppData\Roaming\Ad-Aware Antivirus
2012-06-12 19:32 . 2012-06-12 19:32 -------- d-----w- c:\windows\AutoKMS
2012-06-12 18:42 . 2012-06-12 19:50 -------- d-----w- C:\sh4ldr
2012-06-12 18:42 . 2012-06-12 18:42 -------- d-----w- c:\program files\Enigma Software Group
2012-06-12 18:41 . 2012-06-12 19:50 -------- d-----w- c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-12 18:41 . 2012-06-12 18:41 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-06-12 18:27 . 2012-06-12 18:27 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-12 18:27 . 2012-06-12 18:27 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-12 18:27 . 2012-06-12 18:27 -------- d-----w- c:\windows\system32\Macromed
2012-06-12 18:00 . 2012-06-12 18:00 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
.
.
.
(((((((((((((((((((((((((((((((((((((((( 在三个月内被修改的档案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-24 11:45 . 2011-02-13 13:29 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-18 10:56 . 2012-04-18 10:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 10:56 . 2012-04-18 10:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-03-30 11:35 . 2012-05-09 16:57 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-17_08.33.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-20 07:44 . 2012-06-20 07:44 13271 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-06-15 05:31 . 2012-06-15 05:31 13271 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2012-06-17 19:54 . 2012-06-18 07:58 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2009-04-29 12:31 . 2012-06-20 20:50 56532 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-20 21:07 37638 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-05 20:59 . 2012-06-20 21:07 13464 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2696381077-3989773151-1297001512-1000_UserData.bin
- 2012-06-17 23:29 . 2012-06-17 07:14 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat
+ 2012-06-17 23:29 . 2012-06-18 17:27 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat
+ 2009-07-14 04:46 . 2012-06-19 11:06 96016 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-06-18 06:16 . 2012-06-18 06:16 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-18 06:15 . 2012-06-18 06:15 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-06-18 06:15 . 2012-06-18 06:15 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-06-18 06:17 . 2012-06-18 06:17 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-18 06:16 . 2012-06-18 06:16 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-18 06:16 . 2012-06-18 06:16 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-06-18 06:04 . 2012-06-18 06:04 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-06-18 06:09 . 2012-06-18 06:09 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-06-18 06:03 . 2012-06-18 06:03 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-18 06:03 . 2012-06-18 06:03 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-06-18 06:02 . 2012-06-18 06:02 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-06-18 05:56 . 2012-06-18 05:56 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-18 06:01 . 2012-06-18 06:01 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-06-18 06:00 . 2012-06-18 06:00 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-06-18 06:06 . 2012-06-18 06:06 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-06-18 06:06 . 2012-06-18 06:06 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-18 05:55 . 2012-06-18 05:55 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-05-13 01:43 . 2012-05-13 01:43 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-18 06:04 . 2012-06-18 06:04 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-18 05:54 . 2012-06-18 05:54 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-06-18 05:51 . 2012-06-18 05:51 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-18 05:54 . 2012-06-18 05:54 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-18 05:27 . 2012-06-18 05:27 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-18 05:30 . 2012-06-18 05:30 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-12 18:04 . 2012-06-18 08:03 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2012-06-12 18:04 . 2012-06-18 08:04 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
+ 2012-06-12 18:04 . 2012-06-18 08:03 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-03-25 00:23 . 2010-03-25 00:23 31648 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\SOCIALPROVIDER.DLL
+ 2010-03-22 11:30 . 2010-03-22 11:30 40296 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\RECALL.DLL
+ 2010-03-23 00:57 . 2010-03-23 00:57 43352 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OUTLRPC.DLL
+ 2010-03-23 00:57 . 2010-03-23 00:57 30560 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OUTLACCT.DLL
+ 2010-03-22 11:30 . 2010-03-22 11:30 20864 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MLSHEXT.DLL
+ 2010-03-22 11:29 . 2010-03-22 11:29 87408 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\DLGSETP.DLL
+ 2012-06-18 03:05 . 2012-06-18 03:05 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\9c64ecb6b01e37720f4c0bbce38b2aa9\System.Web.DynamicData.Design.ni.dll
+ 2010-12-30 09:27 . 2012-06-20 07:44 4647 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2010-12-30 09:27 . 2012-06-13 11:26 4647 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2012-06-17 08:33 . 2012-06-17 08:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-21 02:56 . 2012-06-21 03:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-17 08:33 . 2012-06-17 08:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-21 02:56 . 2012-06-21 03:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-03-12 15:01 . 2010-03-12 15:01 9592 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\XLCALL32.DLL
+ 2011-02-05 20:27 . 2012-06-17 11:55 428704 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
- 2009-07-14 02:36 . 2012-06-17 06:57 621156 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-21 03:10 621156 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-17 06:57 111086 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-06-21 03:10 111086 c:\windows\system32\perfc009.dat
- 2009-07-14 04:45 . 2012-06-13 01:26 487488 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2012-06-18 08:48 487488 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:12 . 2012-06-20 21:14 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-06-17 02:00 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-02-05 03:32 . 2012-06-21 02:35 196608 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-05 03:32 . 2012-06-17 06:46 196608 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 05:01 . 2012-06-20 07:44 471924 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-06-13 11:26 471924 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-04-21 01:03 . 2012-04-21 01:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
- 2012-04-12 10:27 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-06-14 10:54 . 2012-04-23 22:33 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-04-21 01:03 . 2012-04-21 01:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2012-06-14 10:54 . 2012-04-23 22:35 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-04-12 10:27 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-06-18 06:15 . 2012-06-18 06:15 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-18 06:14 . 2012-06-18 06:14 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-06-18 06:04 . 2012-06-18 06:04 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-06-18 06:11 . 2012-06-18 06:11 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-06-18 06:11 . 2012-06-18 06:11 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-06-18 06:12 . 2012-06-18 06:12 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-18 05:59 . 2012-06-18 05:59 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-06-18 06:10 . 2012-06-18 06:10 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-06-18 06:10 . 2012-06-18 06:10 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-06-18 06:09 . 2012-06-18 06:09 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-18 05:59 . 2012-06-18 05:59 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-18 06:10 . 2012-06-18 06:10 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-18 06:11 . 2012-06-18 06:11 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-06-18 06:08 . 2012-06-18 06:08 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-06-18 06:03 . 2012-06-18 06:03 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-06-18 06:10 . 2012-06-18 06:10 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-06-18 05:58 . 2012-06-18 05:58 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-06-18 06:03 . 2012-06-18 06:03 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-06-18 06:08 . 2012-06-18 06:08 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-06-18 06:07 . 2012-06-18 06:07 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-06-18 06:08 . 2012-06-18 06:08 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-06-18 05:54 . 2012-06-18 05:54 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-18 05:58 . 2012-06-18 05:58 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-18 05:57 . 2012-06-18 05:57 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-18 05:58 . 2012-06-18 05:58 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-18 05:57 . 2012-06-18 05:57 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-18 05:57 . 2012-06-18 05:57 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-06-18 05:57 . 2012-06-18 05:57 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-06-18 06:02 . 2012-06-18 06:02 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-06-18 06:02 . 2012-06-18 06:02 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-18 05:56 . 2012-06-18 05:56 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-18 06:01 . 2012-06-18 06:01 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-18 06:01 . 2012-06-18 06:01 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-18 06:07 . 2012-06-18 06:07 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-18 06:06 . 2012-06-18 06:06 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-18 05:55 . 2012-06-18 05:55 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-18 06:15 . 2012-06-18 06:15 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-06-18 06:14 . 2012-06-18 06:14 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-06-18 06:14 . 2012-06-18 06:14 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-06-18 06:13 . 2012-06-18 06:13 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-06-18 06:13 . 2012-06-18 06:13 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-06-18 06:13 . 2012-06-18 06:13 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-06-18 05:55 . 2012-06-18 05:55 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-18 06:05 . 2012-06-18 06:05 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-18 06:05 . 2012-06-18 06:05 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-06-18 05:55 . 2012-06-18 05:55 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-18 05:54 . 2012-06-18 05:54 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-06-18 06:11 . 2012-06-18 06:11 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-18 06:12 . 2012-06-18 06:12 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-18 05:53 . 2012-06-18 05:53 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-18 05:53 . 2012-06-18 05:53 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-18 06:05 . 2012-06-18 06:05 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-18 05:46 . 2012-06-18 05:46 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-18 05:47 . 2012-06-18 05:47 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-18 05:29 . 2012-06-18 05:29 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-18 05:28 . 2012-06-18 05:28 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-18 05:40 . 2012-06-18 05:40 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-10-26 13:23 . 2011-10-26 13:23 925696 c:\windows\Installer\5ea98b.msp
+ 2011-10-26 12:46 . 2011-10-26 12:46 794112 c:\windows\Installer\5ea956.msp
+ 2011-10-26 12:51 . 2011-10-26 12:51 592896 c:\windows\Installer\5ea940.msp
+ 2012-03-20 19:58 . 2012-03-20 19:58 133120 c:\windows\Installer\5ea867.msp
+ 2012-02-08 21:27 . 2012-02-08 21:27 206848 c:\windows\Installer\234769e.msp
+ 2011-06-19 13:33 . 2011-06-19 13:33 407552 c:\windows\Installer\209fd9e.msp
- 2012-06-12 18:10 . 2012-06-12 18:10 571232 c:\windows\Installer\{90140000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2012-06-17 21:23 . 2012-06-17 21:23 571232 c:\windows\Installer\{90140000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2012-06-12 18:04 . 2012-06-18 08:03 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2012-06-12 18:04 . 2012-06-18 08:04 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2012-06-12 18:04 . 2012-06-18 08:02 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2012-06-12 18:04 . 2012-06-18 08:05 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-02-27 17:13 . 2010-02-27 17:13 579968 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\VPREVIEW.EXE
+ 2010-02-27 16:18 . 2010-02-27 16:18 105344 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\TRANSMGR.DLL
+ 2010-03-25 00:23 . 2010-03-25 00:23 203632 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\SHAREPOINTPROVIDER.DLL
+ 2010-03-22 11:29 . 2010-03-22 11:29 340400 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\SCNPST64.DLL
+ 2010-03-22 11:30 . 2010-03-22 11:30 329640 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\SCNPST32.DLL
+ 2010-03-23 00:57 . 2010-03-23 00:57 415088 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\RTFHTML.DLL
+ 2010-03-22 11:30 . 2010-03-22 11:30 308584 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\PSTPRX32.DLL
+ 2010-03-23 00:57 . 2010-03-23 00:57 329104 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OUTLPH.DLL
+ 2010-03-22 11:30 . 2010-03-22 11:30 523656 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OUTLMIME.DLL
+ 2010-03-22 11:30 . 2010-03-22 11:30 122720 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OUTLCTL.DLL
+ 2010-02-27 18:41 . 2010-02-27 18:41 615800 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONWORDADDIN.DLL
+ 2010-02-27 18:41 . 2010-02-27 18:41 560512 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONPPTADDIN.DLL
+ 2010-03-29 10:26 . 2010-03-29 10:26 140144 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONENOTEMANAGED.DLL
+ 2010-03-29 10:26 . 2010-03-29 10:26 227712 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONENOTEM.EXE
+ 2010-02-27 18:41 . 2010-02-27 18:41 533368 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONBTTNWD.DLL
+ 2010-02-27 18:41 . 2010-02-27 18:41 533376 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONBTTNPPT.DLL
+ 2010-02-28 19:19 . 2010-02-28 19:19 697728 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONBTTNOL.DLL
+ 2010-02-28 18:53 . 2010-02-28 18:53 234384 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OMSXP32.DLL
+ 2010-02-28 18:53 . 2010-02-28 18:53 724352 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OMSMAIN.DLL
+ 2010-03-15 16:58 . 2010-03-15 16:58 360824 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOUC.EXE
+ 2010-03-15 16:58 . 2010-03-15 16:58 718208 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSOSYNC.EXE
+ 2009-09-03 23:02 . 2009-09-03 23:02 591680 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSLID.DLL
+ 2010-03-22 11:29 . 2010-03-22 11:29 358240 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MIMEDIR.DLL
+ 2010-03-22 11:29 . 2010-03-22 11:29 272800 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MAPIPH.DLL
+ 2010-03-22 11:30 . 2010-03-22 11:30 135016 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\IMPMAIL.DLL
+ 2010-02-27 18:41 . 2010-02-27 18:41 578472 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\IECONTENTSERVICE.EXE
+ 2010-03-22 11:30 . 2010-03-22 11:30 155008 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ENVELOPE.DLL
+ 2010-03-23 00:57 . 2010-03-23 00:57 135032 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\CONTAB32.DLL
+ 2012-06-18 01:05 . 2012-06-18 01:05 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\304bb4462b6574313514c961bbd1c9cd\WindowsFormsIntegration.ni.dll
+ 2012-06-18 00:54 . 2012-06-18 00:54 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\89bc3112529e88afecdbdddae1f7ad1d\System.ServiceProcess.ni.dll
+ 2012-06-18 00:46 . 2012-06-18 00:46 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\a7a1ef6204c26aae2fb163cd67bb699c\System.Messaging.ni.dll
+ 2012-06-18 00:36 . 2012-06-18 00:36 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c7050f1ef101794af6ee861daa8ac4fd\System.Configuration.Install.ni.dll
+ 2012-06-18 00:23 . 2012-06-18 00:23 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\81c8f79220dd572c1a31cd9a6bd80564\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-18 03:43 . 2012-06-18 03:43 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\b35c2c72e0a21f3dc74f5ee2bad2686a\System.Configuration.Install.ni.dll
+ 2012-06-17 21:52 . 2012-06-17 21:52 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\9cd3ba130af73809f119105601619ffe\System.Web.Entity.ni.dll
+ 2012-06-18 10:25 . 2012-06-18 10:25 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\74c3c2fe3c6afa7305b943ab5ebb60ab\System.ServiceProcess.ni.dll
+ 2012-06-18 10:24 . 2012-06-18 10:24 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\2a385c12a8009b1a80c07b32c3f533b6\System.Drawing.Design.ni.dll
+ 2012-06-18 10:25 . 2012-06-18 10:25 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\8e1cfe84825b9f8b8a171d2c8e037776\System.Configuration.Install.ni.dll
+ 2012-06-17 21:46 . 2012-06-17 21:46 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\df9e7c67dd5a8588beeba1eb35628dcc\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2012-06-17 21:25 . 2012-06-17 21:25 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\dc35482ccdfeada1e1409ccea51c506f\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-06-17 21:39 . 2012-06-17 21:39 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\fee02dcddfe51fbd6fb32c33014ad39b\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-06-17 21:39 . 2012-06-17 21:39 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\a268d03b1701f43495b17801a5b8ab34\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-06-17 21:40 . 2012-06-17 21:40 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\0be2bd45f9c5240843b596b38bfd197f\mcplayerinterop.ni.dll
+ 2012-06-17 21:40 . 2012-06-17 21:40 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\9fe0f329b00cf379cc4da64193fff8e7\mcGlidHostObj.ni.dll
+ 2012-06-17 21:34 . 2012-06-17 21:34 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\7c37969fb93f96f3a59d431b7e8f0665\ehExtHost.ni.exe
+ 2012-06-18 03:18 . 2012-06-18 03:18 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\50933f0a7ece72e717ba7d17559df5ef\WindowsFormsIntegration.ni.dll
+ 2012-06-18 03:16 . 2012-06-18 03:16 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\ac7909b6838589158fe3f6a8190018eb\TaskScheduler.ni.dll
+ 2012-06-18 03:03 . 2012-06-18 03:03 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\c7f44adc1a0b2eb2b0636ee4a202419a\System.Web.Routing.ni.dll
+ 2012-06-18 03:09 . 2012-06-18 03:09 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\1d9398c255b8fdb9b9347e463d99a7e3\System.Web.Extensions.Design.ni.dll
+ 2012-06-18 03:07 . 2012-06-18 03:07 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bc239944bca7cc6b6ddb473259183c7d\System.Web.Entity.ni.dll
+ 2012-06-18 03:07 . 2012-06-18 03:07 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ba3dd9383f752d46e80a33b769dda73d\System.Web.Entity.Design.ni.dll
+ 2012-06-18 03:05 . 2012-06-18 03:05 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b026d4636999893a3c741f1f7e7ccdaf\System.Web.DynamicData.ni.dll
+ 2012-06-18 02:49 . 2012-06-18 02:49 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\24547c0fc525c5e061bb1ae66b965469\System.Web.Abstractions.ni.dll
+ 2012-06-18 10:17 . 2012-06-18 10:17 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
+ 2012-06-17 20:56 . 2012-06-17 20:56 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\441f16bb7547cc6f2435d43e68002a47\System.ServiceProcess.ni.dll
+ 2012-06-17 22:18 . 2012-06-17 22:18 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\f9a982c40c3d777c1091e3801874acc9\System.Messaging.ni.dll
+ 2012-06-18 10:17 . 2012-06-18 10:17 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\912a0776c2bfd35ff76bd0b8ba977ed4\System.Drawing.Design.ni.dll
+ 2012-06-17 20:56 . 2012-06-17 20:56 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\33582b127d761babf8c8cdfe4e43749a\System.Drawing.Design.ni.dll
+ 2012-06-18 10:17 . 2012-06-18 10:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\498d2033c60fe5b777cf923b71b25972\System.Configuration.Install.ni.dll
+ 2012-06-18 02:34 . 2012-06-18 02:34 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\717221d971aeead5d8956225c365ddff\napsnap.ni.dll
+ 2012-06-18 02:33 . 2012-06-18 02:33 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\c22cc9e6e124357491b5a38258973a01\napinit.ni.dll
+ 2012-06-17 22:49 . 2012-06-17 22:49 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\8e2a9204e6166b8b27687560a17f62d9\MMCFxCommon.ni.dll
+ 2012-06-17 22:09 . 2012-06-17 22:09 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ef6ef445ee23a351d562300b91f11aeb\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-06-18 02:17 . 2012-06-18 02:17 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b4f77e5913a1a3ac6621b522f02230dd\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2012-06-18 02:08 . 2012-06-18 02:08 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9e07e62ec64a3b330a2d6e3a6283e6b8\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-06-17 22:11 . 2012-06-17 22:11 191488 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5637475e17ac771505b8b15a88a325a5\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-06-18 02:14 . 2012-06-18 02:14 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0da226c6ea3c9bd960543525da0f9635\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-06-18 01:42 . 2012-06-18 01:42 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\ef8a8fc21d15f89c5ccf17f32809ee34\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2012-06-18 01:43 . 2012-06-18 01:43 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\65c7f0a57de02c67ff34b921dd447752\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2012-06-17 22:09 . 2012-06-17 22:09 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\46859f19e9d6d54ac495721857d1801e\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-06-18 01:38 . 2012-06-18 01:38 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\25950331abff810e35c7497a737890ae\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2012-06-17 22:49 . 2012-06-17 22:49 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\e901c3772777a59b870c0ff1a377f328\Microsoft.ManagementConsole.ni.dll
+ 2012-06-17 22:43 . 2012-06-17 22:43 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\064f94f282dacefe99ee6184ab2f4a1d\EventViewer.ni.dll
+ 2012-06-17 22:25 . 2012-06-17 22:25 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\a6b8eb80cfbdd927b2fa4ecb69fc0209\ehExtHost32.ni.exe
+ 2012-06-14 10:54 . 2012-04-23 22:35 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-04-12 10:27 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-02-05 03:32 . 2012-06-17 06:46 2097152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-05 03:32 . 2012-06-21 02:35 2097152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-17 06:46 1982464 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-21 02:35 1982464 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:45 . 2012-06-17 23:33 7174117 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-06-13 01:29 7174117 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2012-03-15 03:17 . 2012-03-15 03:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
+ 2012-06-14 12:30 . 2012-03-21 22:30 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
- 2012-05-09 22:53 . 2012-01-04 03:34 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-14 12:29 . 2012-03-21 22:30 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
- 2011-06-23 14:47 . 2010-11-05 01:56 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
+ 2012-03-15 03:17 . 2012-03-15 03:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
- 2012-05-09 22:53 . 2012-01-04 02:51 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-14 12:30 . 2012-03-21 22:32 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-14 12:29 . 2012-03-21 22:32 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2011-06-23 14:47 . 2010-11-05 01:58 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2012-06-18 06:14 . 2012-06-18 06:14 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-18 05:58 . 2012-06-18 05:58 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-18 06:00 . 2012-06-18 06:00 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-18 05:59 . 2012-06-18 05:59 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-18 05:59 . 2012-06-18 05:59 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-18 06:09 . 2012-06-18 06:09 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-06-18 06:08 . 2012-06-18 06:08 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-06-18 06:02 . 2012-06-18 06:02 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-06-18 06:01 . 2012-06-18 06:01 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-06-18 06:07 . 2012-06-18 06:07 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-06-18 06:06 . 2012-06-18 06:06 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-06-18 06:12 . 2012-06-18 06:12 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-18 05:56 . 2012-06-18 05:56 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-18 06:12 . 2012-06-18 06:12 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-18 05:52 . 2012-06-18 05:52 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-18 06:05 . 2012-06-18 06:05 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-18 05:32 . 2012-06-18 05:32 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-18 05:47 . 2012-06-18 05:47 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-18 05:27 . 2012-06-18 05:27 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-13 01:43 . 2012-05-13 01:43 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-18 05:40 . 2012-06-18 05:40 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-07-21 02:34 . 2011-07-21 02:34 3456000 c:\windows\Installer\cc265e.msp
+ 2011-10-16 04:28 . 2011-10-16 04:28 1138688 c:\windows\Installer\cc2646.msp
+ 2012-03-15 04:26 . 2012-03-15 04:26 4212736 c:\windows\Installer\cc2631.msp
+ 2011-07-21 02:45 . 2011-07-21 02:45 3809792 c:\windows\Installer\5ea9b7.msp
+ 2011-10-26 13:23 . 2011-10-26 13:23 8821760 c:\windows\Installer\5ea9a1.msp
+ 2011-07-21 02:41 . 2011-07-21 02:41 8413696 c:\windows\Installer\5ea982.msp
+ 2012-02-16 17:50 . 2012-02-16 17:50 1236480 c:\windows\Installer\5ea96c.msp
+ 2011-10-26 12:46 . 2011-10-26 12:46 1833472 c:\windows\Installer\5ea910.msp
+ 2012-03-15 03:12 . 2012-03-15 03:12 4968960 c:\windows\Installer\5ea8c3.msp
+ 2012-03-15 03:11 . 2012-03-15 03:11 1989632 c:\windows\Installer\5ea893.msp
+ 2012-03-20 19:57 . 2012-03-20 19:57 1591808 c:\windows\Installer\5ea85f.msp
+ 2012-05-16 16:58 . 2012-05-16 16:58 3462144 c:\windows\Installer\23476d6.msp
+ 2011-11-18 08:52 . 2011-11-18 08:52 9183232 c:\windows\Installer\23476b7.msp
+ 2012-04-22 12:46 . 2012-04-22 12:46 1187328 c:\windows\Installer\2347689.msp
+ 2012-03-07 05:01 . 2012-03-07 05:01 1907712 c:\windows\Installer\209fdd8.msp
- 2012-06-12 18:04 . 2012-06-12 18:12 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2012-06-12 18:04 . 2012-06-18 08:02 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
+ 2012-06-12 18:04 . 2012-06-18 08:03 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 4520288 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
+ 2012-06-12 18:04 . 2012-06-18 08:05 4520288 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
+ 2012-06-12 18:04 . 2012-06-18 08:02 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
+ 2012-06-12 18:04 . 2012-06-18 08:04 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
- 2012-06-12 18:04 . 2012-06-12 18:12 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-03-24 10:28 . 2010-03-24 10:28 1479520 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\XLICONS.EXE
+ 2010-02-25 01:07 . 2010-02-25 01:07 2672456 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\VBE7.DLL
+ 2010-03-25 00:23 . 2010-03-25 00:23 1707904 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\SOCIALCONNECTOR.DLL
+ 2010-03-24 10:28 . 2010-03-24 10:28 3792736 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\PPTICO.EXE
+ 2010-03-08 23:57 . 2010-03-08 23:57 9696616 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\PPCORE.DLL
+ 2010-03-08 23:57 . 2010-03-08 23:57 2162024 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\POWERPNT.EXE
+ 2009-07-23 00:01 . 2009-07-23 00:01 3670016 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OUTLFLTR.DAT
+ 2010-03-29 22:29 . 2010-03-29 22:29 9182056 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONMAIN.DLL
+ 2010-03-29 22:29 . 2010-03-29 22:29 1676128 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\ONENOTE.EXE
+ 2010-03-23 00:57 . 2010-03-23 00:57 3189120 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OLMAPI32.DLL
+ 2010-03-12 12:45 . 2010-03-12 12:45 4299648 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\GRAPH.EXE
+ 2010-02-28 19:20 . 2010-02-28 19:20 2323840 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\GKWORD.DLL
+ 2010-02-28 19:20 . 2010-02-28 19:20 2102656 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\GKPOWERPOINT.DLL
+ 2010-02-28 19:20 . 2010-02-28 19:20 3355008 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\GKEXCEL.DLL
+ 2012-06-18 00:58 . 2012-06-18 00:58 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\4099e50a109d173c402bda59ca3c06ea\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-18 00:29 . 2012-06-18 00:29 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\c96ea223219a15289ef585049659a184\System.Deployment.ni.dll
+ 2012-06-18 00:34 . 2012-06-18 00:34 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\0a30f46db0e37de3f844fa8abd521f69\System.Activities.Presentation.ni.dll
+ 2012-06-18 00:26 . 2012-06-18 00:26 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\d3a37cd775e89fa777791f678c663d8d\PresentationUI.ni.dll
+ 2012-06-18 00:18 . 2012-06-18 00:18 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\fa8f6e65ba61d498e46e0f9c39b36beb\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-18 00:17 . 2012-06-18 00:17 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\c9fed19ba81b09d66af559b072436e3e\Microsoft.VisualBasic.ni.dll
+ 2012-06-18 06:18 . 2012-06-18 06:18 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ea4d09dbd07c463c45677b7472deaade\WindowsBase.ni.dll
+ 2012-06-18 06:18 . 2012-06-18 06:18 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a18c63aa7c778f642abc7bd8863d6995\System.Drawing.ni.dll
+ 2012-06-18 09:04 . 2012-06-18 09:04 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP496E.tmp\System.Web.Services.dll
+ 2012-06-18 10:31 . 2012-06-18 10:31 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\fbe183884b2171df68ce1578fa373111\System.Workflow.Runtime.ni.dll
+ 2012-06-18 10:30 . 2012-06-18 10:30 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\f8fe71c6b1f6bf05f869a26a6b977f77\System.Workflow.ComponentModel.ni.dll
+ 2012-06-18 10:30 . 2012-06-18 10:30 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\c325bc9d9fa7d4e986036efbc77c2dd9\System.Workflow.Activities.ni.dll
+ 2012-06-18 10:22 . 2012-06-18 10:22 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\8f01989a3bde990524141f502cfe6e5a\System.Web.Services.ni.dll
+ 2012-06-17 20:35 . 2012-06-17 20:35 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\c08c998d0e7fff2831a29b9a58834d8f\System.Printing.ni.dll
+ 2012-06-17 20:30 . 2012-06-17 20:30 2318848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\ce99b3896089b41320568c19d5c9765f\System.Drawing.ni.dll
+ 2012-06-18 08:49 . 2012-06-18 08:49 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6ee0a4ee7c0120b6d5230ff79e14f6f3\System.Deployment.ni.dll
+ 2012-06-17 20:35 . 2012-06-17 20:35 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\f0ca7168c5b40867d7370486fe84aac5\ReachFramework.ni.dll
+ 2012-06-18 09:02 . 2012-06-18 09:02 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\cb9d0b5ea862ed8927d069246d0eeca1\PresentationUI.ni.dll
+ 2012-06-17 21:43 . 2012-06-17 21:43 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\e9ed5f78dae50a9fdf85f042729b482b\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-17 21:35 . 2012-06-17 21:35 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\56fc6686b8a886c4caec9f3cdd7fdc83\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-17 21:35 . 2012-06-17 21:35 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\1ee79069f9c604ca67ae2ad6631e7dfe\Microsoft.MediaCenter.ni.dll
+ 2012-06-18 03:14 . 2012-06-18 03:14 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\a23e8a64ca21224f2bea9ca3c3a5a005\System.WorkflowServices.ni.dll
+ 2012-06-18 10:19 . 2012-06-18 10:19 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\88bfc62ac0195a8ae673c444a3339505\System.Workflow.Runtime.ni.dll
+ 2012-06-18 10:19 . 2012-06-18 10:19 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\cfb739be21092d5b8f7b4fde529e6aaa\System.Workflow.ComponentModel.ni.dll
+ 2012-06-17 20:58 . 2012-06-17 20:58 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0efbc299207e35df9199ca98c7209051\System.Workflow.ComponentModel.ni.dll
+ 2012-06-18 10:18 . 2012-06-18 10:18 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\a815fffab98375c1919df68b5b292725\System.Workflow.Activities.ni.dll
+ 2012-06-17 20:57 . 2012-06-17 20:57 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\12f7432045de0943f05f83ba21ae2795\System.Workflow.Activities.ni.dll
+ 2012-06-18 10:17 . 2012-06-18 10:17 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll
+ 2012-06-18 03:10 . 2012-06-18 03:10 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\238c801e0bbe9ca6b49241e96c9002a0\System.Web.Mobile.ni.dll
+ 2012-06-18 02:50 . 2012-06-18 02:50 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f21d509212c31d51f71b3f750052e9fb\System.Web.Extensions.ni.dll
+ 2012-06-17 20:55 . 2012-06-17 20:55 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\991dbe40be5b114ed705bb5b48e6b330\System.Printing.ni.dll
+ 2012-06-17 20:52 . 2012-06-17 20:52 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
+ 2012-06-18 10:07 . 2012-06-18 10:07 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll
+ 2012-06-17 20:52 . 2012-06-17 20:52 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\1f7ce0fa41c5f946666d03ff79cd4f7a\System.Deployment.ni.dll
+ 2012-06-17 20:55 . 2012-06-17 20:55 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87f73de6e080d37be93adfc7d5c31d7a\ReachFramework.ni.dll
+ 2012-06-17 20:55 . 2012-06-17 20:55 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\81aacc474fa8eab0acc6e4be332c1bc7\PresentationUI.ni.dll
+ 2012-06-18 10:15 . 2012-06-18 10:15 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll
+ 2012-06-18 02:35 . 2012-06-18 02:35 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\5a1931b757da881a84c3a4a5477a7c20\Narrator.ni.exe
+ 2012-06-18 02:28 . 2012-06-18 02:28 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\1c088fce4f92cbe43503d584fa51af1d\MMCEx.ni.dll
+ 2012-06-17 22:49 . 2012-06-17 22:49 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\8706f5d47b38dac04d0cd230baee4c0d\MIGUIControls.ni.dll
+ 2012-06-18 01:56 . 2012-06-18 01:56 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\ca751192bea68826694e690f3a6b5481\Microsoft.VisualBasic.ni.dll
+ 2012-06-18 01:48 . 2012-06-18 01:48 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\99ae5f32cd1dc3618659bc3c77f2b2a9\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-18 01:50 . 2012-06-18 01:50 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4edc9ecb13c33924ae73febac2d41b35\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-18 01:40 . 2012-06-18 01:40 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\dc9d5ea404ddf98c357d90b12ef82d80\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2012-06-17 22:34 . 2012-06-17 22:34 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ce1d10f94b40f054017865757552f2d\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-17 22:31 . 2012-06-17 22:31 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7fab1ec8f5ed6a55a8a73b2c590bd7cd\Microsoft.MediaCenter.ni.dll
+ 2012-06-18 01:32 . 2012-06-18 01:32 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\915ffe12bb261ba8ee009f379ba7d086\Microsoft.Ink.ni.dll
+ 2012-06-18 01:26 . 2012-06-18 01:26 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\38ca1e4f14366981e2fb9ef6d977c966\Microsoft.Build.Tasks.ni.dll
+ 2012-06-18 01:29 . 2012-06-18 01:29 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\121a206f90a50c110c3aa561aac4cab1\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-17 22:38 . 2012-06-17 22:38 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\2ffc241a384334f2f12a89f318d3a82c\mcstore.ni.dll
+ 2012-06-14 12:30 . 2012-03-21 22:32 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-05-09 22:53 . 2012-01-04 02:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-14 12:29 . 2012-03-21 22:32 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-06-23 14:47 . 2010-11-05 01:58 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-07-14 02:34 . 2012-06-17 23:25 11010048 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-06-18 13:38 11010048 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2011-02-10 07:25 . 2012-06-18 00:13 58957832 c:\windows\system32\MRT.exe
- 2011-03-09 13:02 . 2012-06-13 01:01 22813924 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2696381077-3989773151-1297001512-1000-8192.dat
+ 2011-03-09 13:02 . 2012-06-20 07:44 22813924 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2696381077-3989773151-1297001512-1000-8192.dat
+ 2012-03-15 03:09 . 2012-03-15 03:09 17165312 c:\windows\Installer\5ea9dd.msp
+ 2011-06-19 13:28 . 2011-06-19 13:28 18457088 c:\windows\Installer\5ea9bf.msp
+ 2011-10-26 12:51 . 2011-10-26 12:51 16885760 c:\windows\Installer\5ea930.msp
+ 2011-10-26 12:47 . 2011-10-26 12:47 10328064 c:\windows\Installer\5ea8fa.msp
+ 2011-10-26 12:49 . 2011-10-26 12:49 16245760 c:\windows\Installer\5ea8e8.msp
+ 2011-10-26 12:49 . 2011-10-26 12:49 10427392 c:\windows\Installer\5ea8d5.msp
+ 2012-03-15 03:11 . 2012-03-15 03:11 66812928 c:\windows\Installer\5ea8ab.msp
+ 2011-10-26 12:46 . 2011-10-26 12:46 11580928 c:\windows\Installer\5ea87d.msp
+ 2012-03-07 05:03 . 2012-03-07 05:03 23710208 c:\windows\Installer\209fdce.msp
+ 2010-03-12 14:50 . 2010-03-12 14:50 17800544 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\XL12CNV.EXE
+ 2010-03-23 00:57 . 2010-03-23 00:57 15889248 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OUTLOOK.EXE
+ 2010-03-12 14:05 . 2010-03-12 14:05 11121528 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OARTCONV.DLL
+ 2010-03-13 05:08 . 2010-03-13 05:08 20516712 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OART.DLL
+ 2010-03-22 10:36 . 2010-03-22 10:36 72521600 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\MSORES.DLL
+ 2010-03-13 04:53 . 2010-03-13 04:53 20753760 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\EXCEL.EXE
+ 2012-06-18 00:30 . 2012-06-18 00:30 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\ba1de6fc4e50b5ce1474366033f7d3f4\System.Windows.Forms.ni.dll
+ 2012-06-18 06:18 . 2012-06-18 06:18 13198848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\533f500d28764cf9572b01da335e7924\System.Windows.Forms.ni.dll
+ 2012-06-18 06:19 . 2012-06-18 06:19 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cf4a1974ba92ad5b529dbac4d64ac1b1\PresentationFramework.ni.dll
+ 2012-06-18 06:18 . 2012-06-18 06:18 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7543829e8e0da7c1085e144bb4f67e2a\PresentationCore.ni.dll
+ 2012-06-18 08:51 . 2012-06-18 08:51 17383424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\71a747478a63ef2884e7438c33c17029\System.Windows.Forms.ni.dll
+ 2012-06-18 09:03 . 2012-06-18 09:03 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\8f3b98d4daf61587cea41556a8b28cf8\System.Web.ni.dll
+ 2012-06-18 10:24 . 2012-06-18 10:24 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\58f9dd42707d8f97b6f68bf7c641fe94\System.Design.ni.dll
+ 2012-06-17 20:35 . 2012-06-17 20:35 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\cabbc647caf9c0965112ce3e44804346\PresentationFramework.ni.dll
+ 2012-06-17 20:30 . 2012-06-17 20:30 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\d85a28a44ca7f931aff67ab02529900d\PresentationCore.ni.dll
+ 2012-06-17 21:38 . 2012-06-17 21:38 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\1f4c6bb223db2fbfa4abb96cfc7ab8f3\ehshell.ni.dll
+ 2012-06-18 10:07 . 2012-06-18 10:07 12436480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
+ 2012-06-17 20:53 . 2012-06-17 20:53 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\697251a50a103e3d047178c2ab710593\System.Windows.Forms.ni.dll
+ 2012-06-18 10:17 . 2012-06-18 10:17 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
+ 2012-06-17 20:56 . 2012-06-17 20:56 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\2b07e726c1c19bb8440d82b200fb603b\System.Web.ni.dll
+ 2012-06-17 20:56 . 2012-06-17 20:56 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\bd50eea0424b0f1e4c8b3f5cd79494d1\System.Design.ni.dll
+ 2012-06-18 10:17 . 2012-06-18 10:17 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c144f89b1f8f292d6940a1b2f8ffbec\System.Design.ni.dll
+ 2012-06-17 20:55 . 2012-06-17 20:55 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
+ 2012-06-17 20:52 . 2012-06-17 20:52 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
+ 2011-10-16 04:38 . 2011-10-16 04:38 100966912 c:\windows\Installer\5ea848.msp
.
-- 快照技术重新设置 --
.
((((((((((((((((((((((((((((((((((((( 重要登入点 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白与合法缺省登录将不会被显示
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Facebook Update"="c:\users\signius\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-12-23 137536]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-02 98304]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-04 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-09-03 518640]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-26 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-11-16 559616]
.
c:\users\signius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-29 1324384]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-29 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [x]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-03-20 162192]
R2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-04 219632]
R2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [x]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-09-30 508776]
R2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-04 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [x]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [x]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [x]
R3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys [x]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-09-30 219496]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-05-03 1226096]
S2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
.
.
‘计划任务’ 文件夹 里的内容
.
2012-06-17 c:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
- c:\progra~2\AD-AWA~1\AdAwareLauncher.exe [2012-05-03 08:37]
.
2012-06-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000Core.job
- c:\users\signius\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-23 15:35]
.
2012-06-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000UA.job
- c:\users\signius\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-23 15:35]
.
2012-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000Core.job
- c:\users\signius\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-07 01:18]
.
2012-06-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2696381077-3989773151-1297001512-1000UA.job
- c:\users\signius\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-07 01:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 384296]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-12-30 5470208]
.
------- 而外的扫描 -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = wwwproxy.student.unimelb.edu.au:8000
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: Interfaces\{689A6937-43AC-419B-9803-C53282EBF450}: NameServer = 168.95.1.1
TCP: Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D}\441495455434: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{8C97C32F-5826-4022-8996-5645CD26796D}\55D40275962756C65637370214D244F627D60275563747: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\signius\AppData\Roaming\Mozilla\Firefox\Profiles\tcugldwx.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2696381077-3989773151-1297001512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2696381077-3989773151-1297001512-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2696381077-3989773151-1297001512-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"慤慴"=hex:0d,c8,7b,36,01,6d,e7,35,81,31,bd,a0,4a,ba,78,82,b7,4d,c9,a1,46,83,
6c,48,17,ce,30,c5,7c,d0,0b,fa,23,49,a4,bc,9c,29,b4,1c,26,f7,d9,36,94,34,dd,\
"歲祥"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
完成时间: 2012-06-21 13:41:42 - 电脑已重新启动
ComboFix-quarantined-files.txt 2012-06-21 03:41
ComboFix2.txt 2012-06-17 16:24
ComboFix3.txt 2012-06-17 08:41
.
Pre-Run: 47,533,297,664 bytes free
Post-Run: 47,514,443,776 bytes free
.
- - End Of File - - BD2ABF34FA08CF08F604B05305C0E450


The computer is still quite laggy at the moment in normal mode.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users