Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Several viruses


  • This topic is locked This topic is locked
18 replies to this topic

#1 velisaash07103

velisaash07103

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Jersey
  • Local time:04:02 AM

Posted 17 June 2012 - 06:26 PM

I have done everything that I can think of to restore my computer as well, all of my recovery files have been updated so there is no restore points available before june, 2012. I did create an image back in October, 2010 however, I believe that was overwritten the last time I tried to use it as a restore point. I do have a backup, set that I am afraid to use because I am afraid it will be overwritten with these viruses as well. I know that I should not have run combokill without being advised to but I believe in Bleeping Computer soo much that I tried it on my own.

I would appreciate any advice I receive at this time. I have attached the most recent logs that I have, I think.

One more thing, I am hooked up to the internet by optimum, they provide a antimalware, virus protection program, should I install it. I only have windows security essentials because I understand that more than one antivirus/malware program running at one time will slow down the laptop considerably.

Thank you in advance and I look forward to reading the forums, as I became a registred member of Bleeping Computer today.

Attached Files


Edited by Budapest, 17 June 2012 - 06:28 PM.
Moved from Win7 ~Budapest


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:02 AM

Posted 20 June 2012 - 07:59 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please run Malwarebytes one more time and remove all items that are identified.

Post a fresh log for my review.
===

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===

Third party programs if not up to date can be an open door for an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please post the logs and let me know what problem persists.

#3 velisaash07103

velisaash07103
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Jersey
  • Local time:04:02 AM

Posted 21 June 2012 - 07:08 PM

Hello Nasdaq, I am having trouble copying both the DDS and Security Check logs on the same reply. This is my third attemp and I keep losing the introduction I have been writing to you. So I am just going to try the bare bones. Please forgive me If you have been receiving them.

Results of screen317's Security Check version 0.99.42
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Adobe Reader X (10.1.3)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Velisa Ash at 18:32:43 on 2012-06-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1577 [GMT -4:00]
.
AV: AVG Anti-Virus Free *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: AVG Anti-Virus Free *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Windows\system32\lxducoms.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
C:\Windows\system32\hkcmd.exe
C:\Windows\system32\igfxpers.exe
C:\Users\VELISA~1\AppData\Roaming\CBSINT~1\CNETTE~1\TECHTR~1.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_64.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: TranslatorBar 5.2 Toolbar: {23256f20-0d9b-4323-b005-6e5de569c4b7} - C:\Program Files (x86)\TranslatorBar_5.2\tbTra1.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TranslatorBar 5.2 Toolbar: {23256f20-0d9b-4323-b005-6e5de569c4b7} - C:\Program Files (x86)\TranslatorBar_5.2\tbTra1.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {99E00A4C-D35E-11DD-BA95-9B6A56D89593} - No File
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB: TranslatorBar 5.2 Toolbar: {23256f20-0d9b-4323-b005-6e5de569c4b7} - C:\Program Files (x86)\TranslatorBar_5.2\tbTra1.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
mRun: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1D082E71-DF20-4AAF-863B-596428C49874} - hxxp://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} - hxxp://www.worldwinner.com/games/v50/pool/pool.cab
DPF: {64CD313F-F079-4D93-959F-4D28B5519449} - hxxp://www.worldwinner.com/games/v56/jeopardy/jeopardy.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} - hxxp://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab
DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} - hxxp://www.worldwinner.com/games/v46/monopoly/monopoly.cab
DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} - hxxp://www.link-systems.com/sdkhtml/SDK/paste/lsiw9x.cab
DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} - hxxp://www.worldwinner.com/games/v52/dinerdash/dinerdash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} - hxxp://www.worldwinner.com/games/v54/wwspades/wwspades.cab
TCP: DhcpNameServer = 167.206.245.129 167.206.245.130
TCP: Interfaces\{31380076-B7B0-4F39-9C25-FAD81DBE3AFB} : DhcpNameServer = 167.206.245.129 167.206.245.130
TCP: Interfaces\{5EF0A91A-7F45-44AA-BBFC-56E640FC37D2} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5EF0A91A-7F45-44AA-BBFC-56E640FC37D2}\2456C6B696E6F574F575962756C6563737F5441403836413 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{5EF0A91A-7F45-44AA-BBFC-56E640FC37D2}\4796D656771627E65627361626C65677966696 : DhcpNameServer = 10.240.205.161 10.240.205.162
TCP: Interfaces\{5EF0A91A-7F45-44AA-BBFC-56E640FC37D2}\F6074796D657D677966696 : DhcpNameServer = 10.240.205.161 10.240.205.162
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: TranslatorBar 5.2 Toolbar: {23256f20-0d9b-4323-b005-6e5de569c4b7} - C:\Program Files (x86)\TranslatorBar_5.2\tbTra1.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: {99E00A4C-D35E-11DD-BA95-9B6A56D89593} - No File
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB-X64: TranslatorBar 5.2 Toolbar: {23256f20-0d9b-4323-b005-6e5de569c4b7} - C:\Program Files (x86)\TranslatorBar_5.2\tbTra1.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
mRun-x64: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\Windows\system32\Drivers\avgldx64.sys --> C:\Windows\system32\Drivers\avgldx64.sys [?]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\Windows\system32\Drivers\avgmfx64.sys --> C:\Windows\system32\Drivers\avgmfx64.sys [?]
R1 AvgTdiA;AVG Free Network Redirector x64;C:\Windows\system32\Drivers\avgtdia.sys --> C:\Windows\system32\Drivers\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2010-1-11 14904]
R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2012-6-12 412304]
R2 lxdu_device;lxdu_device;C:\Windows\system32\lxducoms.exe -service --> C:\Windows\system32\lxducoms.exe -service [?]
R2 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam;C:\Windows\system32\DRIVERS\GUCI_AVS.sys --> C:\Windows\system32\DRIVERS\GUCI_AVS.sys [?]
R3 RDPDISPM;RDPDISPM;C:\Windows\system32\DRIVERS\rdpdispm.sys --> C:\Windows\system32\DRIVERS\rdpdispm.sys [?]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-27 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-3-8 430152]
S3 avg9emc;AVG Free E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-7-20 921952]
S3 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-7-20 308136]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-27 135664]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-13 257224]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S4 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S4 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-06-21 21:51:03 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{44E9B95B-7784-4C74-B7F9-2262D9CB6F01}\mpengine.dll
2012-06-19 00:06:37 9013136 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-18 23:59:55 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-18 23:59:31 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-18 23:59:19 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-18 23:59:19 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-18 23:57:42 -------- d-----w- C:\ProgramData\CPA_VA
2012-06-17 23:37:08 -------- d-----w- C:\ProgramData\Comodo
2012-06-17 23:37:00 -------- d-----w- C:\Program Files\COMODO
2012-06-17 23:36:50 -------- d-----w- C:\Users\Velisa Ash\AppData\Local\Comodo
2012-06-17 23:36:38 -------- d-----w- C:\Program Files (x86)\Comodo
2012-06-17 23:36:36 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-06-17 23:36:36 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2012-06-17 23:36:36 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2012-06-14 00:27:38 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-14 00:24:23 -------- d-----w- C:\Program Files\iPod
2012-06-14 00:24:21 -------- d-----w- C:\Program Files\iTunes
2012-06-14 00:24:21 -------- d-----w- C:\Program Files (x86)\iTunes
2012-06-13 23:56:14 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 23:56:14 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-13 22:43:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-13 22:43:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-13 22:08:05 -------- d-----w- C:\ProgramData\XoftSpySE
2012-06-12 23:29:18 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4F5AC8D4-0EEC-486B-8C44-D4F46D5D7087}\gapaengine.dll
2012-06-12 21:46:19 -------- d-----w- C:\Malwarebytes' Anti-Malware
2012-06-11 22:50:47 -------- d-----w- C:\Users\Velisa Ash\AppData\Local\{6B5299E0-A7EF-4B62-811A-F8400897F324}
2012-06-11 22:50:36 -------- d-----w- C:\Users\Velisa Ash\AppData\Local\{74238B76-46EA-4A8D-B85E-47C8DE3DFD98}
2012-06-06 21:50:48 -------- d-----w- C:\Users\Velisa Ash\AppData\Local\{9AFF9C27-D6B5-44F1-9F59-A0F983B74209}
2012-06-06 21:50:37 -------- d-----w- C:\Users\Velisa Ash\AppData\Local\{F9BF3A55-5A49-4FE4-B7A8-1D78BDF86583}
2012-06-06 00:00:43 -------- d-----w- C:\$RECYCLE.BIN
2012-06-05 22:55:15 98816 ----a-w- C:\Windows\sed.exe
2012-06-05 22:55:15 518144 ----a-w- C:\Windows\SWREG.exe
2012-06-05 22:55:15 256000 ----a-w- C:\Windows\PEV.exe
2012-06-05 22:55:15 208896 ----a-w- C:\Windows\MBR.exe
2012-06-05 22:54:00 -------- d-----w- C:\ComboFix
2012-06-04 19:03:18 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-06-04 19:03:18 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-06-04 19:03:18 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-06-04 19:03:18 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-06-04 19:03:18 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-06-04 19:03:18 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-06-04 19:03:18 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-05-28 13:12:33 -------- d-----w- C:\Users\Velisa Ash\AppData\Local\{3401078B-E876-429A-8A9D-CE35385A7BD8}
.
==================== Find3M ====================
.
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-04 22:31:10 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-22 20:14:52 4376576 ----a-w- C:\Windows\System32\ffdshow.ax
2012-04-22 20:14:18 3515392 ----a-w- C:\Windows\SysWow64\ffdshow.ax
2012-04-22 20:14:14 4489728 ----a-w- C:\Windows\System32\ffmpeg.dll
2012-04-22 20:12:22 4424704 ----a-w- C:\Windows\SysWow64\ffmpeg.dll
2012-04-19 00:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-04-08 23:47:28 474624 ----a-w- C:\Windows\System32\ff_kernelDeint.dll
2012-04-08 23:47:14 92160 ----a-w- C:\Windows\System32\ff_vfw.dll
2012-04-08 23:46:24 631296 ----a-w- C:\Windows\System32\TomsMoComp_ff.dll
2012-04-08 23:45:58 183808 ----a-w- C:\Windows\System32\ff_unrar.dll
2012-04-08 23:45:58 156672 ----a-w- C:\Windows\System32\ff_libmad.dll
2012-04-08 23:45:58 114688 ----a-w- C:\Windows\System32\ff_wmv9.dll
2012-04-08 23:45:56 359424 ----a-w- C:\Windows\System32\ff_libfaad2.dll
2012-04-08 23:45:56 222720 ----a-w- C:\Windows\System32\ff_libdts.dll
2012-04-08 23:45:56 1532928 ----a-w- C:\Windows\System32\ff_samplerate.dll
2012-04-08 23:45:54 116224 ----a-w- C:\Windows\System32\ff_liba52.dll
2012-04-08 23:40:36 79360 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2012-04-08 23:39:46 260608 ----a-w- C:\Windows\SysWow64\TomsMoComp_ff.dll
2012-04-08 23:39:32 99840 ----a-w- C:\Windows\SysWow64\ff_wmv9.dll
2012-04-08 23:39:32 158720 ----a-w- C:\Windows\SysWow64\ff_unrar.dll
2012-04-08 23:39:30 1525248 ----a-w- C:\Windows\SysWow64\ff_samplerate.dll
2012-04-08 23:39:30 146944 ----a-w- C:\Windows\SysWow64\ff_libmad.dll
2012-04-08 23:39:28 212480 ----a-w- C:\Windows\SysWow64\ff_libdts.dll
2012-04-08 23:39:28 115200 ----a-w- C:\Windows\SysWow64\ff_liba52.dll
2012-04-08 23:39:26 328704 ----a-w- C:\Windows\SysWow64\ff_libfaad2.dll
2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-04-05 10:44:16 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-29 14:23:54 775168 ----a-w- C:\Windows\System32\LAVVideo.ax
2012-03-29 14:23:54 555520 ----a-w- C:\Windows\System32\LAVSplitter.ax
2012-03-29 14:23:50 248832 ----a-w- C:\Windows\System32\LAVAudio.ax
2012-03-29 14:23:46 202240 ----a-w- C:\Windows\System32\libbluray.dll
2012-03-29 14:23:40 6757091 ----a-w- C:\Windows\System32\avcodec-lav-54.dll
2012-03-29 14:23:40 399620 ----a-w- C:\Windows\System32\swscale-lav-2.dll
2012-03-29 14:23:40 214711 ----a-w- C:\Windows\System32\avutil-lav-51.dll
2012-03-29 14:23:40 133299 ----a-w- C:\Windows\System32\avfilter-lav-2.dll
2012-03-29 14:23:40 1167294 ----a-w- C:\Windows\System32\avformat-lav-54.dll
2012-03-29 14:21:32 606720 ----a-w- C:\Windows\SysWow64\LAVVideo.ax
2012-03-29 14:21:32 462848 ----a-w- C:\Windows\SysWow64\LAVSplitter.ax
2012-03-29 14:21:28 217600 ----a-w- C:\Windows\SysWow64\LAVAudio.ax
2012-03-29 14:21:26 172032 ----a-w- C:\Windows\SysWow64\libbluray.dll
2012-03-29 14:21:18 6582226 ----a-w- C:\Windows\SysWow64\avcodec-lav-54.dll
2012-03-29 14:21:18 374152 ----a-w- C:\Windows\SysWow64\swscale-lav-2.dll
2012-03-29 14:21:18 207872 ----a-w- C:\Windows\SysWow64\avutil-lav-51.dll
2012-03-29 14:21:18 144523 ----a-w- C:\Windows\SysWow64\avfilter-lav-2.dll
2012-03-29 14:21:18 1152365 ----a-w- C:\Windows\SysWow64\avformat-lav-54.dll
2012-03-27 15:08:52 267264 ----a-w- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll
2012-03-27 15:08:24 348160 ----a-w- C:\Windows\System32\IntelQuickSyncDecoder.dll
2010-06-13 23:10:00 2734688 ----a-w- C:\Program Files (x86)\tbTran.dll
2009-04-08 18:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll
.
============= FINISH: 18:41:12.62 ===============


I DID IT! THANK YOU FOR YOUR PATIENCE WITH ME. I wrote Animal a reply to something else, and told him that I didn't know if it was my inability or the computer viruses while I was on this website that was not allowing me to communicate with anyone on the website. (One day, I had access to the site in the morning and couldnt get onto it in the evening, this was before I became a member.) The random live ads are still happening and I have not tried youtube today. as a matter of fact, I haven't been on the computer for a couple days hoping that it would work itself out. It hasn't.

I hope that I have provided all that you need. Have a good evening and again, Thank You.



Velisa

#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:02 AM

Posted 22 June 2012 - 10:18 AM

Please run the Malwarebytes tool and remove all items identified for removal.

Post a fresh log for my review.

Run ComboFix and post the log. You may be asked to update please do so.

#5 velisaash07103

velisaash07103
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Jersey
  • Local time:04:02 AM

Posted 22 June 2012 - 09:30 PM

Hello Nasdaq,



Here are the logs you asked me to run of Combofix and Malwarebytes. Please forgive me for being bare bones, this is the second attempt at sending this reply. The more I type, the more I lose the response and have to start over again. (Laptops).:busy: (I DID IT!)




ComboFix 12-06-21.03 - Velisa Ash 06/22/2012 20:53:53.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1107 [GMT -4:00]
Running from: D:\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-05-23 to 2012-06-23 )))))))))))))))))))))))))))))))
.
.
2012-06-23 01:35 . 2012-06-23 01:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-18 23:59 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-18 23:59 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-18 23:59 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-18 23:59 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-18 23:59 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-18 23:59 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-18 23:59 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-18 23:59 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-18 23:59 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-18 23:57 . 2012-06-19 16:06 -------- d-----w- c:\programdata\CPA_VA
2012-06-17 23:37 . 2012-06-17 23:37 -------- d-----w- c:\programdata\Comodo
2012-06-17 23:37 . 2012-06-17 23:37 -------- d-----w- c:\program files\COMODO
2012-06-17 23:36 . 2012-06-17 23:36 -------- d-----w- c:\users\Velisa Ash\AppData\Local\Comodo
2012-06-17 23:36 . 2012-06-17 23:38 -------- d-----w- c:\program files (x86)\Comodo
2012-06-17 23:36 . 2012-06-17 23:36 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-06-17 23:36 . 2012-06-17 23:36 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-06-17 23:36 . 2012-06-17 23:36 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-06-14 00:27 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-14 00:24 . 2012-06-14 00:24 -------- d-----w- c:\program files\iPod
2012-06-14 00:24 . 2012-06-14 00:25 -------- d-----w- c:\program files\iTunes
2012-06-14 00:24 . 2012-06-14 00:25 -------- d-----w- c:\program files (x86)\iTunes
2012-06-13 23:56 . 2012-06-13 23:56 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 23:56 . 2012-06-13 23:56 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-13 22:43 . 2012-06-17 15:50 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-06-13 22:43 . 2012-06-17 15:43 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-06-13 22:08 . 2012-06-13 22:08 -------- d-----w- c:\programdata\XoftSpySE
2012-06-12 21:46 . 2012-06-13 15:16 -------- d-----w- C:\Malwarebytes' Anti-Malware
2012-06-04 19:03 . 2012-06-04 19:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-06-04 19:03 . 2012-06-04 19:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-06-04 19:03 . 2012-06-04 19:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-06-04 19:03 . 2012-06-04 19:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-06-04 19:03 . 2012-06-04 19:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-06-04 19:03 . 2012-06-04 19:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-06-04 19:03 . 2012-06-04 19:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-06-04 19:02 . 2012-06-04 19:03 -------- d-----w- c:\program files (x86)\QuickTime
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-04 22:31 . 2012-04-13 17:58 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-22 20:14 . 2012-04-22 20:14 4376576 ----a-w- c:\windows\system32\ffdshow.ax
2012-04-22 20:14 . 2012-04-22 20:14 3515392 ----a-w- c:\windows\SysWow64\ffdshow.ax
2012-04-22 20:14 . 2012-04-22 20:14 4489728 ----a-w- c:\windows\system32\ffmpeg.dll
2012-04-22 20:12 . 2012-04-22 20:12 4424704 ----a-w- c:\windows\SysWow64\ffmpeg.dll
2012-04-19 00:56 . 2012-04-19 00:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56 . 2012-04-19 00:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-04-08 23:47 . 2012-04-08 23:47 474624 ----a-w- c:\windows\system32\ff_kernelDeint.dll
2012-04-08 23:47 . 2012-04-08 23:47 92160 ----a-w- c:\windows\system32\ff_vfw.dll
2012-04-08 23:46 . 2012-04-08 23:46 631296 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2012-04-08 23:45 . 2012-04-08 23:45 183808 ----a-w- c:\windows\system32\ff_unrar.dll
2012-04-08 23:45 . 2012-04-08 23:45 156672 ----a-w- c:\windows\system32\ff_libmad.dll
2012-04-08 23:45 . 2012-04-08 23:45 114688 ----a-w- c:\windows\system32\ff_wmv9.dll
2012-04-08 23:45 . 2012-04-08 23:45 359424 ----a-w- c:\windows\system32\ff_libfaad2.dll
2012-04-08 23:45 . 2012-04-08 23:45 222720 ----a-w- c:\windows\system32\ff_libdts.dll
2012-04-08 23:45 . 2012-04-08 23:45 1532928 ----a-w- c:\windows\system32\ff_samplerate.dll
2012-04-08 23:45 . 2012-04-08 23:45 116224 ----a-w- c:\windows\system32\ff_liba52.dll
2012-04-08 23:40 . 2012-04-08 23:40 79360 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2012-04-08 23:39 . 2012-04-08 23:39 260608 ----a-w- c:\windows\SysWow64\TomsMoComp_ff.dll
2012-04-08 23:39 . 2012-04-08 23:39 99840 ----a-w- c:\windows\SysWow64\ff_wmv9.dll
2012-04-08 23:39 . 2012-04-08 23:39 158720 ----a-w- c:\windows\SysWow64\ff_unrar.dll
2012-04-08 23:39 . 2012-04-08 23:39 1525248 ----a-w- c:\windows\SysWow64\ff_samplerate.dll
2012-04-08 23:39 . 2012-04-08 23:39 146944 ----a-w- c:\windows\SysWow64\ff_libmad.dll
2012-04-08 23:39 . 2012-04-08 23:39 212480 ----a-w- c:\windows\SysWow64\ff_libdts.dll
2012-04-08 23:39 . 2012-04-08 23:39 115200 ----a-w- c:\windows\SysWow64\ff_liba52.dll
2012-04-08 23:39 . 2012-04-08 23:39 328704 ----a-w- c:\windows\SysWow64\ff_libfaad2.dll
2012-04-05 10:44 . 2010-05-24 20:53 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-03-30 11:35 . 2012-05-09 22:01 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-29 14:23 . 2012-03-29 14:23 775168 ----a-w- c:\windows\system32\LAVVideo.ax
2012-03-29 14:23 . 2012-03-29 14:23 555520 ----a-w- c:\windows\system32\LAVSplitter.ax
2012-03-29 14:23 . 2012-03-29 14:23 248832 ----a-w- c:\windows\system32\LAVAudio.ax
2012-03-29 14:23 . 2012-03-29 14:23 202240 ----a-w- c:\windows\system32\libbluray.dll
2012-03-29 14:23 . 2012-03-29 14:23 6757091 ----a-w- c:\windows\system32\avcodec-lav-54.dll
2012-03-29 14:23 . 2012-03-29 14:23 399620 ----a-w- c:\windows\system32\swscale-lav-2.dll
2012-03-29 14:23 . 2012-03-29 14:23 214711 ----a-w- c:\windows\system32\avutil-lav-51.dll
2012-03-29 14:23 . 2012-03-29 14:23 133299 ----a-w- c:\windows\system32\avfilter-lav-2.dll
2012-03-29 14:23 . 2012-03-29 14:23 1167294 ----a-w- c:\windows\system32\avformat-lav-54.dll
2012-03-29 14:21 . 2012-03-29 14:21 606720 ----a-w- c:\windows\SysWow64\LAVVideo.ax
2012-03-29 14:21 . 2012-03-29 14:21 462848 ----a-w- c:\windows\SysWow64\LAVSplitter.ax
2012-03-29 14:21 . 2012-03-29 14:21 217600 ----a-w- c:\windows\SysWow64\LAVAudio.ax
2012-03-29 14:21 . 2012-03-29 14:21 172032 ----a-w- c:\windows\SysWow64\libbluray.dll
2012-03-29 14:21 . 2012-03-29 14:21 6582226 ----a-w- c:\windows\SysWow64\avcodec-lav-54.dll
2012-03-29 14:21 . 2012-03-29 14:21 374152 ----a-w- c:\windows\SysWow64\swscale-lav-2.dll
2012-03-29 14:21 . 2012-03-29 14:21 207872 ----a-w- c:\windows\SysWow64\avutil-lav-51.dll
2012-03-29 14:21 . 2012-03-29 14:21 144523 ----a-w- c:\windows\SysWow64\avfilter-lav-2.dll
2012-03-29 14:21 . 2012-03-29 14:21 1152365 ----a-w- c:\windows\SysWow64\avformat-lav-54.dll
2012-03-27 15:08 . 2012-03-27 15:08 267264 ----a-w- c:\windows\SysWow64\IntelQuickSyncDecoder.dll
2012-03-27 15:08 . 2012-03-27 15:08 348160 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll
2010-06-13 23:10 . 2010-09-12 23:35 2734688 ----a-w- c:\program files (x86)\tbTran.dll
2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-06_00.01.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-14 00:29 . 2012-05-17 22:25 73216 c:\windows\SysWOW64\mshtmled.dll
+ 2012-06-14 00:29 . 2012-05-17 22:31 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-04-13 19:38 . 2012-02-28 01:08 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-06-14 00:29 . 2012-05-17 22:31 65024 c:\windows\SysWOW64\jsproxy.dll
- 2012-04-13 19:38 . 2012-02-28 01:08 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2009-07-14 04:54 . 2012-06-23 01:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-05-04 22:31 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-06-23 01:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-04 22:31 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-23 01:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-04 22:31 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-11 15:28 . 2012-06-14 00:04 87953 c:\windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe
+ 2012-06-05 10:00 . 2012-06-05 10:00 86016 c:\windows\SysWOW64\Adobe\Shockwave 11\SwMenu.dll
- 2012-02-21 14:03 . 2012-02-21 14:03 86016 c:\windows\SysWOW64\Adobe\Shockwave 11\SwMenu.dll
+ 2012-06-05 09:45 . 2012-06-05 09:45 73408 c:\windows\SysWOW64\Adobe\Shockwave 11\gtapi.dll
- 2012-02-21 13:46 . 2012-02-21 13:46 73408 c:\windows\SysWOW64\Adobe\Shockwave 11\gtapi.dll
- 2012-02-21 13:46 . 2012-02-21 13:46 64512 c:\windows\SysWOW64\Adobe\Shockwave 11\gcapi_dll.dll
+ 2012-06-05 09:45 . 2012-06-05 09:45 64512 c:\windows\SysWOW64\Adobe\Shockwave 11\gcapi_dll.dll
- 2012-02-21 14:04 . 2012-02-21 14:04 12800 c:\windows\SysWOW64\Adobe\Shockwave 11\DynaPlayer.dll
+ 2012-06-05 10:00 . 2012-06-05 10:00 12800 c:\windows\SysWOW64\Adobe\Shockwave 11\DynaPlayer.dll
+ 2010-01-11 22:35 . 2012-06-23 01:41 86324 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-23 01:41 53228 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-03-05 01:47 . 2012-06-23 01:41 24608 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2170897701-3915595995-2533102732-1000_UserData.bin
- 2012-03-13 23:43 . 2012-01-25 06:38 77312 c:\windows\system32\rdpwsx.dll
+ 2012-06-14 00:27 . 2012-04-26 05:41 77312 c:\windows\system32\rdpwsx.dll
+ 2012-06-14 00:29 . 2012-05-18 01:51 96768 c:\windows\system32\mshtmled.dll
- 2012-04-13 19:38 . 2012-02-28 06:47 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-06-14 00:29 . 2012-05-18 01:56 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-06-14 00:29 . 2012-05-18 01:56 85504 c:\windows\system32\jsproxy.dll
- 2012-04-13 19:38 . 2012-02-28 06:47 85504 c:\windows\system32\jsproxy.dll
- 2009-07-14 05:30 . 2012-04-28 23:22 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-06-14 00:21 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-02-15 15:01 . 2012-02-15 15:01 52736 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_509d7a31d0ee45f2\usbaapl64.sys
+ 2011-08-02 20:38 . 2011-08-02 20:38 22528 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_bf785db627c6d127\netaapl64.sys
+ 2010-03-05 16:11 . 2012-06-22 21:17 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-05 16:11 . 2012-06-05 13:11 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-05 16:11 . 2012-06-22 21:17 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-22 21:17 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-06-21 21:42 . 2012-06-21 21:42 49120 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
+ 2009-07-14 04:46 . 2012-06-21 21:48 91888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-03-05 00:39 . 2012-05-13 13:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-05 00:39 . 2012-06-11 23:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-05-10 02:22 . 2012-05-10 02:22 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-05-10 02:22 . 2012-05-10 02:22 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 00:40 . 2012-06-14 00:40 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 00:40 . 2012-06-14 00:40 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\eef76dd965ea0a8ae5fb0c734d84389c\System.Web.DynamicData.Design.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\876f4df16291d2b14c21e2a14afb60c9\WindowsLiveWriter.ni.exe
+ 2012-06-14 16:40 . 2012-06-14 16:40 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2b97ccae44726f13c418f1406180c3e8\System.Web.DynamicData.Design.ni.dll
+ 2012-06-17 15:47 . 2012-06-17 15:47 3122 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-03-13 23:43 . 2012-01-25 06:33 9216 c:\windows\system32\rdrmemptylst.exe
+ 2012-06-14 00:27 . 2012-04-26 05:34 9216 c:\windows\system32\rdrmemptylst.exe
+ 2012-06-23 01:38 . 2012-06-23 01:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-05 23:58 . 2012-06-05 23:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-23 01:38 . 2012-06-23 01:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-05 23:58 . 2012-06-05 23:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-14 00:29 . 2012-05-17 22:33 231936 c:\windows\SysWOW64\url.dll
- 2012-04-13 19:38 . 2012-02-28 01:09 231936 c:\windows\SysWOW64\url.dll
+ 2012-06-13 23:56 . 2012-06-13 23:56 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
+ 2012-06-13 23:56 . 2012-06-13 23:56 465096 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.dll
+ 2012-06-13 23:56 . 2012-06-13 23:56 257224 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-04-13 19:38 . 2012-02-28 01:06 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-06-14 00:29 . 2012-05-17 22:29 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-06-14 00:29 . 2012-05-17 22:29 142848 c:\windows\SysWOW64\ieUnatt.exe
- 2011-08-14 08:46 . 2011-08-14 08:46 142848 c:\windows\SysWOW64\ieUnatt.exe
- 2012-04-13 19:38 . 2012-02-28 00:59 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-06-14 00:29 . 2012-05-17 22:20 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-06-14 00:27 . 2012-04-24 04:36 140288 c:\windows\SysWOW64\cryptsvc.dll
+ 2012-06-14 00:27 . 2012-04-24 04:36 103936 c:\windows\SysWOW64\cryptnet.dll
+ 2012-06-05 09:45 . 2012-06-05 09:45 284600 c:\windows\SysWOW64\Adobe\Shockwave 11\SymCCIS.dll
+ 2012-06-05 10:00 . 2012-06-05 10:00 114176 c:\windows\SysWOW64\Adobe\Shockwave 11\SwInit.exe
- 2012-02-21 14:03 . 2012-02-21 14:03 114176 c:\windows\SysWOW64\Adobe\Shockwave 11\SwInit.exe
+ 2012-06-05 10:01 . 2012-06-05 10:01 434176 c:\windows\SysWOW64\Adobe\Shockwave 11\Proj.dll
- 2012-02-21 14:04 . 2012-02-21 14:04 434176 c:\windows\SysWOW64\Adobe\Shockwave 11\Proj.dll
+ 2012-06-05 10:00 . 2012-06-05 10:00 366592 c:\windows\SysWOW64\Adobe\Shockwave 11\Plugin.dll
+ 2012-06-05 09:49 . 2012-06-05 09:49 990208 c:\windows\SysWOW64\Adobe\Shockwave 11\iml32.dll
- 2012-02-21 13:50 . 2012-02-21 13:50 990208 c:\windows\SysWOW64\Adobe\Shockwave 11\iml32.dll
+ 2012-06-05 10:00 . 2012-06-05 10:00 544256 c:\windows\SysWOW64\Adobe\Shockwave 11\Control.dll
+ 2012-06-11 09:20 . 2012-06-11 09:20 113632 c:\windows\SysWOW64\Adobe\Director\SWDNLD.EXE
+ 2012-06-11 09:20 . 2012-06-11 09:20 281056 c:\windows\SysWOW64\Adobe\Director\SwDir.dll
+ 2012-06-05 10:00 . 2012-06-05 10:00 145920 c:\windows\SysWOW64\Adobe\Director\np32dsw.dll
- 2012-02-21 14:04 . 2012-02-21 14:04 145920 c:\windows\SysWOW64\Adobe\Director\np32dsw.dll
+ 2010-03-05 01:02 . 2012-06-15 03:53 300788 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2012-06-14 00:29 . 2012-05-18 01:58 237056 c:\windows\system32\url.dll
- 2012-04-13 19:38 . 2012-02-28 06:48 237056 c:\windows\system32\url.dll
+ 2012-06-14 00:27 . 2012-04-26 05:41 149504 c:\windows\system32\rdpcorekmts.dll
- 2012-03-13 23:43 . 2012-01-25 06:38 149504 c:\windows\system32\rdpcorekmts.dll
- 2011-06-09 23:10 . 2010-11-20 13:27 209920 c:\windows\system32\profsvc.dll
+ 2012-06-14 00:27 . 2012-05-01 05:40 209920 c:\windows\system32\profsvc.dll
+ 2009-07-14 02:36 . 2012-06-23 00:37 628554 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-23 00:37 108700 c:\windows\system32\perfc009.dat
+ 2012-06-13 23:56 . 2012-06-13 23:56 417480 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_257_ActiveX.exe
+ 2012-06-13 23:56 . 2012-06-13 23:56 512200 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_257_ActiveX.dll
- 2012-04-13 19:38 . 2012-02-28 06:45 818688 c:\windows\system32\jscript.dll
+ 2012-06-14 00:29 . 2012-05-18 01:55 818688 c:\windows\system32\jscript.dll
- 2011-08-14 08:46 . 2011-08-14 08:46 173056 c:\windows\system32\ieUnatt.exe
+ 2012-06-14 00:29 . 2012-05-18 01:55 173056 c:\windows\system32\ieUnatt.exe
- 2012-04-13 19:38 . 2012-02-28 06:39 248320 c:\windows\system32\ieui.dll
+ 2012-06-14 00:29 . 2012-05-18 01:47 248320 c:\windows\system32\ieui.dll
- 2009-07-14 04:45 . 2012-05-10 11:26 342160 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2012-06-14 05:34 342160 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:30 . 2012-04-28 23:22 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-06-14 00:21 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-04-28 23:22 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-06-14 00:21 143360 c:\windows\system32\DriverStore\infstor.dat
- 2012-03-13 23:42 . 2012-02-17 04:58 210944 c:\windows\system32\drivers\rdpwd.sys
+ 2012-06-14 00:27 . 2012-04-28 03:55 210944 c:\windows\system32\drivers\rdpwd.sys
+ 2012-06-14 00:27 . 2012-04-24 05:37 184320 c:\windows\system32\cryptsvc.dll
+ 2012-06-14 00:27 . 2012-04-24 05:37 140288 c:\windows\system32\cryptnet.dll
- 2009-07-14 05:12 . 2012-06-05 11:32 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2012-06-14 15:35 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-06-05 23:56 307200 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-23 01:37 307200 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-08-28 09:55 . 2012-06-22 00:55 307200 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
- 2011-08-28 09:55 . 2012-04-06 01:51 307200 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-04-21 15:03 . 2012-04-21 15:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
- 2012-04-13 17:59 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-06-14 00:27 . 2012-04-23 22:33 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-04-21 15:03 . 2012-04-21 15:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2012-06-14 00:27 . 2012-04-23 22:35 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-04-13 17:59 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-14 00:40 . 2012-06-14 00:40 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-14 00:40 . 2012-06-14 00:40 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-14 00:25 . 2012-06-14 00:25 380928 c:\windows\Installer\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}\iTunesIco.exe
+ 2012-05-24 17:29 . 2012-05-24 17:29 236904 c:\windows\Installer\$PatchCache$\Managed\FAEB67A6F1D637247AB9AD48012A5EB6\5.2.0\OutlookChangeNotifierAddIn_x64.dll
+ 2012-05-24 17:29 . 2012-05-24 17:29 227176 c:\windows\Installer\$PatchCache$\Managed\FAEB67A6F1D637247AB9AD48012A5EB6\5.2.0\OutlookChangeNotifierAddIn.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\097137b03ff37196b4b8ba62db34d64a\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8cc4dd9babffe370cf375925fba15f84\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f4d304fcbfda323997083a1f88b83719\WindowsFormsIntegration.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\681410f842337dccc72eb059738c3ced\TaskScheduler.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\72b4992e45d232251a273a59eb3333d5\System.Web.Routing.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\b905eb57b631a30c60caa4d68c186963\System.Web.Entity.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e412dfbf1aa49bbe345a02a4d23104f5\System.Web.Entity.Design.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\815769f953ebe3f84439d522c97317b8\System.Web.DynamicData.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\c8144ee08dccdac183527e53c86aa901\System.Web.Abstractions.ni.dll
+ 2012-06-14 05:42 . 2012-06-14 05:42 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll
+ 2012-06-14 16:41 . 2012-06-14 16:41 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\d5d612f7d372f500e3062e3814e79d75\System.Messaging.ni.dll
+ 2012-06-14 05:42 . 2012-06-14 05:42 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\fbc02e9f5a14bb93082ebc88bc577413\System.Drawing.Design.ni.dll
+ 2012-06-14 05:42 . 2012-06-14 05:42 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\a88ca70ab9641b8236149bc5dd8d1564\System.Configuration.Install.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\2f1bad2fb963482a02443d5e7fece2b6\napsnap.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\bb4947f0ecc925a7bcfd129b6eec8f9b\napinit.ni.dll
+ 2012-06-14 16:42 . 2012-06-14 16:42 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\67240ddde494b9cc05cd732ccd099668\MMCFxCommon.ni.dll
+ 2012-06-14 16:42 . 2012-06-14 16:42 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e29cbd30a31d3c8dae19eb17f70c4ec4\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-06-14 16:42 . 2012-06-14 16:42 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\409dae089f2e041343cff71f822cd505\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-06-14 16:42 . 2012-06-14 16:42 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\803188573fb19785a94284e097c48a67\Microsoft.ManagementConsole.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\4ae6ccc32dafb4e3765b9db05585bd48\mcplayerinterop.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\b0db345fd62a84c98fd8b0bf3c72e8bb\mcGlidHostObj.ni.dll
+ 2012-06-14 16:42 . 2012-06-14 16:42 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\bc5df15ee827e248dd6f819874a85718\EventViewer.ni.dll
+ 2012-06-14 16:41 . 2012-06-14 16:41 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\08c9aa18b306aa47ddc0ae4a63b05d04\ehExtHost.ni.exe
+ 2012-06-14 16:39 . 2012-06-14 16:39 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\62cec20b82795b936aa2ebe09cf390b3\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f061177fad83e0d31527ca85a7b9447d\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ebda5533597f76b6f088db06a3c9bf89\WindowsLive.Writer.Controls.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c9819eac00ff9d58e19599438e5ac742\WindowsLive.Writer.Api.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c1c69dc861cc74197d32851f14e7072a\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a4ebb53e20a38dcf5d65f12abffd64a8\WindowsLive.Writer.Interop.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9b8dc38b0c2427faeb5e306a453d251a\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8c2ee846c46973e97e706f39bb72e2e8\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8aaba9a485b995efaac2c1a59051e676\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\26a195621994dccb5a5f9c06ce1e5fd7\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0ccb4a3228a1ca615f849ebfe8d4daee\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\ad66e359fad3f5ace031f71737b111a0\WindowsLive.Client.ni.dll
+ 2012-06-14 16:41 . 2012-06-14 16:41 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll
+ 2012-06-14 16:41 . 2012-06-14 16:41 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\f3e052584df9c614407da662dd3c3df3\TaskScheduler.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\06e4119a0a3484bb0ca667a16145ce74\System.Web.Routing.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\4f13c2c06fb97f6659473f02802b377b\System.Web.Extensions.Design.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bc239944bca7cc6b6ddb473259183c7d\System.Web.Entity.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\3701488fb9e601ebe963db25b784d684\System.Web.Entity.Design.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a09cc9877f51f16a4610b702155e8b70\System.Web.DynamicData.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c6aad1edcc51862ceb26b6b65dad1490\System.Web.Abstractions.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\912a0776c2bfd35ff76bd0b8ba977ed4\System.Drawing.Design.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\498d2033c60fe5b777cf923b71b25972\System.Configuration.Install.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\acfafa161ea232928cb02b01c50acf1c\napsnap.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\0abec246c5ca6ec4858bfd3ab84da0ec\napinit.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\1e03b7c2539c5376f0665a4aba04efbd\MMCFxCommon.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\622b582866fca37f113bd97ae4c6d1f6\Microsoft.ManagementConsole.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\02577b78c6ed2f9bda301de888dccad8\EventViewer.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\a6b8eb80cfbdd927b2fa4ecb69fc0209\ehExtHost32.ni.exe
- 2012-04-13 17:59 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-14 00:27 . 2012-04-23 22:35 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-05-01 21:03 . 2012-05-01 21:03 405176 c:\windows\assembly\GAC_MSIL\Newtonsoft.Json.Net20\4.0.0.0__30ad4fe6b2a6aeed\Newtonsoft.Json.Net20.dll
+ 2012-06-09 20:16 . 2012-06-09 20:16 405176 c:\windows\assembly\GAC_MSIL\Newtonsoft.Json.Net20\4.0.0.0__30ad4fe6b2a6aeed\Newtonsoft.Json.Net20.dll
+ 2012-06-09 20:16 . 2012-06-09 20:16 110232 c:\windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.dll
- 2012-05-01 21:03 . 2012-05-01 21:03 110232 c:\windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.dll
+ 2012-06-09 20:16 . 2012-06-09 20:16 546968 c:\windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack.Shell\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.Shell.dll
- 2012-05-01 21:03 . 2012-05-01 21:03 546968 c:\windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack.Shell\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.Shell.dll
+ 2012-06-14 00:29 . 2012-05-17 22:35 1129472 c:\windows\SysWOW64\wininet.dll
+ 2012-06-14 00:29 . 2012-05-17 22:36 1103872 c:\windows\SysWOW64\urlmon.dll
+ 2012-06-14 00:27 . 2012-05-04 10:03 3913072 c:\windows\SysWOW64\ntoskrnl.exe
- 2012-05-09 22:02 . 2012-03-31 04:39 3913072 c:\windows\SysWOW64\ntoskrnl.exe
- 2012-05-09 22:02 . 2012-03-31 04:39 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-06-14 00:27 . 2012-05-04 10:03 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-06-14 00:27 . 2012-04-07 11:26 2342400 c:\windows\SysWOW64\msi.dll
+ 2012-06-14 00:29 . 2012-05-17 22:45 1800192 c:\windows\SysWOW64\jscript9.dll
+ 2012-06-14 00:29 . 2012-05-17 22:27 1793024 c:\windows\SysWOW64\iertutil.dll
+ 2012-06-14 00:29 . 2012-05-17 22:48 9737728 c:\windows\SysWOW64\ieframe.dll
+ 2012-06-14 00:27 . 2012-04-24 04:36 1158656 c:\windows\SysWOW64\crypt32.dll
+ 2012-06-05 10:06 . 2012-06-05 10:06 1040864 c:\windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1165635.exe
- 2012-02-21 13:46 . 2012-02-21 13:46 2376368 c:\windows\SysWOW64\Adobe\Shockwave 11\gt.exe
+ 2012-06-05 09:45 . 2012-06-05 09:45 2376368 c:\windows\SysWOW64\Adobe\Shockwave 11\gt.exe
+ 2012-06-05 09:45 . 2012-06-05 09:45 1292288 c:\windows\SysWOW64\Adobe\Shockwave 11\gi.dll
+ 2012-06-05 09:50 . 2012-06-05 09:50 1742336 c:\windows\SysWOW64\Adobe\Shockwave 11\dirapi.dll
- 2012-02-21 13:52 . 2012-02-21 13:52 1742336 c:\windows\SysWOW64\Adobe\Shockwave 11\dirapi.dll
+ 2012-06-14 00:29 . 2012-05-18 01:59 1392128 c:\windows\system32\wininet.dll
+ 2012-06-14 00:29 . 2012-05-18 01:59 1346048 c:\windows\system32\urlmon.dll
+ 2012-06-14 00:27 . 2012-05-04 11:06 5559664 c:\windows\system32\ntoskrnl.exe
- 2012-05-09 22:02 . 2012-03-31 06:05 5559664 c:\windows\system32\ntoskrnl.exe
+ 2012-06-14 00:27 . 2012-04-07 12:31 3216384 c:\windows\system32\msi.dll
+ 2012-06-14 00:29 . 2012-05-18 02:06 2311680 c:\windows\system32\jscript9.dll
+ 2012-06-14 00:29 . 2012-05-18 01:54 2144768 c:\windows\system32\iertutil.dll
+ 2012-02-15 15:01 . 2012-02-15 15:01 4547944 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_509d7a31d0ee45f2\usbaaplrc.dll
+ 2010-04-20 00:29 . 2010-04-20 00:29 1721576 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_bf785db627c6d127\wdfcoinstaller01009.dll
+ 2012-06-14 00:27 . 2012-04-24 05:37 1462272 c:\windows\system32\crypt32.dll
+ 2009-07-14 04:45 . 2012-06-19 16:07 7112398 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-06-05 10:32 7112398 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-03-11 01:31 . 2012-06-23 01:37 8317860 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2170897701-3915595995-2533102732-1000-8192.dat
+ 2010-11-09 02:13 . 2012-06-19 02:38 1938324 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2170897701-3915595995-2533102732-1000-12288.dat
+ 2012-03-15 17:17 . 2012-03-15 17:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
+ 2012-06-14 00:27 . 2012-03-21 22:30 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
- 2012-05-09 22:02 . 2012-01-04 03:34 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
- 2011-06-09 23:08 . 2010-11-05 01:56 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
+ 2012-06-14 00:27 . 2012-03-21 22:30 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
+ 2012-03-15 17:17 . 2012-03-15 17:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
+ 2012-06-14 00:27 . 2012-03-21 22:32 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2012-05-09 22:02 . 2012-01-04 02:51 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-14 00:27 . 2012-03-21 22:32 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2011-06-09 23:08 . 2010-11-05 01:58 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-14 00:42 . 2012-06-14 00:42 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-05-10 02:22 . 2012-05-10 02:22 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-14 00:40 . 2012-06-14 00:40 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-14 00:40 . 2012-06-14 00:40 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-10 02:21 . 2012-05-10 02:21 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-14 00:41 . 2012-06-14 00:41 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-04-23 02:46 . 2012-04-23 02:46 1187328 c:\windows\Installer\1087be4.msp
+ 2012-03-15 18:26 . 2012-03-15 18:26 4212736 c:\windows\Installer\1087bdb.msp
+ 2012-06-14 01:07 . 2012-06-14 01:07 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-14 01:12 . 2012-06-14 01:12 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll
+ 2012-06-14 01:08 . 2012-06-14 01:08 2305024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll
+ 2012-06-14 01:08 . 2012-06-14 01:08 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll
+ 2012-06-14 01:12 . 2012-06-14 01:12 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll
+ 2012-06-14 01:08 . 2012-06-14 01:08 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\e4d308f69077903e24de92fe4fc06d29\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-14 00:56 . 2012-06-14 00:56 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll
+ 2012-06-14 00:43 . 2012-06-14 00:43 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\7f0476e4df01ca2219f7db531408e91c\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f87f8bc0bc9563096150f23f6c220e7b\System.Printing.ni.dll
+ 2012-06-14 00:43 . 2012-06-14 00:43 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e899cda47704280f54949c69b78c55cc\System.Deployment.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\36299fad6b7b591cfb6bd9e50dbd33df\System.Activities.Presentation.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\442af6f7c8b447bdec3ad8d23da89c5a\ReachFramework.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\cf455da9b8fedf66767c1a7ab3eea9c9\PresentationUI.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 1139712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2ed0173a2e75b1a3943bd2d96649a50c\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-14 00:53 . 2012-06-14 00:53 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\70cc5e8a5a3372fe0b104c1b20392cd2\System.WorkflowServices.ni.dll
+ 2012-06-14 05:43 . 2012-06-14 05:43 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\aa638ba79250284eb4af4adaa4a4117b\System.Workflow.Runtime.ni.dll
+ 2012-06-14 05:43 . 2012-06-14 05:43 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\996dc2af3b9e5c111130935f298908c6\System.Workflow.ComponentModel.ni.dll
+ 2012-06-14 05:42 . 2012-06-14 05:42 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\178797db84abae2eeaed835bd28ca52c\System.Workflow.Activities.ni.dll
+ 2012-06-14 05:42 . 2012-06-14 05:42 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\a32734087cd0db5607d5744ca63235d7\System.Web.Services.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\af7689e8cbec5d2755497be23c30e293\System.Web.Mobile.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\768ea257d75839979b4efb2d49d653f6\System.Web.Extensions.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\2c47bc5d426a7cf9ffef1425eda08184\System.Web.Extensions.Design.ni.dll
+ 2012-06-14 05:41 . 2012-06-14 05:41 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\b964519964d302b4977e1380d8d15f1a\System.Printing.ni.dll
+ 2012-06-14 05:38 . 2012-06-14 05:38 2318848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
+ 2012-06-14 05:38 . 2012-06-14 05:38 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6e4e9b07f376d445df1718c0011fa99b\System.Deployment.ni.dll
+ 2012-06-14 05:41 . 2012-06-14 05:41 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\1f88a3693c8ddd527a130aff49dc58b3\ReachFramework.ni.dll
+ 2012-06-14 05:41 . 2012-06-14 05:41 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\b91c32fab08ba62d8c7681cc596895be\PresentationUI.ni.dll
+ 2012-06-14 16:44 . 2012-06-14 16:44 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\ac1ba76ed19d668ce53a74593f040453\Narrator.ni.exe
+ 2012-06-14 16:43 . 2012-06-14 16:43 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\df2557ab1b8e4389d846e13dc82eba57\MMCEx.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\61812970c4743b686a67f28687e1dcb6\MIGUIControls.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1586ee919f86130df9771cf9b8d95d3a\Microsoft.VisualBasic.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ca7e936eed0de2436d87b2601ee3a20a\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6caa366471176a065a96d77e8ba01eeb\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3040e2de07177c0a6a66a49de61fdc59\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-14 16:41 . 2012-06-14 16:41 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b2afc0af3d89ae00e973b4e6e9db382c\Microsoft.MediaCenter.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\73bfbdccdc1b0ae87f70a0ec594fee3c\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-06-14 16:42 . 2012-06-14 16:42 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\653e1ee01f10d658d52ca42e17e74283\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\dac69844e6333484159a4cf544190906\Microsoft.Ink.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4b362e9e25c33e371f06403edec8849a\Microsoft.Build.Tasks.ni.dll
+ 2012-06-14 16:43 . 2012-06-14 16:43 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\33730d136a34d2f4e56a0322f49ee9b6\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-14 16:42 . 2012-06-14 16:42 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\cc4844e7242c1e35d145bf2439f944c5\mcstore.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fe29ec14034fcf7bd83f609ee5327f03\WindowsLive.Writer.Localization.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ccb5629a16edaafb40d3bdec51c70451\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\81c0c8525a9f6ff5c97e95a331eba69c\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 7025152 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\369eb9f2556436aadf9bc93610124d3b\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-06-14 16:41 . 2012-06-14 16:41 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\88bfc62ac0195a8ae673c444a3339505\System.Workflow.Runtime.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\cfb739be21092d5b8f7b4fde529e6aaa\System.Workflow.ComponentModel.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\a815fffab98375c1919df68b5b292725\System.Workflow.Activities.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4a90802e36dee6e10d9bf54832cbf549\System.Web.Mobile.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c45efc7ec92c1da8e67eb597559ec39c\System.Web.Extensions.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\991dbe40be5b114ed705bb5b48e6b330\System.Printing.ni.dll
+ 2012-06-14 05:36 . 2012-06-14 05:36 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
+ 2012-06-14 05:36 . 2012-06-14 05:36 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87f73de6e080d37be93adfc7d5c31d7a\ReachFramework.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\17add09c98fa34255142d42697db53df\Narrator.ni.exe
+ 2012-06-14 16:40 . 2012-06-14 16:40 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\21abde8efab609732b2ade3f05234e79\MMCEx.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\0e7da0df83f0619e3b0e0a7d7ee05fa3\MIGUIControls.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\99ae5f32cd1dc3618659bc3c77f2b2a9\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\77b5496d214dd5034294b058c0bb0e8d\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\72765e5fab12761eb6d3f58180fa34d7\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ce1d10f94b40f054017865757552f2d\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7fab1ec8f5ed6a55a8a73b2c590bd7cd\Microsoft.MediaCenter.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\4d381048e3b9c0914c0f72c6aa0a599d\Microsoft.Ink.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3893fa9a19b52dee8b2cc424840d5d08\Microsoft.Build.Tasks.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\1d2250044b1ecff755e26ed12f6d27cb\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-14 16:40 . 2012-06-14 16:40 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\3a4e56a8d1075cf0af0619c383b3e592\mcstore.ni.dll
+ 2012-06-14 00:27 . 2012-03-21 22:32 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-05-09 22:02 . 2012-01-04 02:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-14 00:27 . 2012-03-21 22:32 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-06-09 23:08 . 2010-11-05 01:58 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-14 00:29 . 2012-05-17 23:11 12314624 c:\windows\SysWOW64\mshtml.dll
+ 2012-06-17 23:37 . 2012-06-17 23:37 28918432 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\DragonSetup[1].exe
+ 2009-07-14 02:34 . 2012-06-19 00:16 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-06-14 00:29 . 2012-05-18 02:47 17807360 c:\windows\system32\mshtml.dll
+ 2010-03-13 14:26 . 2012-06-14 00:36 58957832 c:\windows\system32\MRT.exe
+ 2012-06-14 00:29 . 2012-05-18 02:16 10924032 c:\windows\system32\ieframe.dll
+ 2012-06-14 00:20 . 2012-06-14 00:20 52033024 c:\windows\Installer\1087bd2.msi
+ 2012-06-14 00:19 . 2012-06-14 00:19 11071488 c:\windows\Installer\1087012.msi
+ 2012-06-14 00:19 . 2012-06-14 00:19 20403200 c:\windows\Installer\1086fe1.msi
+ 2012-06-14 01:12 . 2012-06-14 01:12 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll
+ 2012-06-14 01:08 . 2012-06-14 01:08 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll
+ 2012-06-14 01:07 . 2012-06-14 01:07 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll
+ 2012-06-14 00:43 . 2012-06-14 00:43 13198336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
+ 2012-06-14 00:43 . 2012-06-14 00:43 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
+ 2012-06-14 00:43 . 2012-06-14 00:43 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
+ 2012-06-14 05:39 . 2012-06-14 05:39 17383424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
+ 2012-06-14 05:42 . 2012-06-14 05:42 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll
+ 2012-06-14 05:42 . 2012-06-14 05:42 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\582144c0ee317038621aebc626187b56\System.Design.ni.dll
+ 2012-06-14 05:41 . 2012-06-14 05:41 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll
+ 2012-06-14 05:38 . 2012-06-14 05:38 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll
+ 2012-06-14 16:42 . 2012-06-14 16:42 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\0c1f96a4136efe532bbb8eb91d3de300\ehshell.ni.dll
+ 2012-06-14 05:36 . 2012-06-14 05:36 12436480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c144f89b1f8f292d6940a1b2f8ffbec\System.Design.ni.dll
+ 2012-06-14 05:37 . 2012-06-14 05:37 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
+ 2012-06-14 05:36 . 2012-06-14 05:36 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{23256f20-0d9b-4323-b005-6e5de569c4b7}]
2010-09-12 23:35 2735200 ----a-w- c:\program files (x86)\TranslatorBar_5.2\tbTra1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{23256f20-0d9b-4323-b005-6e5de569c4b7}"= "c:\program files (x86)\TranslatorBar_5.2\tbTra1.dll" [2010-09-12 2735200]
.
[HKEY_CLASSES_ROOT\clsid\{23256f20-0d9b-4323-b005-6e5de569c4b7}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"COMODO"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe" [2011-11-23 213304]
"CPA"="c:\program files\COMODO\COMODO GeekBuddy\VALA.exe" [2011-11-23 184120]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2011-8-29 16032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-27 135664]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-04-19 430152]
R3 avg9emc;AVG Free E-mail Scanner;c:\program files (x86)\AVG\AVG9\avgemc.exe [2010-07-21 921952]
R3 avg9wd;AVG Free WatchDog;c:\program files (x86)\AVG\AVG9\avgwdsvc.exe [2010-07-21 308136]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-27 135664]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 257224]
R4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R4 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\Drivers\avgldx64.sys [x]
S1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\Drivers\avgmfx64.sys [x]
S1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\Drivers\avgtdia.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [2012-06-12 412304]
S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe [x]
S2 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam;c:\windows\system32\DRIVERS\GUCI_AVS.sys [x]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 23:56]
.
2012-05-22 c:\windows\Tasks\ASUS SmartLogon Console Sensor.job
- c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18 23:58]
.
2012-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-27 13:05]
.
2012-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-27 13:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-10-01 621440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\avgrssta.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 167.206.245.129 167.206.245.130
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} - hxxp://www.link-systems.com/sdkhtml/SDK/paste/lsiw9x.cab
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{99E00A4C-D35E-11DD-BA95-9B6A56D89593} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{23256F20-0D9B-4323-B005-6E5DE569C4B7} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"=hex:51,66,7a,6c,4c,1d,38,12,4e,a0,d4,
c8,f8,fd,f7,04,ce,b0,dc,11,68,88,dc,3d
"{23256F20-0D9B-4323-B005-6E5DE569C4B7}"=hex:51,66,7a,6c,4c,1d,38,12,4e,6c,36,
27,a9,43,4d,06,cf,13,2d,1d,e0,37,80,a3
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,38,12,7b,ba,ea,
34,67,f9,48,0d,fd,1d,4b,bb,a3,e3,60,89
"{C80BDEB2-8735-44C6-BD55-A1CCD555667A}"=hex:51,66,7a,6c,4c,1d,38,12,dc,dd,18,
cc,07,c9,a8,01,c2,43,e2,8c,d0,0b,22,6e
"{3462C343-BE19-4143-AF70-CEFB56F46FC6}"=hex:51,66,7a,6c,4c,1d,38,12,2d,c0,71,
30,2b,f0,2d,04,d0,66,8d,bb,53,aa,2b,d2
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}"=hex:51,66,7a,6c,4c,1d,38,12,e1,1f,51,
3e,0a,ac,85,0f,f7,62,fb,f5,f7,92,03,66
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{60E91567-EF8A-4520-BCE2-83ABA5256799}"=hex:51,66,7a,6c,4c,1d,38,12,09,16,fa,
64,b8,a1,4e,00,c3,f4,c0,eb,a0,7b,23,8d
"{6921710F-6AC6-4113-8AE6-82A1660EBB09}"=hex:51,66,7a,6c,4c,1d,38,12,61,72,32,
6d,f4,24,7d,04,f5,f0,c1,e1,63,50,ff,1d
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,
6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"=hex:51,66,7a,6c,4c,1d,38,12,cc,76,af,
a7,b5,51,e8,03,d5,55,10,07,d2,08,45,68
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}"=hex:51,66,7a,6c,4c,1d,38,12,a5,b6,f7,
bb,c5,2d,3f,0f,ed,70,22,27,60,03,1f,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:94,11,15,03,91,13,cd,01
.
[HKEY_USERS\S-1-5-21-2170897701-3915595995-2533102732-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{36C6BBE9-6DD6-0D4C-09F6-9A95B0626E24}*]
@Allowed: (Read) (RestrictedCode)
"gaogkokokgogoa"=hex:63,61,6e,63,6b,6c,00,02
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
.
**************************************************************************
.
Completion time: 2012-06-22 22:01:58 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-23 02:01
ComboFix2.txt 2012-06-06 00:26
.
Pre-Run: 252,739,313,664 bytes free
Post-Run: 252,887,613,440 bytes free
.
- - End Of File - - F13718D433EDC2575437E4C51728A0A0



Malwarebytes Anti-Malware 1.61.0.1400


v2012.06.22.11

Windows 7 Service Pack 1 x64
9.0.8112.16421
Velisa Ash :: VELISAASH-PC

6/22/2012 7:38:39 PM
mbam-log-2012-06-22 (19-38-39).txt




346747
36 , 25

0


0


0


0


0


0


0



I HOPE I HAVE PROVIDED YOU WITH ALL YOU NEED. HAPPY FRIDAY EVENING TO YOU!



VELISA





#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:02 AM

Posted 23 June 2012 - 07:47 AM

There is a limit on the length of the text you can post in one message.
Your logs are very long. Should you have this problem again post each log in a different post.


One more thing, I am hooked up to the internet by optimum, they provide a antimalware, virus protection program, should I install it. I only have windows security essentials because I understand that more than one antivirus/malware program running at one time will slow down the laptop considerably.

Yes you should. If the laptop slows down then you can disable Windows Security Essentials.

Please let me know what problem persists.

#7 velisaash07103

velisaash07103
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Jersey
  • Local time:04:02 AM

Posted 23 June 2012 - 09:12 AM

Good Morning Nasdaq,



Thank you for continuing to inform me on the do's and don'ts of using these forums. I think what you all do here is a very generous thing and you all are just GREAT!!!!!!!!!!

I still have the random live ads and also the redirecting problem when I use google. I apologize for the long logs on the same reply, I started to put them on separately but thought I would be doing something that I was not supposed to.

Thanking you in advance for any help on the redirect and random live ads and also wishing you a Happy Saturday!



Velisa

#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:02 AM

Posted 23 June 2012 - 09:19 AM

Try these one at a time.

Click the Posted Image button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7 with Elevated Privilege
http://www.mydigitallife.info/2007/02/17/how-to-open-elevated-command-prompt-with-administrator-privileges-in-windows-vista/
<<<>>>

Continue if still having the redirection problem.

Launch Notepad, and copy/paste all the blue instructions below to it.
Save in: Desktop
File Name: fixme.reg
Save as Type: All files
Click: Save

REGEDIT4

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]


Then, disconnect from the Internet!
Next,
Back on the Desktop, double-click on the fixme.reg file you just saved and click on Yes when asked to merge the information.

On a Vista or Windows 7 operating system right click on the fixme.reg file and run as Administrator.

Optional if the following programs are in your computer.
Note that since the Domains are deleted SpywareBlaster protection must be re-enabled. Spybot's Immunize feature must be used again, also you have to re-install IE-SpyAd if installed.
===

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

How to Secure Your Wireless Router
http://www.ehow.com/how_2253625_secure-wireless-router.html

How is it now?

#9 velisaash07103

velisaash07103
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Jersey
  • Local time:04:02 AM

Posted 23 June 2012 - 09:50 AM

Sorry Nasdaq,

I forgot to mention that when I shut down my laptop, I always get a message that there are programs still running in the backround and it asks me if I want to force shut down. There are no programs open that I can see. Also, when I listen to videos on youtube and as I write this reply, I keep getting live ads.


I take it you didn't find anything out of order in the logs I posted, is there something I can do to stop both of these issues?

#10 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:02 AM

Posted 23 June 2012 - 10:17 AM

I take it you didn't find anything out of order in the logs I posted, is there something I can do to stop both of these issues?

Your logs are clean.
Did you execute all the instructions in my post No. 8?

#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:02 AM

Posted 29 June 2012 - 10:10 AM

Are you still with me?

#12 velisaash07103

velisaash07103
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Jersey
  • Local time:04:02 AM

Posted 01 July 2012 - 06:07 PM

Hello Nasdaq,

Yes I am still with you. I am a little discouraged about the computer and needed to walk a way from it for awhile. I tried downloading the CA internet Suite through optimum as you suggested and ran into a snag there also. I have it downloaded now but still can't get through to CA internet support to activate it. I tried almost everything you told me to up to fixme.reg. I believe that I ran it as the administrator because I followed the directions but I was never asked to select administrator. It looked as though the program assumed that I was the administrator by the steps that I were taking. (I was never prompted to select adminstrator). Also, I am still getting the random live ads and the redirecting to other sites when I use google or if I type a website name directly into the browser.



I want my computer fixed but this is a little overwhelming. Can I come back to you after I get a second wind? Also, unless I didn't understand something in the beginning, how do I find my posts after I log in? So far I have to go around the maypole and back (literally fish through dates from June 16th (the date I joined) in order to find our communication to one another. That is another job.

I don't want to sound unappreciative Nasdaq, but I need a couple days to get back in the mood to fix my computer. I thank you so very much for your help and for reaching out to me when you didn't hear from me. Thank you for not closing me out.


Stay inside where it is nice and cool.

Velisa

#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:02 AM

Posted 02 July 2012 - 07:07 AM

Also, unless I didn't understand something in the beginning, how do I find my posts after I log in?


One easy way is to bookmark/Favorite the page.

To get a message back when I answer it's in your profile.

Click your name velisaash07103
Click Edit my profile upper right corner of the page.
Click settings upper left corner.
Click Notification option. > change the way you want to be informed of new posts.

#14 velisaash07103

velisaash07103
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Jersey
  • Local time:04:02 AM

Posted 06 July 2012 - 06:56 AM

Good Morning Nasdaq, how was your 4th of July? I hope you had a great day!

Since there is going to be a problem with computers being infected on Monday, I figure I had better get back to trying to tackle this thing.

I will again try to activate my security pack from CA Internet Security, meaning I try to get them on the phone again today. Secondly, have you heard of anything else beside resetting my modem (which is connected by Optimum online cable company), that will get rid of the google redirect and random live ads that are still constantly running on my computer?


I ask for your responses Nasdaq, only if you have the time to answer, I know that there are many.



Thanks and have a wonderful day!

#15 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:02 AM

Posted 06 July 2012 - 09:36 AM

resetting my modem (which is connected by Optimum online cable company)


I was talking about a router. Are you connected to a wireless router?
That router then goes to your modem. That should not be an issue.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users