Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with FBI Moneypak


  • Please log in to reply
33 replies to this topic

#1 widly05

widly05

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 29 June 2012 - 07:42 PM

Recently, my computer was hit with the FBI Moneypak virus. In an attempt to resolve the problem myself, I ran Malwarebytes; but to no avail, Malwarebytes did not find anything wrong with my computer. I later tried AVG (AVG log is attached), SuperAntiSpyware -this program would randomly shut down in the middle of scanning, and a few other other programs like these. I also notice that FBI Moneypak only initiates when I turn on the wifi in normal mode; when there is no internet, I just notice that the deskbar is different. Sometimes FBI Moneypak has changed some of the permissions of my desktop programs, disallowing me from running desktop programs. I have read the pre-post instructions and here is my dds log-the other logs are attached.

Thank you for you kindness for working with me.


.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Widly at 19:59:41 on 2012-06-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3758.2317 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
SP: PC Tools Spyware Doctor *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Widly\Desktop\gmer\gmer.exe
C:\Users\Widly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=8951A1D9291BDE2685E70F4FECFFD4B8&tbp=homepage
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
uInternet Settings,ProxyOverride = <local>;*.local
uInternet Settings,ProxyServer = 192.1.1.16:80
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TBSB05541 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\Veehd Plugin\tbunsiEC.tmp\tbcore3.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\Users\Widly\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ctfmon.lnk - C:\Windows\System32\rundll32.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
Trusted Zone: cs50.net\courses
Trusted Zone: gq.com\www
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://core-vpn-1-gw.fas.harvard.edu/CACHE/stc/5/binaries/vpnweb.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{597649FD-27A4-4D35-AFDB-8328C72AAAD8} : DhcpNameServer = 140.247.233.163 140.247.233.194 128.103.1.7
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C} : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\071696E662349656 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\16474777966696 : DhcpNameServer = 192.168.5.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\24F43545F4E4 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\34F6C657D6269616345523 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\7516E61646F6F6F533167383 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\F45767562747 : DhcpNameServer = 212.99.110.2 212.99.110.3
TCP: Interfaces\{85A876A7-B8A5-48B2-B9C5-8F8BD60B6635} : NameServer = 0.0.0.0
TCP: Interfaces\{9F9C137E-1868-405C-BB3A-C6108834CE8A} : DhcpNameServer = 192.168.100.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TBSB05541 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Veehd Plugin\tbunsiEC.tmp\tbcore3.dll
BHO-X64: TBSB05541 - No File
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Widly\AppData\Roaming\Mozilla\Firefox\Profiles\u0bjl0uv.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=8951A1D9291BDE2685E70F4FECFFD4B8&tbp=homepage
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B41e73a88-0f0e-4b5a-998e-a38c192d12fe%7D&mid=f4985ee5f72a47d08f96850b0fba2e0a-08566a9274eba5528e6248be135ae92e8985804f&ds=AVG&v=11.1.0.12&lang=en&pr=fr&d=2012-06-28%2007%3A52%3A00&sap=ku&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Widly\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Widly\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Widly\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]
R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2012-6-28 23208]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
S1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\rsdrvx64.sys --> C:\Windows\system32\drivers\rsdrvx64.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
S2 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-6-28 3069752]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
S2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
S2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-6-28 44768]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-4-30 5106744]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
S2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-6 135664]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-26 13336]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-1-12 259192]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
S2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-6-2 1019328]
S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-5-6 104960]
S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-4-26 2320920]
S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
S2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-8-16 592120]
S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-6-28 935008]
S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2012-6-28 66320]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-28 250056]
S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\androidusb.sys --> C:\Windows\system32\Drivers\androidusb.sys [?]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-6 135664]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-12 129976]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-12 340240]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
S3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
S3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-9-10 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-9-10 67952]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TVICHW64;TVICHW64;\??\C:\Windows\system32\DRIVERS\TVICHW64.SYS --> C:\Windows\system32\DRIVERS\TVICHW64.SYS [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-4-16 571248]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152]
S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-1-12 44736]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
.
=============== Created Last 30 ================
.
2012-06-29 11:17:29 -------- d-----w- C:\Users\Widly\AppData\Roaming\SUPERAntiSpyware.com
2012-06-29 11:17:24 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-06-29 11:17:24 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-06-29 03:23:35 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-06-29 03:23:35 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-06-29 03:23:35 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-06-29 03:23:00 41184 ----a-w- C:\Windows\avastSS.scr
2012-06-29 01:07:40 -------- d-----w- C:\ProgramData\blekko toolbars
2012-06-29 01:07:32 -------- d-----w- C:\Users\Widly\AppData\Local\blekkotb_031
2012-06-29 00:22:43 110080 ----a-r- C:\Users\Widly\AppData\Roaming\Microsoft\Installer\{18F97AF0-4F88-4494-AFE2-5A5702E142CC}\IconF7A21AF7.exe
2012-06-29 00:22:43 110080 ----a-r- C:\Users\Widly\AppData\Roaming\Microsoft\Installer\{18F97AF0-4F88-4494-AFE2-5A5702E142CC}\IconD7F16134.exe
2012-06-29 00:22:43 110080 ----a-r- C:\Users\Widly\AppData\Roaming\Microsoft\Installer\{18F97AF0-4F88-4494-AFE2-5A5702E142CC}\Icon1226A4C5.exe
2012-06-29 00:22:42 -------- d-----w- C:\sh4ldr
2012-06-29 00:22:42 -------- d-----w- C:\Program Files\Enigma Software Group
2012-06-29 00:22:02 -------- d-----w- C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-28 23:23:56 -------- d-----w- C:\Users\Widly\AppData\Local\Threat Expert
2012-06-28 11:52:58 -------- d-----w- C:\Users\Widly\AppData\Roaming\AVG2012
2012-06-28 11:52:17 -------- d-----w- C:\Users\Widly\AppData\Local\AVG Secure Search
2012-06-28 11:52:04 -------- d-----w- C:\ProgramData\AVG Secure Search
2012-06-28 11:51:57 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2012-06-28 11:51:56 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2012-06-28 11:51:41 -------- d--h--w- C:\ProgramData\Common Files
2012-06-28 11:51:39 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-06-28 11:51:21 -------- d--h--w- C:\$AVG
2012-06-28 11:51:21 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-06-28 11:51:21 -------- d-----w- C:\ProgramData\AVG2012
2012-06-28 11:51:11 -------- d-----w- C:\Program Files (x86)\AVG
2012-06-28 11:49:02 -------- d-----w- C:\ProgramData\MFAData
2012-06-28 11:07:47 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2012-06-26 11:04:32 -------- d-----w- C:\Users\Widly\AppData\Local\Macromedia
2012-06-23 23:07:51 0 ----a-w- C:\Windows\SysWow64\sho8AE6.tmp
2012-06-22 16:23:31 -------- d-sh--w- C:\Windows\System32\%APPDATA%
2012-06-21 04:59:14 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 04:58:47 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 04:58:28 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 04:58:28 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-19 10:42:29 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{86E13453-A423-4D5E-9697-83484CB24994}\mpengine.dll
2012-06-12 23:49:26 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-12 23:49:26 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-12 23:49:26 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-12 23:49:24 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-12 23:49:22 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-12 23:49:22 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-12 23:49:19 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-06-12 23:49:08 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-12 23:48:56 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-12 23:48:56 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-12 23:48:56 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-12 23:48:56 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-12 23:48:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-12 23:48:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-12 23:48:13 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-06-12 23:48:12 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-06-12 23:48:10 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-02 14:40:41 -------- d-----w- C:\Users\Widly\AppData\Roaming\Roxio Log Files
2012-06-02 14:35:17 -------- d-sh--w- C:\$RECYCLE.BIN
2012-06-02 13:53:53 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-06-02 13:51:47 251528 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-06-02 13:51:47 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-06-02 13:51:26 -------- d-----w- C:\Users\Widly\AppData\Roaming\TestApp
2012-06-02 13:51:26 -------- d-----w- C:\ProgramData\PC Tools
2012-06-02 12:54:50 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-02 12:54:50 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-02 11:46:56 0 ------w- C:\Windows\SysWow64\shoD219.tmp
.
==================== Find3M ====================
.
2012-06-23 21:39:58 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-23 21:39:58 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-29 03:19:03 0 ------w- C:\Windows\SysWow64\sho28E1.tmp
2012-05-24 07:26:04 0 ------w- C:\Windows\SysWow64\sho49E9.tmp
2012-05-22 14:16:50 0 ------w- C:\Windows\SysWow64\shoE7ED.tmp
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-04-19 08:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-04-19 00:56:30 94208 ------w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56:30 69632 ------w- C:\Windows\SysWow64\QuickTime.qts
2012-04-14 05:54:52 0 ------w- C:\Windows\SysWow64\shoD66C.tmp
2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 20:05:07.87 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:18 PM

Posted 04 July 2012 - 12:25 PM

Hello widly05.

See this advisory on the Internet Crime Complaint Center regarding Citadel malware & Reveton ransomware
http://www.ic3.gov/media/2012/120530.aspx

Advise me if you have access to a clean computer system. You need to change all your online passwords (especially banking & CC ones) but only using a clean pc.

This system has some serious backdoor trojans, spyware, and possibly, a rookit.
This is a point where you need to decide about whether to make a clean start.
A backdoor trojan allows hackers to remotely control your computer, steal critical system information, and download and execute files.
You are strongly advised to do the following immediately.
1. Contact your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and ask them to put a watch on your accounts or change all your account numbers.
2. From a clean computer, change ALL your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups.
3. Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.These trojans leave a backdoor open on the system that can allow a hacker total and complete access to your computer. (Remote access trojan) Hackers can operate your computer just as if they were sitting in front of it. Hackers can watch everything you are doing on the computer, play tricks, do screenshots, log passwords, start and stop programs.
* Take any other steps you think appropriate for an attempted identity theft.

You should also understand that once a system has been compromised by a Trojan backdoor, it can never really be trusted again unless you completely reformat the hard drives and reinstall Windows fresh. While we usually can successfully remove malware like this, we cannot guarantee that it is totally gone, and that your system is completely safe to use for future financial information and/or transactions. I would recommend that you do a full reformat and reinstall of Windows rather than clean the system.
I suggest that you backup important files and reinstall everything from scratch. There are so many changes that could have been done if that backdoor was used.

Let me know what you decide.

Here is some additional information: What Is A Backdoor Trojan? http://www.geekstogo.com/2007/10/03/what-is-a-backdoor-trojan
Danger: Remote Access Trojans http://www.microsoft.com/technet/security/alerts/info/virusrat.mspx
Consumers – Identity Theft http://www.ftc.gov/bcp/edu/microsites/idtheft/consumers/index.html
When should I re-format? How should I reinstall? http://www.dslreports.com/faq/10063

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? http://www.dslreports.com/faq/10451
Rootkits: The Obscure Hacker Attack http://www.microsoft.com/technet/community/columns/sectip/st1005.mspx
Help: I Got Hacked. Now What Do I Do? http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
Help: I Got Hacked. Now What Do I Do? Part II http://www.microsoft.com/technet/community/columns/secmgmt/sm0704.mspx
Microsoft Says Recovery from Malware Becoming Impossible http://www.eweek.com/article2/0,1895,1945808,00.asp
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#3 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:18 PM

Posted 04 July 2012 - 04:03 PM

P.S.S. IF you decide to still go forward and to attempt to clean, then.....
You must un-install Spy Hunter. It has a poor reputation.

You appear to have 3 antivirus apps installed. Two of which are active at startup. Having more then 1 active antivirus will lead to conflicts and deadlocks.
De-install Emsisoft if you did not buy it.

Between Avast & AVG2012 decide on which one to keep, and de-install the other. Again, advise on what you have done & what you have decided.

If you have not bought S*perantispyware, de-install it. You do not want to be over-loaded with security apps at startup.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#4 widly05

widly05
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 04 July 2012 - 04:28 PM

If it changes anything, since Sunday, I have removed FBI Moneypak--or at least I believe so because it no longer appears. Typically, I don't have 5 different anti-virus programs, but it was with the FBI moneypak that compelled me to find different anti-virus programs to solve my computer issues. I'll stick with avast anti-virus.

Do you have an instruction guide on how to re-install Windows?

#5 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:18 PM

Posted 04 July 2012 - 04:45 PM

If you have decided to do a complete wipe and clean install Windows 7, see http://www.sevenforums.com/tutorials/219487-clean-reinstall-factory-oem-windows-7-a.html

IF you think you have made some headway in removal, and you want to continue here with me, then do the following:
Restart the pc and tap F8 function key as it starts so that you can select and get into Safe Mode with Networking.

Step 2
1. Open Internet Explorer.
2. Click "Tools," and then click "Internet Options."
3. Click "Connections," and then click "LAN Settings."
4. Make sure the check boxes for "Automatically detect settings" and "Use automatic configuration script" are not selected. Make sure Proxy server block is all un-checked.
5. Apply changes & OK

Step 3
  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#6 widly05

widly05
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 04 July 2012 - 05:35 PM

Attached to this post is the Rogue Killer report.

Attached Files



#7 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:18 PM

Posted 04 July 2012 - 06:54 PM

Please always (as much as possible) Copy and Paste log reports into main-body of reply box.

There are indications also of a Zero Access infection, which we can squash, but be aware you may temporarily lose internet connection.

We Need to Run a Batch Script
  • Press the Windows-key on keyboard.
  • In the Posted Image box, type notepad and press Enter.
  • Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.
    del /f /q C:\Users\Widly\AppData\Local\Temp\er_00_0_l.exe
    del /f /q c:\users\widly\appdata\local\{5e663184-c949-c1ff-7177-07ef3785c54c}\U
    del /f /q c:\users\widly\appdata\local\{5e663184-c949-c1ff-7177-07ef3785c54c}\L
    del /f /q c:\users\widly\appdata\local\{5e663184-c949-c1ff-7177-07ef3785c54c}\@
    del /f /q c:\windows\installer\{5e663184-c949-c1ff-7177-07ef3785c54c}\U
    del /f /q c:\windows\installer\{5e663184-c949-c1ff-7177-07ef3785c54c}\L
    del /f /q "%~f0"
  • Select File -> Save AS.
  • Press the Desktop button on the left side of the save dialog.
  • In the Posted Image box, type in Fix.bat.
  • Press Posted Image.
  • Close Notepad.
  • Right click Posted Image on your desktop, and choose Posted Image.
  • Press Yes if prompted by User Account Control.
Step 2
  • Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes.
  • On the RogueKiller console, click the Registry tab.
  • Then press the Delete button.
  • Next, click the DNS tab, and then click on the DNS Fix button
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Step 3
You will want to print out or copy these instructions to Notepad for offline reference!
These steps are for member widly05 only. If you are a casual viewer, do NOT try this on your system!
If you are not widly05 and have a similar problem, do NOT post here; start your own topic


Do not run or start any other programs while these utilities and tools are in use!
Do NOT run any other tools on your own or do any fixes other than what is listed here.
If you have questions, please ask before you do something on your own.
But it is important that you get going on these following steps.
=
Close any of your open programs while you run these tools.

On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

If you have a prior copy of Combofix, delete it now

Download Combofix from any of the links below, and SAVE it to your Desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your Desktop and not run straight away from download **

Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs


Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages
It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.
You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.
Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system


Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
Right- click on Combo-Fix.exe on your Desktop Posted Image and select "Run as Administrator".
  • A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.

    When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
A caution - Do not run Combofix more than once.
Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.
If this occurs, please reboot to restore the desktop.


A file will be created at => C:\Combofix.txt.
Note:
Do not mouseclick combofix's window nor run any program while Combofix is running.
That may cause it to stall.

Reply with a copy of the C:\Combofix.txt log

Re-enable your antivirus program.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#8 widly05

widly05
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 05 July 2012 - 06:47 PM

ComboFix 12-07-05.04 - Widly 07/05/2012 19:27:39.3.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3758.2574 [GMT -4:00]
Running from: c:\users\Widly\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml
c:\windows\Installer\{5e663184-c949-c1ff-7177-07ef3785c54c}\@
c:\windows\Installer\{5e663184-c949-c1ff-7177-07ef3785c54c}\U\00000001.@
c:\windows\Installer\{5e663184-c949-c1ff-7177-07ef3785c54c}\U\80000000.@
c:\windows\Installer\{5e663184-c949-c1ff-7177-07ef3785c54c}\U\800000cb.@
.
Infected copy of c:\windows\system32\services.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache64\services.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-05 to 2012-07-05 )))))))))))))))))))))))))))))))
.
.
2012-07-05 23:35 . 2012-07-05 23:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-07-05 23:35 . 2012-07-05 23:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-05 22:57 . 2012-07-05 22:57 -------- d-----w- c:\users\Widly\AppData\Roaming\AVG2012
2012-07-05 22:53 . 2012-07-05 22:53 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0FB8682-3E81-493C-936E-C89142E24CAD}\offreg.dll
2012-07-05 22:47 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0FB8682-3E81-493C-936E-C89142E24CAD}\mpengine.dll
2012-07-02 00:38 . 2012-07-02 00:38 0 ----a-w- c:\windows\SysWow64\sho54E3.tmp
2012-07-02 00:14 . 2012-07-04 21:18 -------- d-----w- c:\program files (x86)\Argente - Registry Cleaner
2012-07-02 00:06 . 2012-07-02 00:06 -------- d-----w- c:\users\Widly\AppData\Roaming\ParetoLogic
2012-07-02 00:06 . 2012-07-02 00:06 -------- d-----w- c:\users\Widly\AppData\Roaming\DriverCure
2012-07-01 12:24 . 2012-07-01 12:24 -------- d-----w- c:\program files\CCleaner
2012-07-01 11:54 . 2012-07-01 11:54 -------- d-----w- C:\rsleakDownload
2012-07-01 11:54 . 2012-07-01 11:54 -------- d-----r- C:\RSABIN
2012-07-01 11:53 . 2012-07-01 16:31 -------- d-----w- c:\program files (x86)\Rising
2012-07-01 11:52 . 2012-07-01 16:31 -------- d-----w- c:\programdata\Rising
2012-06-29 03:23 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-06-29 03:23 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-06-29 03:23 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-06-29 03:23 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-06-29 03:23 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-06-29 03:23 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-06-29 03:23 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-06-29 03:23 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-06-29 01:07 . 2012-06-29 10:47 -------- d-----w- c:\programdata\blekko toolbars
2012-06-29 01:07 . 2012-06-29 01:07 -------- d-----w- c:\users\Widly\AppData\Local\blekkotb_031
2012-06-29 00:22 . 2012-07-01 16:34 -------- d-----w- C:\sh4ldr
2012-06-29 00:22 . 2012-06-29 00:22 -------- d-----w- c:\program files\Enigma Software Group
2012-06-29 00:22 . 2012-07-01 16:34 -------- d-----w- c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP
2012-06-28 23:23 . 2012-06-28 23:23 -------- d-----w- c:\users\Widly\AppData\Local\Threat Expert
2012-06-28 11:51 . 2012-06-28 11:51 -------- d--h--w- c:\programdata\Common Files
2012-06-28 11:51 . 2012-06-28 11:51 -------- d-----w- C:\$AVG
2012-06-28 11:51 . 2012-06-28 11:51 -------- d-----w- c:\program files (x86)\AVG
2012-06-28 11:07 . 2012-07-01 16:31 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2012-06-26 11:04 . 2012-06-26 11:04 -------- d-----w- c:\users\Widly\AppData\Local\Macromedia
2012-06-23 23:07 . 2012-06-23 23:07 0 ----a-w- c:\windows\SysWow64\sho8AE6.tmp
2012-06-22 16:23 . 2012-06-22 16:23 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-06-21 04:59 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 04:59 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 04:59 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 04:59 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 04:58 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 04:58 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 04:58 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 04:58 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 04:58 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-12 23:49 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-12 23:49 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-12 23:49 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-12 23:49 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-12 23:49 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-12 23:49 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-12 23:49 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-12 23:49 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-12 23:48 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-12 23:48 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-12 23:48 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-12 23:48 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-12 23:48 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-12 23:48 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-12 23:48 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-12 23:48 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-12 23:48 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 21:39 . 2012-03-28 22:14 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 21:39 . 2011-05-21 16:07 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-02 11:46 . 2012-06-02 11:46 0 ------w- c:\windows\SysWow64\shoD219.tmp
2012-05-29 03:19 . 2012-05-29 03:19 0 ------w- c:\windows\SysWow64\sho28E1.tmp
2012-05-24 07:26 . 2012-05-24 07:26 0 ------w- c:\windows\SysWow64\sho49E9.tmp
2012-05-22 14:16 . 2012-05-22 14:16 0 ------w- c:\windows\SysWow64\shoE7ED.tmp
2012-05-11 15:14 . 2012-06-02 13:51 251528 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-04-19 00:56 . 2012-04-19 00:56 94208 ------w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56 . 2012-04-19 00:56 69632 ------w- c:\windows\SysWow64\QuickTime.qts
2012-04-14 05:54 . 2012-04-14 05:54 0 ------w- c:\windows\SysWow64\shoD66C.tmp
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-02_14.29.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-13 21:01 . 2012-05-17 22:25 73216 c:\windows\SysWOW64\mshtmled.dll
+ 2012-06-13 21:01 . 2012-05-17 22:31 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-04-11 21:07 . 2012-02-28 01:08 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-04-11 21:07 . 2012-02-28 01:08 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-06-13 21:01 . 2012-05-17 22:31 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-07-05 23:21 . 2012-07-05 23:21 13965 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-06-02 13:18 . 2012-06-02 13:18 13965 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2012-06-02 13:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-05 23:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-05 23:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-02 13:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-02 13:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-05 23:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-04-26 20:36 . 2012-07-05 23:07 89950 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-05 23:07 38070 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-02 18:49 . 2012-07-05 23:07 21100 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1596572216-1839102024-950478850-1000_UserData.bin
+ 2012-06-13 21:01 . 2012-05-18 01:51 96768 c:\windows\system32\mshtmled.dll
- 2012-04-11 21:07 . 2012-02-28 06:47 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-06-13 21:01 . 2012-05-18 01:56 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-06-13 21:01 . 2012-05-18 01:56 85504 c:\windows\system32\jsproxy.dll
- 2012-04-11 21:07 . 2012-02-28 06:47 85504 c:\windows\system32\jsproxy.dll
+ 2012-06-22 20:03 . 2012-06-27 02:11 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\UserData\index.dat
+ 2012-06-26 20:10 . 2012-06-27 02:26 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012062620120627\index.dat
+ 2012-06-25 10:57 . 2012-06-25 23:57 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012062520120626\index.dat
+ 2012-06-25 10:19 . 2012-06-25 10:19 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012061820120625\index.dat
+ 2012-06-22 16:23 . 2012-06-22 16:23 49120 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
+ 2012-06-22 16:23 . 2012-06-28 22:56 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2012-06-22 16:23 . 2012-06-28 22:56 16384 c:\windows\system32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:46 . 2012-06-27 10:23 96016 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-06-13 21:12 . 2012-06-13 21:12 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-01-18 01:05 . 2012-05-11 03:34 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-06-13 21:41 . 2012-06-13 21:41 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\eef76dd965ea0a8ae5fb0c734d84389c\System.Web.DynamicData.Design.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2b97ccae44726f13c418f1406180c3e8\System.Web.DynamicData.Design.ni.dll
+ 2012-07-01 16:34 . 2012-07-01 16:34 66956 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCall.dll
+ 2010-09-08 03:41 . 2012-07-04 20:52 6382 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-09-07 11:13 . 2012-07-02 22:12 3448 c:\windows\system32\wdi\{95c162b7-5b71-44f8-82e4-abfd3108f40f}.bin
+ 2012-07-05 23:22 . 2012-07-05 23:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-02 13:33 . 2012-06-02 13:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-05 23:22 . 2012-07-05 23:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-02 13:33 . 2012-06-02 13:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-04-11 21:07 . 2012-02-28 01:09 231936 c:\windows\SysWOW64\url.dll
+ 2012-06-13 21:01 . 2012-05-17 22:33 231936 c:\windows\SysWOW64\url.dll
+ 2012-06-23 21:39 . 2012-06-23 21:39 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe
+ 2012-06-16 12:39 . 2012-06-16 12:39 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
+ 2012-06-16 12:39 . 2012-06-16 12:39 465096 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.dll
+ 2012-03-28 22:14 . 2012-06-23 21:39 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-06-13 21:01 . 2012-05-17 22:29 716800 c:\windows\SysWOW64\jscript.dll
- 2012-04-11 21:07 . 2012-02-28 01:06 716800 c:\windows\SysWOW64\jscript.dll
- 2011-05-07 19:10 . 2011-05-07 19:10 142848 c:\windows\SysWOW64\ieUnatt.exe
+ 2012-06-13 21:01 . 2012-05-17 22:29 142848 c:\windows\SysWOW64\ieUnatt.exe
- 2012-04-11 21:07 . 2012-02-28 00:59 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-06-13 21:01 . 2012-05-17 22:20 176640 c:\windows\SysWOW64\ieui.dll
+ 2010-09-02 19:57 . 2012-06-23 04:02 139696 c:\windows\SysWOW64\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
+ 2010-09-04 04:15 . 2012-06-20 10:56 299990 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-09-02 18:51 . 2012-07-05 22:36 354994 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2012-06-13 21:01 . 2012-05-18 01:58 237056 c:\windows\system32\url.dll
- 2012-04-11 21:07 . 2012-02-28 06:48 237056 c:\windows\system32\url.dll
+ 2009-07-14 02:36 . 2012-06-13 21:11 627768 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-02 13:25 627768 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-13 21:11 107794 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-02 13:25 107794 c:\windows\system32\perfc009.dat
+ 2012-06-23 21:39 . 2012-06-23 21:39 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_262_Plugin.exe
+ 2012-06-16 12:39 . 2012-06-16 12:39 417480 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_257_ActiveX.exe
+ 2012-06-16 12:39 . 2012-06-16 12:39 512200 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_257_ActiveX.dll
+ 2012-06-13 21:01 . 2012-05-18 01:55 818688 c:\windows\system32\jscript.dll
- 2012-04-11 21:07 . 2012-02-28 06:45 818688 c:\windows\system32\jscript.dll
+ 2012-06-13 21:01 . 2012-05-18 01:55 173056 c:\windows\system32\ieUnatt.exe
- 2011-05-07 19:10 . 2011-05-07 19:10 173056 c:\windows\system32\ieUnatt.exe
- 2012-04-11 21:07 . 2012-02-28 06:39 248320 c:\windows\system32\ieui.dll
+ 2012-06-13 21:01 . 2012-05-18 01:47 248320 c:\windows\system32\ieui.dll
+ 2009-07-14 05:12 . 2012-07-03 23:24 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-02-16 04:36 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-05-07 01:45 . 2012-07-04 14:29 442368 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-18 18:01 . 2012-03-06 23:15 258520 c:\windows\system32\aswBoot.exe
+ 2009-07-14 05:01 . 2012-07-05 22:59 555332 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-04-21 15:03 . 2012-04-21 15:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
- 2012-04-11 15:14 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-06-12 23:48 . 2012-04-23 22:33 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-04-21 15:03 . 2012-04-21 15:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
- 2012-04-11 15:14 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-06-12 23:48 . 2012-04-23 22:35 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2011-01-18 01:05 . 2012-05-11 03:34 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
+ 2012-06-13 21:44 . 2012-06-13 21:44 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll
+ 2012-06-13 21:44 . 2012-06-13 21:44 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll
+ 2012-06-13 21:43 . 2012-06-13 21:43 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll
+ 2012-06-13 21:43 . 2012-06-13 21:43 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 232960 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\db2b738efe91eed6c4413faf44707248\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 247808 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\b3b3284d16359533332c3424e1330c5c\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 864768 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\13f2ca7a3f3c6cf653896f76a7b167b6\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\097137b03ff37196b4b8ba62db34d64a\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\f669d7c64bbabbc41a4dc0221b5e8fb9\Microsoft.Office.Tools.Common.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 408576 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\bc872ac845076dd35928514198509678\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 199680 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\90d90e963577dcdcf1474cb98bd76781\Microsoft.Office.Tools.Outlook.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 993280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\644f5d4e386c5f2d2602e7348cc8a4a5\Microsoft.Office.Tools.Excel.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 708608 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\f120c1f17850a7b8d105f22907a09dd0\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 177152 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\740410269afdf2276525e1dfd870fee8\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 210432 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\39817a23777554d968852971b91a4f78\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8cc4dd9babffe370cf375925fba15f84\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 864768 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\ec9a55a16c6613554d1a7409811b7a2c\Microsoft.Office.Tools.Common.Implementation.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 312320 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\bfcd4123355c16c197e92883b1648bf7\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 336384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\54ab02cb617ed9070723032361c72de6\Microsoft.Office.Tools.Common.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 152064 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\42a5e49641bff019e55a8228560fc541\Microsoft.Office.Tools.Outlook.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 730624 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\282f3b9bd8dc8a67787e210a9b0e78e3\Microsoft.Office.Tools.Excel.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 676864 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\14ae412fbc10916dda33ce1616a63cf1\Microsoft.Office.Tools.Word.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f4d304fcbfda323997083a1f88b83719\WindowsFormsIntegration.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\681410f842337dccc72eb059738c3ced\TaskScheduler.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\72b4992e45d232251a273a59eb3333d5\System.Web.Routing.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\b905eb57b631a30c60caa4d68c186963\System.Web.Entity.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e412dfbf1aa49bbe345a02a4d23104f5\System.Web.Entity.Design.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\815769f953ebe3f84439d522c97317b8\System.Web.DynamicData.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\c8144ee08dccdac183527e53c86aa901\System.Web.Abstractions.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\d5d612f7d372f500e3062e3814e79d75\System.Messaging.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\fbc02e9f5a14bb93082ebc88bc577413\System.Drawing.Design.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\a88ca70ab9641b8236149bc5dd8d1564\System.Configuration.Install.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\2f1bad2fb963482a02443d5e7fece2b6\napsnap.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\bb4947f0ecc925a7bcfd129b6eec8f9b\napinit.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\67240ddde494b9cc05cd732ccd099668\MMCFxCommon.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\fda2f68162063c54d2e669e85de7dfb1\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 215040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\ee4f7ad751242afc39f32d1ea961f915\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 226304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d1ffef140ded6229eb2681594a992395\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cf9c858a00058974b41c67bbd68e45c4\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\6647982abd1fa9fc78d67407c1390d9c\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 773120 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\3adbee43498cd363d94881c0a329d519\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\c28d0d3c7d9214d676526f0f3b5eb305\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\795e07cc078bee3396f1d946f734c871\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e29cbd30a31d3c8dae19eb17f70c4ec4\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\409dae089f2e041343cff71f822cd505\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\803188573fb19785a94284e097c48a67\Microsoft.ManagementConsole.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\4ae6ccc32dafb4e3765b9db05585bd48\mcplayerinterop.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\b0db345fd62a84c98fd8b0bf3c72e8bb\mcGlidHostObj.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\bc5df15ee827e248dd6f819874a85718\EventViewer.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\08c9aa18b306aa47ddc0ae4a63b05d04\ehExtHost.ni.exe
+ 2012-06-13 21:37 . 2012-06-13 21:37 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\f3e052584df9c614407da662dd3c3df3\TaskScheduler.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\06e4119a0a3484bb0ca667a16145ce74\System.Web.Routing.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\4f13c2c06fb97f6659473f02802b377b\System.Web.Extensions.Design.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bc239944bca7cc6b6ddb473259183c7d\System.Web.Entity.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\3701488fb9e601ebe963db25b784d684\System.Web.Entity.Design.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a09cc9877f51f16a4610b702155e8b70\System.Web.DynamicData.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c6aad1edcc51862ceb26b6b65dad1490\System.Web.Abstractions.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\912a0776c2bfd35ff76bd0b8ba977ed4\System.Drawing.Design.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\498d2033c60fe5b777cf923b71b25972\System.Configuration.Install.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 615936 c:\windows\assembly\NativeImages_v2.0.50727_32\PreviewControls\200807fe4e578c3010963a4ad3c97e61\PreviewControls.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 277504 c:\windows\assembly\NativeImages_v2.0.50727_32\PbServiceCore\d1c6a120dd3f37737cf5b22a4075247d\PbServiceCore.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 813056 c:\windows\assembly\NativeImages_v2.0.50727_32\PbAreas\caeb39fc56a2c7ba78228bc825c69517\PbAreas.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\acfafa161ea232928cb02b01c50acf1c\napsnap.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\0abec246c5ca6ec4858bfd3ab84da0ec\napinit.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\1e03b7c2539c5376f0665a4aba04efbd\MMCFxCommon.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 134144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ed2102b0b601b70eeaa3aa97dec5d239\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 617472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e439c12c9e047a5252fc0870a0edad57\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d7f1a24f4ab28ff9859120d65b72d688\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 196608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a69d72d7be25af07f8138646ca184ac4\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\787f2a870ba9d0895455ccd8578f1a20\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\54aa66ae5ce18ece1133102c5de4a105\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\e1a8a0ddc283db83528f343abaa74ac5\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\b70bc4c745dd9a2e5e90e46bcedfe1dc\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\78dd5caf7a28d0b1b122483818205cf0\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\51ad304ce7ae5aa72a6afdbce7661195\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\622b582866fca37f113bd97ae4c6d1f6\Microsoft.ManagementConsole.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\02577b78c6ed2f9bda301de888dccad8\EventViewer.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\a6b8eb80cfbdd927b2fa4ecb69fc0209\ehExtHost32.ni.exe
+ 2012-06-13 21:37 . 2012-06-13 21:37 696832 c:\windows\assembly\NativeImages_v2.0.50727_32\DataSource\846e05eea230323e8129390dc5f4fa17\DataSource.ni.dll
+ 2012-06-12 23:48 . 2012-04-23 22:35 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-04-11 15:14 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-29 00:22 . 2012-06-29 00:22 189872 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCalla36.exe
+ 2012-07-01 16:34 . 2012-07-01 16:34 189872 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCalla36.dll
+ 2012-07-01 16:34 . 2012-07-01 16:34 175992 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCalla34.dll
+ 2012-07-01 16:34 . 2012-07-01 16:34 176035 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCalla33.dll
+ 2012-07-01 16:34 . 2012-07-01 16:34 176545 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCalla32.dll
+ 2012-07-01 16:34 . 2012-07-01 16:34 184966 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCalla31.exe
+ 2012-07-01 16:34 . 2012-07-01 16:34 189776 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCalla21.dll
+ 2012-07-01 16:34 . 2012-07-01 16:34 176035 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCalla2.dll
+ 2012-07-01 16:34 . 2012-07-01 16:34 179526 c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP\WiseCustomCalla.dll
+ 2012-06-13 21:01 . 2012-05-17 22:35 1129472 c:\windows\SysWOW64\wininet.dll
+ 2012-06-13 21:01 . 2012-05-17 22:36 1103872 c:\windows\SysWOW64\urlmon.dll
+ 2012-06-23 21:39 . 2012-06-23 21:39 9459912 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
+ 2012-06-23 21:39 . 2012-06-23 21:39 1535176 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
+ 2012-06-13 21:01 . 2012-05-17 22:45 1800192 c:\windows\SysWOW64\jscript9.dll
+ 2012-06-13 21:01 . 2012-05-17 22:27 1793024 c:\windows\SysWOW64\iertutil.dll
+ 2012-06-13 21:01 . 2012-05-17 22:48 9737728 c:\windows\SysWOW64\ieframe.dll
+ 2012-06-13 21:01 . 2012-05-18 01:59 1392128 c:\windows\system32\wininet.dll
+ 2012-06-13 21:01 . 2012-05-18 01:59 1346048 c:\windows\system32\urlmon.dll
+ 2012-06-13 21:01 . 2012-05-18 02:06 2311680 c:\windows\system32\jscript9.dll
+ 2012-06-13 21:01 . 2012-05-18 01:54 2144768 c:\windows\system32\iertutil.dll
+ 2009-07-14 04:45 . 2012-06-23 04:00 5121144 c:\windows\system32\FNTCACHE.DAT
+ 2010-05-07 01:45 . 2012-07-04 14:29 5898240 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:45 . 2012-05-29 13:29 7174117 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-06-23 04:02 7174117 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-05-18 22:38 . 2012-07-05 22:53 4942880 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1596572216-1839102024-950478850-1000-12288.dat
+ 2012-06-23 03:47 . 2012-06-24 00:05 7559820 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-03-15 17:17 . 2012-03-15 17:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
+ 2012-06-12 23:49 . 2012-03-21 22:30 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
- 2012-05-10 02:27 . 2012-01-04 03:34 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-12 23:49 . 2012-03-21 22:30 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
- 2011-02-26 15:39 . 2010-11-05 01:56 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
+ 2012-03-15 17:17 . 2012-03-15 17:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
+ 2012-06-12 23:49 . 2012-03-21 22:32 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2012-05-10 02:27 . 2012-01-04 02:51 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2011-02-26 15:39 . 2010-11-05 01:58 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2012-06-12 23:49 . 2012-03-21 22:32 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-11 03:32 . 2012-05-11 03:32 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-13 21:11 . 2012-06-13 21:11 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-05-17 06:58 . 2012-05-17 06:58 3462144 c:\windows\Installer\9db3d1a.msp
+ 2012-04-23 02:46 . 2012-04-23 02:46 1187328 c:\windows\Installer\9db3d04.msp
+ 2012-03-15 18:26 . 2012-03-15 18:26 4212736 c:\windows\Installer\9db3cfb.msp
+ 2012-06-28 11:50 . 2012-06-28 11:50 2871808 c:\windows\Installer\58444.msi
+ 2012-06-28 11:50 . 2012-06-28 11:50 8544256 c:\windows\Installer\58440.msi
+ 2012-07-02 21:18 . 2012-07-02 21:18 8451584 c:\windows\Installer\46efae1.msi
- 2011-01-18 01:05 . 2012-05-11 03:34 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe
- 2011-01-18 01:05 . 2012-05-11 03:34 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-01-18 01:05 . 2012-06-13 21:13 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-06-13 21:42 . 2012-06-13 21:42 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll
+ 2012-06-13 21:44 . 2012-06-13 21:44 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-13 21:43 . 2012-06-13 21:43 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll
+ 2012-06-13 21:43 . 2012-06-13 21:43 2305024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll
+ 2012-06-13 21:43 . 2012-06-13 21:43 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll
+ 2012-06-13 21:43 . 2012-06-13 21:43 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll
+ 2012-06-13 21:43 . 2012-06-13 21:43 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll
+ 2012-06-13 21:43 . 2012-06-13 21:43 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\e4d308f69077903e24de92fe4fc06d29\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 1118208 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\a134c72a9b938f147c994096bd1518bf\Microsoft.Office.Tools.Common.Implementation.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 1070080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\8da91be67f85f2d15c39ff4857bf123e\Microsoft.Office.Tools.Word.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 2035200 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\826b1f645b8bd37b2d8e2d39f268e1ef\Microsoft.Office.Tools.Excel.Implementation.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\7232b865f1bb76a731de4d67e2516e03\Microsoft.Office.Tools.Word.Implementation.ni.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\7f0476e4df01ca2219f7db531408e91c\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f87f8bc0bc9563096150f23f6c220e7b\System.Printing.ni.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e899cda47704280f54949c69b78c55cc\System.Deployment.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\36299fad6b7b591cfb6bd9e50dbd33df\System.Activities.Presentation.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\442af6f7c8b447bdec3ad8d23da89c5a\ReachFramework.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\cf455da9b8fedf66767c1a7ab3eea9c9\PresentationUI.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 1139712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2ed0173a2e75b1a3943bd2d96649a50c\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 1551872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\7cfb808ac13b9432c5b771d64ff37f8d\Microsoft.Office.Tools.Excel.Implementation.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 1117696 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\23fd6f8a660b32bcd02bb596965cd0fe\Microsoft.Office.Tools.Word.Implementation.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\70cc5e8a5a3372fe0b104c1b20392cd2\System.WorkflowServices.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\aa638ba79250284eb4af4adaa4a4117b\System.Workflow.Runtime.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\996dc2af3b9e5c111130935f298908c6\System.Workflow.ComponentModel.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\178797db84abae2eeaed835bd28ca52c\System.Workflow.Activities.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\a32734087cd0db5607d5744ca63235d7\System.Web.Services.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\af7689e8cbec5d2755497be23c30e293\System.Web.Mobile.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\768ea257d75839979b4efb2d49d653f6\System.Web.Extensions.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\2c47bc5d426a7cf9ffef1425eda08184\System.Web.Extensions.Design.ni.dll
+ 2012-06-13 21:35 . 2012-06-13 21:35 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\b964519964d302b4977e1380d8d15f1a\System.Printing.ni.dll
+ 2012-06-13 21:34 . 2012-06-13 21:34 2318848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
+ 2012-06-13 21:34 . 2012-06-13 21:34 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6e4e9b07f376d445df1718c0011fa99b\System.Deployment.ni.dll
+ 2012-06-13 21:35 . 2012-06-13 21:35 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\1f88a3693c8ddd527a130aff49dc58b3\ReachFramework.ni.dll
+ 2012-06-13 21:35 . 2012-06-13 21:35 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\b91c32fab08ba62d8c7681cc596895be\PresentationUI.ni.dll
+ 2012-06-13 21:41 . 2012-06-13 21:41 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\ac1ba76ed19d668ce53a74593f040453\Narrator.ni.exe
+ 2012-06-13 21:41 . 2012-06-13 21:41 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\df2557ab1b8e4389d846e13dc82eba57\MMCEx.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\61812970c4743b686a67f28687e1dcb6\MIGUIControls.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1586ee919f86130df9771cf9b8d95d3a\Microsoft.VisualBasic.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ca7e936eed0de2436d87b2601ee3a20a\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6caa366471176a065a96d77e8ba01eeb\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3040e2de07177c0a6a66a49de61fdc59\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 1186304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\91391297ea9428993774313f05e98dd2\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 1875456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\6ecfa88a42ba7c5c3a4580cd479d0d21\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 1093632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\0929a1a8f19d58cca0ff9bf5f9086dc1\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b2afc0af3d89ae00e973b4e6e9db382c\Microsoft.MediaCenter.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\73bfbdccdc1b0ae87f70a0ec594fee3c\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\653e1ee01f10d658d52ca42e17e74283\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\dac69844e6333484159a4cf544190906\Microsoft.Ink.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4b362e9e25c33e371f06403edec8849a\Microsoft.Build.Tasks.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\33730d136a34d2f4e56a0322f49ee9b6\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-13 21:39 . 2012-06-13 21:39 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\cc4844e7242c1e35d145bf2439f944c5\mcstore.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1938944 c:\windows\assembly\NativeImages_v2.0.50727_32\VMStory\2d4cc8f1b0a2869a36792033daaa8354\VMStory.ni.exe
+ 2012-06-13 21:38 . 2012-06-13 21:38 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll
+ 2012-06-13 21:34 . 2012-06-13 21:34 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\88bfc62ac0195a8ae673c444a3339505\System.Workflow.Runtime.ni.dll
+ 2012-06-13 21:34 . 2012-06-13 21:34 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\cfb739be21092d5b8f7b4fde529e6aaa\System.Workflow.ComponentModel.ni.dll
+ 2012-06-13 21:34 . 2012-06-13 21:34 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\a815fffab98375c1919df68b5b292725\System.Workflow.Activities.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4a90802e36dee6e10d9bf54832cbf549\System.Web.Mobile.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c45efc7ec92c1da8e67eb597559ec39c\System.Web.Extensions.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\991dbe40be5b114ed705bb5b48e6b330\System.Printing.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87f73de6e080d37be93adfc7d5c31d7a\ReachFramework.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1443840 c:\windows\assembly\NativeImages_v2.0.50727_32\PbCore\7358a7bb31787b363bd23efdaa58f006\PbCore.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1409024 c:\windows\assembly\NativeImages_v2.0.50727_32\PbControls\5dd9a9523f090e6c02e261e13bd0601f\PbControls.ni.dll
+ 2012-06-13 21:38 . 2012-06-13 21:38 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\17add09c98fa34255142d42697db53df\Narrator.ni.exe
+ 2012-06-13 21:37 . 2012-06-13 21:37 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\21abde8efab609732b2ade3f05234e79\MMCEx.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\0e7da0df83f0619e3b0e0a7d7ee05fa3\MIGUIControls.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\99ae5f32cd1dc3618659bc3c77f2b2a9\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\77b5496d214dd5034294b058c0bb0e8d\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\72765e5fab12761eb6d3f58180fa34d7\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\63513a219edd166209b039f0681f1d59\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1787904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\fb4866eac162b305cc84d1c7cc8da1f5\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1564672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\5190887d5ed2ef28d1596fd2f48bd935\Microsoft.Office.BusinessApplications.Runtime.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 4752384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\48c93c9b5095c25bc4fde40f25c014ea\Microsoft.Office.BusinessApplications.SyncServices.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 3238400 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\2db98cd03e8f4be6c6b33bee3bdbfc30\Microsoft.Office.BusinessData.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 2091520 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\2983eeeb5d0c013e215bf9fc069710a6\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ce1d10f94b40f054017865757552f2d\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7fab1ec8f5ed6a55a8a73b2c590bd7cd\Microsoft.MediaCenter.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\4d381048e3b9c0914c0f72c6aa0a599d\Microsoft.Ink.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3893fa9a19b52dee8b2cc424840d5d08\Microsoft.Build.Tasks.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\1d2250044b1ecff755e26ed12f6d27cb\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\3a4e56a8d1075cf0af0619c383b3e592\mcstore.ni.dll
+ 2012-06-13 21:37 . 2012-06-13 21:37 2931712 c:\windows\assembly\NativeImages_v2.0.50727_32\EngineFacade\5662195ec8b9b6db40c5afe6aae32fd1\EngineFacade.ni.dll
- 2012-05-10 02:27 . 2012-01-04 02:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-12 23:49 . 2012-03-21 22:32 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-12 23:49 . 2012-03-21 22:32 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-02-26 15:39 . 2010-11-05 01:58 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-13 21:01 . 2012-05-17 23:11 12314624 c:\windows\SysWOW64\mshtml.dll
+ 2009-07-14 02:34 . 2012-06-21 05:11 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-05-11 20:08 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-06-13 21:01 . 2012-05-18 02:47 17807360 c:\windows\system32\mshtml.dll
+ 2010-09-06 15:34 . 2012-06-13 21:08 58957832 c:\windows\system32\MRT.exe
+ 2012-06-23 21:39 . 2012-06-23 21:39 12310216 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll
+ 2012-06-13 21:01 . 2012-05-18 02:16 10924032 c:\windows\system32\ieframe.dll
+ 2009-07-14 04:54 . 2012-07-04 14:29 16187392 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-03 21:01 . 2012-07-05 22:59 12382470 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1596572216-1839102024-950478850-1000-8192.dat
+ 2011-06-05 19:30 . 2012-06-24 00:04 13961176 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1596572216-1839102024-950478850-1000-4096.dat
+ 2012-06-13 21:43 . 2012-06-13 21:43 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll
+ 2012-06-13 21:43 . 2012-06-13 21:43 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll
+ 2012-06-13 21:42 . 2012-06-13 21:42 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 13198336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
+ 2012-06-13 21:13 . 2012-06-13 21:13 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
+ 2012-06-13 21:12 . 2012-06-13 21:12 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
+ 2012-06-13 21:35 . 2012-06-13 21:35 17383424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll
+ 2012-06-13 21:36 . 2012-06-13 21:36 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\582144c0ee317038621aebc626187b56\System.Design.ni.dll
+ 2012-06-13 21:35 . 2012-06-13 21:35 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll
+ 2012-06-13 21:34 . 2012-06-13 21:34 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll
+ 2012-06-13 21:40 . 2012-06-13 21:40 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\0c1f96a4136efe532bbb8eb91d3de300\ehshell.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 12436480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fb64ab5953a0f570b4852f43e6ebbfc3\System.Design.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
+ 2012-06-13 21:33 . 2012-06-13 21:33 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-05-07 1073312]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-02 05:03 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-06 69976]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-26 189736]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-07 135664]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-20 549616]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-08-16 592120]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 32768]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-07 135664]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2010-04-29 32768]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-12-16 151936]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-09-09 244736]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-12 129976]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-12 340240]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TVICHW64;TVICHW64;c:\windows\system32\DRIVERS\TVICHW64.SYS [2010-10-02 21200]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-04 1255736]
R3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2009-12-18 36760]
R3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340); [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-12-14 56344]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-01-19 8080384]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-07 02:02]
.
2012-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-07 02:02]
.
2012-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1596572216-1839102024-950478850-1000Core.job
- c:\users\Widly\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30 12:19]
.
2012-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1596572216-1839102024-950478850-1000UA.job
- c:\users\Widly\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30 12:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-09-09 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-09-09 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-09-09 410136]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [2009-11-04 208384]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-12 1931536]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://washingtonpost.com/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 192.1.1.16:80
Trusted Zone: cs50.net\courses
Trusted Zone: gq.com\www
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://core-vpn-1-gw.fas.harvard.edu/CACHE/stc/5/binaries/vpnweb.cab
FF - ProfilePath - c:\users\Widly\AppData\Roaming\Mozilla\Firefox\Profiles\u0bjl0uv.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B41e73a88-0f0e-4b5a-998e-a38c192d12fe%7D&mid=f4985ee5f72a47d08f96850b0fba2e0a-08566a9274eba5528e6248be135ae92e8985804f&ds=AVG&v=11.1.0.12&lang=en&pr=fr&d=2012-06-28%2007%3A52%3A00&sap=ku&q=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-ArgenteRC - c:\program files (x86)\Argente - Registry Cleaner\ArgenteRC.exe
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-05 19:37:30
ComboFix-quarantined-files.txt 2012-07-05 23:37
ComboFix2.txt 2012-06-02 14:31
.
Pre-Run: 237,018,890,240 bytes free
Post-Run: 237,062,574,080 bytes free
.
- - End Of File - - 9398D9FF6164D8CB1366B0BB75317D5D

#9 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:18 PM

Posted 05 July 2012 - 08:14 PM

Good run of Combofix.
Now, I need for you to logoff and Restart in Windows normal mode.
Then do an online scan with ESET.

You will want to print out or copy these instructions to Notepad for offline reference!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.
Using Internet Explorer browser only, go to ESET Online Scanner website:
http://www.eset.com/onlinescan/

  • Accept the Terms of Use and press Start button;
  • Approve the install of the required ActiveX Control, then follow on-screen instructions;
  • Enable (check) the Remove found threats option, and run the scan.
  • After the scan completes, the Details tab in the Results window will display what was found and removed.
  • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.
Look at contents of this file using Notepad.

The Frequently Asked Questions for ESET Online Scanner can be viewed here
http://go.eset.com/us/online-scanner/faq

  • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
    (And the prompt re-enabling when finished.)
  • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
  • Do not use the system while the scan is running. Once the full scan is underway, go take a long break Posted ImagePosted Image

Re-enable the antivirus program.

Reply with copy of the Eset scan log.
There will be more to do later.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#10 widly05

widly05
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 06 July 2012 - 06:11 PM

I keep trying to run the ESET scanner, however, each time the ESET halts in the middle of scanning my computer. The message when the scan stops says "OnlineCmdLineScanner.exe has stopped working - a problem caused the program to stop working correctly."

Here is the log though

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-06 02:20:27
# local_time=2012-07-05 10:20:27 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=770 16774141 16 2 42360721 42360721 0 0
# compatibility_mode=5893 16776573 100 94 0 93084349 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=25870
# found=0
# cleaned=0
# scan_time=328
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e2c50ec4ccda98449f59d1349878c0d9
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-06 02:38:11
# local_time=2012-07-05 10:38:11 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=770 16774141 16 2 42361441 42361441 0 0
# compatibility_mode=5893 16776573 100 94 0 93085069 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=25870
# found=0
# cleaned=0
# scan_time=673

#11 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:18 PM

Posted 07 July 2012 - 01:37 PM

Download Dr.Web CureIt to the desktop.
  • Turn OFF your antivirus program.
    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Doubleclick the drweb-cureit.exe file, then on Start and allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, chose the Complete Scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow Posted Image at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look and see if you can click the following icon next to the files found:
    Posted Image
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    Posted Image
  • This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.
NOTE: During the scan, a pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Step 2
Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Re-Enable your antivirus program when all done.

Copy & Paste the log from drWeb Cure-it and TDSSKILLER for review.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#12 widly05

widly05
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 08 July 2012 - 04:45 PM

Dr. Web Log


ajs[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Deleted.;
ajs[3].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Deleted.;
ajs[5].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Deleted.;
ajs[7].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Deleted.;
ajs[9].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Deleted.;
GetAd[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Deleted.;
GetAd[1].js\JSFile_1[0][ca4];C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15\GetAd[1];Probably SCRIPT.Virus;;
GetAd[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15;Container contains infected objects;Moved.;
GetAd[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[2].js\JSFile_1[0][9d3];C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15\GetAd[2];Probably SCRIPT.Virus;;
GetAd[2].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15;Container contains infected objects;Moved.;
GetAd[2].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[3].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Deleted.;
GetAd[4].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Deleted.;
GetAd[5].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Deleted.;
GetAd[6].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Deleted.;
ajsCAUDJO1P.js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H5TOZDPL;Probably SCRIPT.Virus;Deleted.;
GetAd[1].js\JSFile_1[0][ca4];C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H5TOZDPL\GetAd[1];Probably SCRIPT.Virus;;
GetAd[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H5TOZDPL;Container contains infected objects;Moved.;
GetAd[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H5TOZDPL;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[2].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H5TOZDPL;Probably SCRIPT.Virus;Deleted.;
ajsCAUQ6SLI.js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MD57JROX;Probably SCRIPT.Virus;Deleted.;
ajs[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MD57JROX;Probably SCRIPT.Virus;Deleted.;
GetAd[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MD57JROX;Probably SCRIPT.Virus;Deleted.;
ajs[6].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QB886R9L;Probably SCRIPT.Virus;Deleted.;
ajs[7].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QB886R9L;Probably SCRIPT.Virus;Deleted.;
ajs[8].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QB886R9L;Probably SCRIPT.Virus;Deleted.;
ajsCA1XSPUE.js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
ajsCAE2DO6H.js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
ajs[10].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
ajs[11].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
ajs[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
ajs[2].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
ajs[3].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
ajs[8].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
ajs[9].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
GetAd[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Deleted.;
ajs[3].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Deleted.;
ajs[4].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Deleted.;
ajs[5].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Deleted.;
ajs[6].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Deleted.;
GetAd[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Deleted.;
GetAd[2].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Deleted.;
GetAd[3].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Deleted.;
GetAd[4].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Deleted.;
GetAd[5].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Deleted.;
GetAd[1].js;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VFBF4VQE;Probably SCRIPT.Virus;Deleted.;
ajs[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[5].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[7].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[9].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[4].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[5].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[6].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajsCAUDJO1P.js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[2].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajsCAUQ6SLI.js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[6].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[7].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[8].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajsCA1XSPUE.js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajsCAE2DO6H.js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[10].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[11].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[2].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[8].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[9].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[4].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[5].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[6].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[2].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[4].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[5].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\;Probably SCRIPT.Virus;Invalid path to file ;
ajs[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Invalid path to file ;
ajs[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Invalid path to file ;
ajs[5].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Invalid path to file ;
ajs[7].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Invalid path to file ;
ajs[9].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\C2CFC79M;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[4].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[5].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[6].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\CMALPC15;Probably SCRIPT.Virus;Invalid path to file ;
ajsCAUDJO1P.js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\H5TOZDPL;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[2].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\H5TOZDPL;Probably SCRIPT.Virus;Invalid path to file ;
ajsCAUQ6SLI.js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\MD57JROX;Probably SCRIPT.Virus;Invalid path to file ;
ajs[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\MD57JROX;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\MD57JROX;Probably SCRIPT.Virus;Invalid path to file ;
ajs[6].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\QB886R9L;Probably SCRIPT.Virus;Invalid path to file ;
ajs[7].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\QB886R9L;Probably SCRIPT.Virus;Invalid path to file ;
ajs[8].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\QB886R9L;Probably SCRIPT.Virus;Invalid path to file ;
ajsCA1XSPUE.js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
ajsCAE2DO6H.js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
ajs[10].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
ajs[11].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
ajs[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
ajs[2].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
ajs[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
ajs[8].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
ajs[9].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\S83WQBA6;Probably SCRIPT.Virus;Invalid path to file ;
ajs[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Invalid path to file ;
ajs[4].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Invalid path to file ;
ajs[5].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Invalid path to file ;
ajs[6].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[2].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[3].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[4].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[5].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\SI2YLNBE;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[1].js;C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files\Content.IE5\VFBF4VQE;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[10.js\JSFile_1[0][ca4];C:\Documents and Settings\Widly\DoctorWeb\Quarantine\GetAd[10.js;Probably SCRIPT.Virus;;
GetAd[10.js;C:\Documents and Settings\Widly\DoctorWeb\Quarantine;Container contains infected objects;Moved.;
GetAd[10.js;C:\Documents and Settings\Widly\DoctorWeb\Quarantine;Probably SCRIPT.Virus;Deleted.;
GetAd[1].js\JSFile_1[0][ca4];C:\Documents and Settings\Widly\DoctorWeb\Quarantine\GetAd[1].js;Probably SCRIPT.Virus;;
GetAd[1].js;C:\Documents and Settings\Widly\DoctorWeb\Quarantine;Container contains infected objects;Moved.;
GetAd[1].js;C:\Documents and Settings\Widly\DoctorWeb\Quarantine;Probably SCRIPT.Virus;Invalid path to file ;
GetAd[2].js\JSFile_1[0][9d3];C:\Documents and Settings\Widly\DoctorWeb\Quarantine\GetAd[2].js;Probably SCRIPT.Virus;;
GetAd[2].js;C:\Documents and Settings\Widly\DoctorWeb\Quarantine;Container contains infected objects;Moved.;
GetAd[2].js;C:\Documents and Settings\Widly\DoctorWeb\Quarantine;Probably SCRIPT.Virus;Invalid path to file ;
cnet2_ComboFix_exe.exe;C:\Documents and Settings\Widly\Downloads;Adware.Downware.130;Deleted.;
cnet2_Registry Cleaner_exe (1).exe;C:\Documents and Settings\Widly\Downloads;Adware.Downware.130;Deleted.;
cnet2_Registry Cleaner_exe.exe;C:\Documents and Settings\Widly\Downloads;Adware.Downware.130;Deleted.;
internet2.dll;C:\Program Files (x86)\CCDC\Mercury 3.0\R-2.11.1\modules;Probably BACKDOOR.Trojan;Deleted.;
cnet2_ComboFix_exe.exe;C:\Users\Widly\Downloads;Adware.Downware.130;Invalid path to file ;
cnet2_Registry Cleaner_exe (1).exe;C:\Users\Widly\Downloads;Adware.Downware.130;Invalid path to file ;
cnet2_Registry Cleaner_exe.exe;C:\Users\Widly\Downloads;Adware.Downware.130;Invalid path to file ;










TDSS Log



17:37:32.0829 2440 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
17:37:33.0156 2440 ============================================================
17:37:33.0156 2440 Current date / time: 2012/07/08 17:37:33.0156
17:37:33.0156 2440 SystemInfo:
17:37:33.0156 2440
17:37:33.0156 2440 OS Version: 6.1.7601 ServicePack: 1.0
17:37:33.0156 2440 Product type: Workstation
17:37:33.0156 2440 ComputerName: WIDLY-VAIO
17:37:33.0156 2440 UserName: Widly
17:37:33.0156 2440 Windows directory: C:\Windows
17:37:33.0156 2440 System windows directory: C:\Windows
17:37:33.0156 2440 Running under WOW64
17:37:33.0156 2440 Processor architecture: Intel x64
17:37:33.0156 2440 Number of processors: 4
17:37:33.0156 2440 Page size: 0x1000
17:37:33.0156 2440 Boot type: Normal boot
17:37:33.0156 2440 ============================================================
17:37:33.0637 2440 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:37:33.0702 2440 ============================================================
17:37:33.0702 2440 \Device\Harddisk0\DR0:
17:37:33.0770 2440 MBR partitions:
17:37:33.0770 2440 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1451000, BlocksNum 0x32000
17:37:33.0770 2440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1483000, BlocksNum 0x23FAB2B0
17:37:33.0770 2440 ============================================================
17:37:33.0882 2440 C: <-> \Device\Harddisk0\DR0\Partition1
17:37:33.0883 2440 ============================================================
17:37:33.0883 2440 Initialize success
17:37:33.0883 2440 ============================================================
17:37:48.0442 1344 ============================================================
17:37:48.0442 1344 Scan started
17:37:48.0442 1344 Mode: Manual;
17:37:48.0442 1344 ============================================================
17:37:50.0609 1344 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:37:50.0640 1344 1394ohci - ok
17:37:50.0788 1344 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:37:50.0806 1344 ACDaemon - ok
17:37:50.0999 1344 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:37:51.0020 1344 ACPI - ok
17:37:51.0052 1344 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:37:51.0053 1344 AcpiPmi - ok
17:37:51.0268 1344 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:37:51.0269 1344 AdobeARMservice - ok
17:37:53.0280 1344 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:37:53.0323 1344 AdobeFlashPlayerUpdateSvc - ok
17:37:53.0648 1344 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:37:53.0663 1344 adp94xx - ok
17:37:53.0733 1344 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:37:53.0740 1344 adpahci - ok
17:37:53.0776 1344 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:37:53.0797 1344 adpu320 - ok
17:37:54.0008 1344 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:37:54.0024 1344 AeLookupSvc - ok
17:37:54.0283 1344 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:37:54.0348 1344 AFD - ok
17:37:54.0596 1344 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:37:54.0609 1344 agp440 - ok
17:37:54.0649 1344 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:37:54.0652 1344 ALG - ok
17:37:54.0679 1344 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:37:54.0681 1344 aliide - ok
17:37:54.0700 1344 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:37:54.0702 1344 amdide - ok
17:37:54.0978 1344 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:37:54.0987 1344 AmdK8 - ok
17:37:55.0022 1344 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:37:55.0024 1344 AmdPPM - ok
17:37:55.0061 1344 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:37:55.0064 1344 amdsata - ok
17:37:55.0110 1344 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:37:55.0114 1344 amdsbs - ok
17:37:55.0135 1344 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:37:55.0136 1344 amdxata - ok
17:37:55.0266 1344 androidusb (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\androidusb.sys
17:37:55.0279 1344 androidusb - ok
17:37:55.0316 1344 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys
17:37:55.0319 1344 ApfiltrService - ok
17:37:55.0557 1344 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:37:55.0559 1344 AppID - ok
17:37:55.0603 1344 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:37:55.0605 1344 AppIDSvc - ok
17:37:55.0815 1344 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:37:55.0818 1344 Appinfo - ok
17:37:56.0152 1344 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:37:56.0158 1344 Apple Mobile Device - ok
17:37:56.0216 1344 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:37:56.0219 1344 arc - ok
17:37:56.0251 1344 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:37:56.0254 1344 arcsas - ok
17:37:56.0273 1344 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
17:37:56.0274 1344 ArcSoftKsUFilter - ok
17:37:56.0319 1344 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
17:37:56.0320 1344 aswFsBlk - ok
17:37:56.0359 1344 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
17:37:56.0361 1344 aswMonFlt - ok
17:37:56.0378 1344 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
17:37:56.0379 1344 aswRdr - ok
17:37:56.0464 1344 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
17:37:56.0474 1344 aswSnx - ok
17:37:57.0231 1344 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
17:37:57.0236 1344 aswSP - ok
17:37:57.0497 1344 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
17:37:57.0498 1344 aswTdi - ok
17:37:57.0550 1344 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:37:57.0552 1344 AsyncMac - ok
17:37:57.0581 1344 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:37:57.0583 1344 atapi - ok
17:37:58.0075 1344 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
17:37:58.0163 1344 athr - ok
17:38:01.0383 1344 atikmdag (f3a362b683b6158cc47d7e8e58b7ddc9) C:\Windows\system32\DRIVERS\atikmdag.sys
17:38:01.0511 1344 atikmdag - ok
17:38:03.0415 1344 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:38:03.0464 1344 AudioEndpointBuilder - ok
17:38:03.0473 1344 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:38:03.0479 1344 AudioSrv - ok
17:38:03.0765 1344 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:38:03.0766 1344 avast! Antivirus - ok
17:38:04.0028 1344 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:38:04.0035 1344 AxInstSV - ok
17:38:04.0770 1344 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:38:04.0800 1344 b06bdrv - ok
17:38:05.0204 1344 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:38:05.0465 1344 b57nd60a - ok
17:38:06.0049 1344 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:38:06.0052 1344 BDESVC - ok
17:38:06.0078 1344 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:38:06.0079 1344 Beep - ok
17:38:06.0342 1344 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:38:06.0371 1344 BFE - ok
17:38:07.0252 1344 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
17:38:07.0302 1344 BITS - ok
17:38:07.0542 1344 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
17:38:07.0554 1344 blbdrive - ok
17:38:08.0187 1344 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:38:08.0205 1344 Bonjour Service - ok
17:38:08.0242 1344 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:38:08.0244 1344 bowser - ok
17:38:08.0283 1344 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:38:08.0285 1344 BrFiltLo - ok
17:38:08.0337 1344 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:38:08.0339 1344 BrFiltUp - ok
17:38:08.0367 1344 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:38:08.0370 1344 BridgeMP - ok
17:38:08.0405 1344 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:38:08.0422 1344 Browser - ok
17:38:08.0458 1344 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
17:38:08.0463 1344 Brserid - ok
17:38:08.0487 1344 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:38:08.0489 1344 BrSerWdm - ok
17:38:08.0502 1344 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:38:08.0504 1344 BrUsbMdm - ok
17:38:08.0523 1344 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
17:38:08.0524 1344 BrUsbSer - ok
17:38:08.0556 1344 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:38:08.0558 1344 BthEnum - ok
17:38:08.0817 1344 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:38:08.0849 1344 BTHMODEM - ok
17:38:08.0885 1344 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:38:08.0888 1344 BthPan - ok
17:38:08.0945 1344 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:38:08.0954 1344 BTHPORT - ok
17:38:09.0021 1344 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:38:09.0024 1344 bthserv - ok
17:38:09.0046 1344 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:38:09.0048 1344 BTHUSB - ok
17:38:09.0072 1344 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
17:38:09.0075 1344 btusbflt - ok
17:38:09.0114 1344 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
17:38:09.0117 1344 btwaudio - ok
17:38:09.0153 1344 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
17:38:09.0156 1344 btwavdt - ok
17:38:09.0307 1344 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:38:09.0333 1344 btwdins - ok
17:38:09.0466 1344 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
17:38:09.0468 1344 btwl2cap - ok
17:38:09.0500 1344 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys
17:38:09.0502 1344 btwrchid - ok
17:38:09.0523 1344 catchme - ok
17:38:09.0539 1344 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:38:09.0541 1344 cdfs - ok
17:38:09.0568 1344 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:38:09.0570 1344 cdrom - ok
17:38:09.0598 1344 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:38:09.0600 1344 CertPropSvc - ok
17:38:09.0614 1344 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:38:09.0616 1344 circlass - ok
17:38:09.0681 1344 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:38:09.0685 1344 CLFS - ok
17:38:09.0792 1344 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:09.0795 1344 clr_optimization_v2.0.50727_32 - ok
17:38:09.0836 1344 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:38:09.0839 1344 clr_optimization_v2.0.50727_64 - ok
17:38:09.0912 1344 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:38:09.0938 1344 clr_optimization_v4.0.30319_32 - ok
17:38:09.0991 1344 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:38:09.0994 1344 clr_optimization_v4.0.30319_64 - ok
17:38:10.0033 1344 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:38:10.0035 1344 CmBatt - ok
17:38:10.0065 1344 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:38:10.0067 1344 cmdide - ok
17:38:10.0145 1344 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:38:10.0155 1344 CNG - ok
17:38:10.0197 1344 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:38:10.0198 1344 Compbatt - ok
17:38:10.0235 1344 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:38:10.0237 1344 CompositeBus - ok
17:38:10.0241 1344 COMSysApp - ok
17:38:10.0267 1344 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:38:10.0269 1344 crcdisk - ok
17:38:10.0311 1344 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:38:10.0315 1344 CryptSvc - ok
17:38:10.0933 1344 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:38:11.0005 1344 cvhsvc - ok
17:38:11.0173 1344 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:38:11.0200 1344 DcomLaunch - ok
17:38:11.0260 1344 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:38:11.0268 1344 defragsvc - ok
17:38:11.0483 1344 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:38:11.0486 1344 DfsC - ok
17:38:11.0531 1344 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:38:11.0538 1344 Dhcp - ok
17:38:11.0581 1344 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:38:11.0582 1344 discache - ok
17:38:11.0622 1344 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:38:11.0624 1344 Disk - ok
17:38:11.0696 1344 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:38:11.0705 1344 Dnscache - ok
17:38:11.0763 1344 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:38:11.0770 1344 dot3svc - ok
17:38:11.0812 1344 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:38:11.0817 1344 DPS - ok
17:38:11.0845 1344 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:38:11.0847 1344 drmkaud - ok
17:38:12.0125 1344 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:38:12.0137 1344 DXGKrnl - ok
17:38:12.0440 1344 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:38:12.0448 1344 EapHost - ok
17:38:13.0655 1344 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:38:13.0750 1344 ebdrv - ok
17:38:15.0701 1344 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:38:15.0705 1344 EFS - ok
17:38:16.0325 1344 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:38:16.0349 1344 ehRecvr - ok
17:38:16.0810 1344 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:38:16.0820 1344 ehSched - ok
17:38:16.0976 1344 ElRawDisk (4778eeecb75c6fb419745beed3530b9d) C:\Windows\system32\drivers\rsdrvx64.sys
17:38:16.0977 1344 ElRawDisk - ok
17:38:18.0670 1344 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:38:18.0700 1344 elxstor - ok
17:38:18.0738 1344 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:38:18.0739 1344 ErrDev - ok
17:38:18.0878 1344 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:38:18.0925 1344 EventSystem - ok
17:38:19.0583 1344 EvtEng (3777aec8cb30251e43bf0a2b4fec07d5) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:38:19.0652 1344 EvtEng - ok
17:38:21.0213 1344 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:38:21.0225 1344 exfat - ok
17:38:21.0253 1344 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:38:21.0258 1344 fastfat - ok
17:38:21.0330 1344 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:38:21.0343 1344 Fax - ok
17:38:21.0398 1344 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:38:21.0400 1344 fdc - ok
17:38:21.0428 1344 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:38:21.0431 1344 fdPHost - ok
17:38:21.0452 1344 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:38:21.0455 1344 FDResPub - ok
17:38:21.0470 1344 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:38:21.0472 1344 FileInfo - ok
17:38:21.0496 1344 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:38:21.0497 1344 Filetrace - ok
17:38:21.0525 1344 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:38:21.0527 1344 flpydisk - ok
17:38:21.0575 1344 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:38:21.0580 1344 FltMgr - ok
17:38:23.0580 1344 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:38:23.0608 1344 FontCache - ok
17:38:23.0686 1344 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:38:23.0688 1344 FontCache3.0.0.0 - ok
17:38:24.0104 1344 FreeAgentGoNext Service (9513b437b7adb1e6065b7f0d83d11ecf) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
17:38:24.0107 1344 FreeAgentGoNext Service - ok
17:38:24.0665 1344 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:38:24.0668 1344 FsDepends - ok
17:38:24.0698 1344 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:38:24.0699 1344 Fs_Rec - ok
17:38:25.0459 1344 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:38:25.0483 1344 fvevol - ok
17:38:25.0524 1344 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:38:25.0526 1344 gagp30kx - ok
17:38:25.0559 1344 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:38:25.0560 1344 GEARAspiWDM - ok
17:38:26.0603 1344 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:38:26.0632 1344 gpsvc - ok
17:38:27.0218 1344 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:38:27.0228 1344 gupdate - ok
17:38:27.0236 1344 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:38:27.0239 1344 gupdatem - ok
17:38:27.0433 1344 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:38:27.0441 1344 hcw85cir - ok
17:38:27.0493 1344 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:38:27.0507 1344 HdAudAddService - ok
17:38:27.0535 1344 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:38:27.0537 1344 HDAudBus - ok
17:38:27.0575 1344 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
17:38:27.0576 1344 HECIx64 - ok
17:38:27.0608 1344 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:38:27.0610 1344 HidBatt - ok
17:38:27.0659 1344 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:38:27.0662 1344 HidBth - ok
17:38:27.0676 1344 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:38:27.0679 1344 HidIr - ok
17:38:27.0809 1344 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
17:38:27.0817 1344 hidserv - ok
17:38:27.0846 1344 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
17:38:27.0848 1344 HidUsb - ok
17:38:27.0880 1344 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:38:27.0885 1344 hkmsvc - ok
17:38:27.0958 1344 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:38:27.0966 1344 HomeGroupListener - ok
17:38:28.0240 1344 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:38:28.0262 1344 HomeGroupProvider - ok
17:38:28.0298 1344 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:38:28.0301 1344 HpSAMD - ok
17:38:28.0452 1344 HTCAND64 (363571bc0c79e394e69300d1f2e3ddae) C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:38:28.0453 1344 HTCAND64 - ok
17:38:29.0438 1344 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:38:29.0480 1344 HTTP - ok
17:38:29.0513 1344 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:38:29.0514 1344 hwpolicy - ok
17:38:29.0568 1344 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:38:29.0571 1344 i8042prt - ok
17:38:29.0660 1344 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
17:38:29.0667 1344 iaStor - ok
17:38:29.0860 1344 IAStorDataMgrSvc (cc800d2d9fd467542bac7c186c4774ad) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:38:29.0861 1344 IAStorDataMgrSvc - ok
17:38:30.0031 1344 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:38:30.0086 1344 iaStorV - ok
17:38:31.0645 1344 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:38:31.0687 1344 idsvc - ok
17:38:33.0602 1344 igfx (2835c0808ba40fa8bc141e6015eb2414) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:38:33.0738 1344 igfx - ok
17:38:34.0022 1344 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:38:34.0038 1344 iirsp - ok
17:38:34.0137 1344 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:38:34.0161 1344 IKEEXT - ok
17:38:34.0430 1344 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
17:38:34.0477 1344 Impcd - ok
17:38:36.0540 1344 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
17:38:36.0560 1344 IntcAzAudAddService - ok
17:38:37.0198 1344 IntcDAud (d248aae81c156c0d47a77cd61bc24cd4) C:\Windows\system32\DRIVERS\IntcDAud.sys
17:38:37.0201 1344 IntcDAud - ok
17:38:37.0263 1344 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:38:37.0264 1344 intelide - ok
17:38:37.0328 1344 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:38:37.0330 1344 intelppm - ok
17:38:37.0379 1344 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:38:37.0384 1344 IPBusEnum - ok
17:38:37.0424 1344 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:38:37.0426 1344 IpFilterDriver - ok
17:38:37.0556 1344 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:38:37.0570 1344 iphlpsvc - ok
17:38:37.0623 1344 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:38:37.0626 1344 IPMIDRV - ok
17:38:37.0701 1344 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:38:37.0704 1344 IPNAT - ok
17:38:39.0159 1344 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
17:38:39.0204 1344 iPod Service - ok
17:38:39.0249 1344 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:38:39.0251 1344 IRENUM - ok
17:38:39.0283 1344 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:38:39.0298 1344 isapnp - ok
17:38:39.0346 1344 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:38:39.0351 1344 iScsiPrt - ok
17:38:39.0409 1344 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys
17:38:39.0412 1344 ivusb - ok
17:38:39.0444 1344 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:38:39.0445 1344 kbdclass - ok
17:38:39.0478 1344 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:38:39.0480 1344 kbdhid - ok
17:38:39.0513 1344 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:38:39.0516 1344 KeyIso - ok
17:38:39.0553 1344 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:38:39.0555 1344 KSecDD - ok
17:38:39.0988 1344 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:38:40.0000 1344 KSecPkg - ok
17:38:40.0038 1344 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:38:40.0040 1344 ksthunk - ok
17:38:40.0110 1344 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:38:40.0122 1344 KtmRm - ok
17:38:40.0198 1344 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
17:38:40.0209 1344 LanmanServer - ok
17:38:40.0247 1344 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:38:40.0254 1344 LanmanWorkstation - ok
17:38:40.0279 1344 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:38:40.0293 1344 lltdio - ok
17:38:40.0339 1344 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:38:40.0346 1344 lltdsvc - ok
17:38:40.0365 1344 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:38:40.0368 1344 lmhosts - ok
17:38:40.0570 1344 LMS (5460828f8951d310b42b442877603b8d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:38:40.0575 1344 LMS - ok
17:38:40.0619 1344 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:38:40.0622 1344 LSI_FC - ok
17:38:40.0658 1344 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:38:40.0661 1344 LSI_SAS - ok
17:38:40.0686 1344 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:38:40.0689 1344 LSI_SAS2 - ok
17:38:40.0726 1344 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:38:40.0740 1344 LSI_SCSI - ok
17:38:40.0781 1344 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:38:40.0783 1344 luafv - ok
17:38:40.0828 1344 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:38:40.0832 1344 Mcx2Svc - ok
17:38:40.0870 1344 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:38:40.0872 1344 megasas - ok
17:38:40.0955 1344 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:38:40.0978 1344 MegaSR - ok
17:38:41.0277 1344 Microsoft SharePoint Workspace Audit Service - ok
17:38:41.0464 1344 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:38:41.0473 1344 MMCSS - ok
17:38:41.0514 1344 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:38:41.0516 1344 Modem - ok
17:38:41.0538 1344 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:38:41.0539 1344 monitor - ok
17:38:41.0585 1344 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:38:41.0587 1344 mouclass - ok
17:38:41.0627 1344 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
17:38:41.0629 1344 mouhid - ok
17:38:41.0847 1344 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:38:41.0849 1344 mountmgr - ok
17:38:41.0906 1344 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:38:41.0909 1344 MozillaMaintenance - ok
17:38:41.0954 1344 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:38:41.0958 1344 mpio - ok
17:38:41.0987 1344 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:38:41.0990 1344 mpsdrv - ok
17:38:42.0045 1344 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:38:42.0059 1344 MRxDAV - ok
17:38:42.0135 1344 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:38:42.0140 1344 mrxsmb - ok
17:38:42.0245 1344 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:38:42.0259 1344 mrxsmb10 - ok
17:38:42.0310 1344 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:38:42.0313 1344 mrxsmb20 - ok
17:38:42.0353 1344 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:38:42.0355 1344 msahci - ok
17:38:42.0390 1344 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:38:42.0393 1344 msdsm - ok
17:38:42.0971 1344 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:38:42.0998 1344 MSDTC - ok
17:38:43.0058 1344 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:38:43.0059 1344 Msfs - ok
17:38:43.0076 1344 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:38:43.0078 1344 mshidkmdf - ok
17:38:43.0134 1344 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:38:43.0135 1344 msisadrv - ok
17:38:43.0542 1344 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:38:43.0548 1344 MSiSCSI - ok
17:38:43.0557 1344 msiserver - ok
17:38:43.0666 1344 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:38:43.0683 1344 MSKSSRV - ok
17:38:43.0706 1344 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:38:43.0708 1344 MSPCLOCK - ok
17:38:43.0715 1344 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:38:43.0717 1344 MSPQM - ok
17:38:44.0041 1344 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:38:44.0050 1344 MsRPC - ok
17:38:44.0090 1344 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:38:44.0091 1344 mssmbios - ok
17:38:44.0133 1344 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:38:44.0135 1344 MSTEE - ok
17:38:44.0163 1344 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:38:44.0165 1344 MTConfig - ok
17:38:44.0186 1344 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:38:44.0187 1344 Mup - ok
17:38:44.0844 1344 MyWiFiDHCPDNS (e8c8673e9a11b2c9dcaa7f954681de79) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:38:44.0872 1344 MyWiFiDHCPDNS - ok
17:38:44.0937 1344 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:38:44.0949 1344 napagent - ok
17:38:44.0999 1344 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:38:45.0005 1344 NativeWifiP - ok
17:38:45.0103 1344 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:38:45.0122 1344 NDIS - ok
17:38:45.0163 1344 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:38:45.0165 1344 NdisCap - ok
17:38:45.0190 1344 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:38:45.0191 1344 NdisTapi - ok
17:38:45.0231 1344 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:38:45.0234 1344 Ndisuio - ok
17:38:45.0263 1344 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:38:45.0266 1344 NdisWan - ok
17:38:45.0308 1344 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:38:45.0310 1344 NDProxy - ok
17:38:45.0318 1344 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:38:45.0320 1344 NetBIOS - ok
17:38:45.0364 1344 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:38:45.0368 1344 NetBT - ok
17:38:45.0420 1344 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:38:45.0426 1344 Netlogon - ok
17:38:45.0574 1344 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:38:45.0586 1344 Netman - ok
17:38:46.0247 1344 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:38:46.0280 1344 netprofm - ok
17:38:46.0793 1344 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:38:46.0802 1344 NetTcpPortSharing - ok
17:38:50.0590 1344 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
17:38:50.0747 1344 NETw5s64 - ok
17:38:58.0627 1344 NETwNs64 (9ec1edebba8cf6a30899ee38ab1352cc) C:\Windows\system32\DRIVERS\NETwNs64.sys
17:38:58.0798 1344 NETwNs64 - ok
17:38:59.0773 1344 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:38:59.0783 1344 nfrd960 - ok
17:39:00.0005 1344 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:39:00.0022 1344 NlaSvc - ok
17:39:00.0056 1344 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:39:00.0058 1344 Npfs - ok
17:39:00.0112 1344 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:39:00.0116 1344 nsi - ok
17:39:00.0131 1344 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:39:00.0133 1344 nsiproxy - ok
17:39:01.0190 1344 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:39:01.0267 1344 Ntfs - ok
17:39:01.0610 1344 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:39:01.0631 1344 Null - ok
17:39:01.0677 1344 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:39:01.0681 1344 nvraid - ok
17:39:01.0725 1344 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:39:01.0728 1344 nvstor - ok
17:39:01.0772 1344 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:39:01.0775 1344 nv_agp - ok
17:39:01.0822 1344 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:39:01.0840 1344 ohci1394 - ok
17:39:01.0931 1344 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:39:01.0935 1344 ose - ok
17:39:03.0076 1344 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:39:03.0197 1344 osppsvc - ok
17:39:03.0575 1344 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:39:03.0584 1344 p2pimsvc - ok
17:39:03.0675 1344 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:39:03.0690 1344 p2psvc - ok
17:39:03.0795 1344 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:39:03.0799 1344 Parport - ok
17:39:03.0830 1344 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:39:03.0832 1344 partmgr - ok
17:39:03.0938 1344 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:39:03.0945 1344 PcaSvc - ok
17:39:03.0988 1344 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:39:03.0992 1344 pci - ok
17:39:04.0021 1344 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:39:04.0023 1344 pciide - ok
17:39:04.0068 1344 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:39:04.0073 1344 pcmcia - ok
17:39:04.0112 1344 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:39:04.0113 1344 pcw - ok
17:39:05.0585 1344 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:39:05.0601 1344 PEAUTH - ok
17:39:06.0580 1344 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:39:06.0594 1344 PerfHost - ok
17:39:08.0232 1344 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:39:08.0317 1344 pla - ok
17:39:08.0391 1344 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:39:08.0405 1344 PlugPlay - ok
17:39:09.0190 1344 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
17:39:09.0242 1344 PMBDeviceInfoProvider - ok
17:39:09.0367 1344 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:39:09.0374 1344 PNRPAutoReg - ok
17:39:09.0407 1344 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:39:09.0415 1344 PNRPsvc - ok
17:39:09.0589 1344 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:39:09.0601 1344 PolicyAgent - ok
17:39:09.0666 1344 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:39:09.0671 1344 Power - ok
17:39:09.0842 1344 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:39:09.0845 1344 PptpMiniport - ok
17:39:09.0888 1344 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:39:09.0891 1344 Processor - ok
17:39:10.0366 1344 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:39:10.0397 1344 ProfSvc - ok
17:39:10.0475 1344 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:39:10.0479 1344 ProtectedStorage - ok
17:39:10.0671 1344 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:39:10.0701 1344 Psched - ok
17:39:10.0738 1344 PxHlpa64 (bc08f7f3c53cbee68670ed1314e290fd) C:\Windows\system32\Drivers\PxHlpa64.sys
17:39:10.0740 1344 PxHlpa64 - ok
17:39:12.0076 1344 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:39:12.0157 1344 ql2300 - ok
17:39:13.0124 1344 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:39:13.0136 1344 ql40xx - ok
17:39:13.0197 1344 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:39:13.0209 1344 QWAVE - ok
17:39:13.0249 1344 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:39:13.0251 1344 QWAVEdrv - ok
17:39:13.0277 1344 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:39:13.0278 1344 RasAcd - ok
17:39:13.0318 1344 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:39:13.0320 1344 RasAgileVpn - ok
17:39:13.0360 1344 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:39:13.0366 1344 RasAuto - ok
17:39:13.0418 1344 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:39:13.0420 1344 Rasl2tp - ok
17:39:13.0562 1344 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:39:13.0575 1344 RasMan - ok
17:39:14.0306 1344 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:39:14.0320 1344 RasPppoe - ok
17:39:14.0382 1344 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:39:14.0385 1344 RasSstp - ok
17:39:15.0479 1344 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:39:15.0490 1344 rdbss - ok
17:39:15.0529 1344 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:39:15.0531 1344 rdpbus - ok
17:39:15.0563 1344 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:39:15.0565 1344 RDPCDD - ok
17:39:15.0599 1344 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:39:15.0600 1344 RDPENCDD - ok
17:39:15.0620 1344 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:39:15.0621 1344 RDPREFMP - ok
17:39:15.0664 1344 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:39:15.0668 1344 RDPWD - ok
17:39:15.0743 1344 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:39:15.0763 1344 rdyboost - ok
17:39:16.0426 1344 RegSrvc (a60a9f1720f5da1431a3dec14d8833f4) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:39:16.0454 1344 RegSrvc - ok
17:39:16.0498 1344 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:39:16.0503 1344 RemoteAccess - ok
17:39:16.0567 1344 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:39:16.0574 1344 RemoteRegistry - ok
17:39:16.0934 1344 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:39:16.0940 1344 RFCOMM - ok
17:39:16.0965 1344 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
17:39:16.0968 1344 rimspci - ok
17:39:17.0009 1344 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
17:39:17.0011 1344 risdsnpe - ok
17:39:17.0051 1344 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:39:17.0057 1344 RpcEptMapper - ok
17:39:17.0091 1344 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:39:17.0095 1344 RpcLocator - ok
17:39:17.0174 1344 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:39:17.0186 1344 RpcSs - ok
17:39:17.0466 1344 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:39:17.0480 1344 rspndr - ok
17:39:17.0525 1344 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:39:17.0530 1344 SamSs - ok
17:39:17.0574 1344 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:39:17.0577 1344 sbp2port - ok
17:39:17.0616 1344 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:39:17.0630 1344 SCardSvr - ok
17:39:17.0800 1344 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:39:17.0802 1344 scfilter - ok
17:39:18.0125 1344 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:39:18.0204 1344 Schedule - ok
17:39:18.0513 1344 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:39:18.0515 1344 SCPolicySvc - ok
17:39:18.0768 1344 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
17:39:18.0779 1344 sdbus - ok
17:39:18.0823 1344 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:39:18.0839 1344 SDRSVC - ok
17:39:18.0878 1344 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:39:18.0880 1344 secdrv - ok
17:39:18.0917 1344 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:39:18.0922 1344 seclogon - ok
17:39:18.0959 1344 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
17:39:18.0972 1344 SENS - ok
17:39:18.0989 1344 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:39:18.0994 1344 SensrSvc - ok
17:39:19.0051 1344 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:39:19.0053 1344 Serenum - ok
17:39:19.0076 1344 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:39:19.0079 1344 Serial - ok
17:39:19.0134 1344 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:39:19.0136 1344 sermouse - ok
17:39:19.0206 1344 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:39:19.0211 1344 SessionEnv - ok
17:39:19.0233 1344 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
17:39:19.0235 1344 SFEP - ok
17:39:19.0260 1344 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:39:19.0262 1344 sffdisk - ok
17:39:19.0279 1344 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:39:19.0281 1344 sffp_mmc - ok
17:39:19.0304 1344 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:39:19.0305 1344 sffp_sd - ok
17:39:19.0334 1344 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:39:19.0344 1344 sfloppy - ok
17:39:19.0578 1344 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:39:19.0587 1344 Sftfs - ok
17:39:20.0456 1344 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:39:20.0491 1344 sftlist - ok
17:39:21.0369 1344 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:39:21.0372 1344 Sftplay - ok
17:39:21.0394 1344 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:39:21.0396 1344 Sftredir - ok
17:39:21.0430 1344 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:39:21.0431 1344 Sftvol - ok
17:39:21.0459 1344 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:39:21.0464 1344 sftvsa - ok
17:39:21.0546 1344 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:39:21.0555 1344 SharedAccess - ok
17:39:21.0660 1344 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:39:21.0670 1344 ShellHWDetection - ok
17:39:21.0712 1344 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:39:21.0714 1344 SiSRaid2 - ok
17:39:21.0744 1344 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:39:21.0747 1344 SiSRaid4 - ok
17:39:21.0781 1344 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:39:21.0784 1344 Smb - ok
17:39:21.0839 1344 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:39:21.0843 1344 SNMPTRAP - ok
17:39:21.0935 1344 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
17:39:21.0939 1344 SOHCImp - ok
17:39:21.0987 1344 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
17:39:21.0995 1344 SOHDms - ok
17:39:22.0023 1344 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
17:39:22.0026 1344 SOHDs - ok
17:39:22.0142 1344 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
17:39:22.0146 1344 SpfService - ok
17:39:22.0199 1344 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:39:22.0200 1344 spldr - ok
17:39:22.0269 1344 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:39:22.0284 1344 Spooler - ok
17:39:22.0478 1344 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:39:22.0596 1344 sppsvc - ok
17:39:22.0927 1344 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:39:22.0936 1344 sppuinotify - ok
17:39:23.0611 1344 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:39:23.0635 1344 srv - ok
17:39:24.0400 1344 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:39:24.0486 1344 srv2 - ok
17:39:24.0701 1344 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:39:24.0711 1344 srvnet - ok
17:39:24.0789 1344 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:39:24.0799 1344 SSDPSRV - ok
17:39:24.0827 1344 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:39:24.0843 1344 SstpSvc - ok
17:39:24.0964 1344 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:39:25.0013 1344 stexstor - ok
17:39:26.0294 1344 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:39:26.0336 1344 stisvc - ok
17:39:26.0373 1344 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:39:26.0375 1344 swenum - ok
17:39:27.0602 1344 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:39:27.0631 1344 SwitchBoard - ok
17:39:28.0059 1344 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:39:28.0078 1344 swprv - ok
17:39:30.0045 1344 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:39:30.0108 1344 SysMain - ok
17:39:32.0017 1344 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:39:32.0049 1344 TabletInputService - ok
17:39:33.0171 1344 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:39:33.0184 1344 TapiSrv - ok
17:39:33.0235 1344 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:39:33.0240 1344 TBS - ok
17:39:35.0644 1344 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:39:35.0705 1344 Tcpip - ok
17:39:38.0346 1344 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:39:38.0361 1344 TCPIP6 - ok
17:39:39.0669 1344 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:39:39.0672 1344 tcpipreg - ok
17:39:39.0725 1344 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:39:39.0726 1344 TDPIPE - ok
17:39:39.0786 1344 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:39:39.0788 1344 TDTCP - ok
17:39:39.0829 1344 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:39:39.0832 1344 tdx - ok
17:39:39.0869 1344 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:39:39.0870 1344 TermDD - ok
17:39:41.0182 1344 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:39:41.0210 1344 TermService - ok
17:39:41.0263 1344 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:39:41.0271 1344 Themes - ok
17:39:41.0554 1344 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:39:41.0560 1344 THREADORDER - ok
17:39:42.0635 1344 TIEHDUSB (199c2e87d9a5ec58d0bcd94e893bf629) C:\Windows\system32\DRIVERS\tiehdusb.sys
17:39:42.0680 1344 TIEHDUSB - ok
17:39:42.0798 1344 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:39:42.0808 1344 TrkWks - ok
17:39:43.0356 1344 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:39:43.0359 1344 TrustedInstaller - ok
17:39:43.0575 1344 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:39:43.0577 1344 tssecsrv - ok
17:39:43.0635 1344 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:39:43.0637 1344 TsUsbFlt - ok
17:39:43.0677 1344 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:39:43.0681 1344 tunnel - ok
17:39:43.0819 1344 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS
17:39:43.0845 1344 TVICHW64 - ok
17:39:43.0915 1344 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:39:43.0918 1344 uagp35 - ok
17:39:44.0551 1344 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
17:39:44.0553 1344 uCamMonitor - ok
17:39:45.0523 1344 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:39:45.0552 1344 udfs - ok
17:39:45.0729 1344 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:39:45.0757 1344 UI0Detect - ok
17:39:45.0804 1344 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:39:45.0807 1344 uliagpkx - ok
17:39:45.0839 1344 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:39:45.0841 1344 umbus - ok
17:39:45.0871 1344 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:39:45.0872 1344 UmPass - ok
17:39:48.0625 1344 UNS (9e89c2d6945389270de067ce51ff7425) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:39:48.0689 1344 UNS - ok
17:39:50.0809 1344 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:39:50.0844 1344 upnphost - ok
17:39:51.0188 1344 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
17:39:51.0201 1344 USBAAPL64 - ok
17:39:51.0367 1344 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:39:51.0388 1344 usbccgp - ok
17:39:51.0455 1344 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:39:51.0459 1344 usbcir - ok
17:39:51.0498 1344 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:39:51.0501 1344 usbehci - ok
17:39:51.0565 1344 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:39:51.0571 1344 usbhub - ok
17:39:51.0649 1344 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:39:51.0651 1344 usbohci - ok
17:39:51.0718 1344 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:39:51.0720 1344 usbprint - ok
17:39:51.0795 1344 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:39:51.0798 1344 usbscan - ok
17:39:52.0315 1344 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:39:52.0368 1344 USBSTOR - ok
17:39:52.0575 1344 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:39:52.0585 1344 usbuhci - ok
17:39:53.0553 1344 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
17:39:53.0561 1344 usbvideo - ok
17:39:53.0594 1344 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
17:39:53.0596 1344 usb_rndisx - ok
17:39:53.0676 1344 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:39:53.0684 1344 UxSms - ok
17:39:54.0117 1344 VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
17:39:54.0132 1344 VAIO Entertainment TV Device Arbitration Service - ok
17:39:54.0983 1344 VAIO Event Service (6b31c9cb94927dbeeb62e15275f4cc54) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
17:39:54.0986 1344 VAIO Event Service - ok
17:39:55.0593 1344 VAIO Power Management (b8c9a7010afd5cbbe194cb9ef7c4fd14) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
17:39:55.0600 1344 VAIO Power Management - ok
17:39:55.0757 1344 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:39:55.0761 1344 VaultSvc - ok
17:39:59.0624 1344 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
17:39:59.0632 1344 VCFw - ok
17:40:00.0098 1344 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
17:40:00.0104 1344 VcmIAlzMgr - ok
17:40:01.0528 1344 VcmINSMgr (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
17:40:01.0543 1344 VcmINSMgr - ok
17:40:02.0135 1344 VcmXmlIfHelper (c8e3ba694cc5eacec4c01660ace40d56) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
17:40:02.0145 1344 VcmXmlIfHelper - ok
17:40:02.0231 1344 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
17:40:02.0232 1344 VCService - ok
17:40:03.0578 1344 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:40:03.0580 1344 vdrvroot - ok
17:40:04.0082 1344 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:40:04.0109 1344 vds - ok
17:40:04.0284 1344 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:40:04.0308 1344 vga - ok
17:40:04.0339 1344 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:40:04.0342 1344 VgaSave - ok
17:40:04.0422 1344 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:40:04.0426 1344 vhdmp - ok
17:40:04.0459 1344 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:40:04.0471 1344 viaide - ok
17:40:04.0509 1344 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:40:04.0515 1344 volmgr - ok
17:40:04.0850 1344 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:40:04.0863 1344 volmgrx - ok
17:40:05.0062 1344 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:40:05.0084 1344 volsnap - ok
17:40:05.0569 1344 vpnagent (3730b7b03e2fd363d63e9327e0e1ebea) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
17:40:05.0576 1344 vpnagent - ok
17:40:05.0782 1344 vpnva (e526a69d932538ae8bc96b3f4a5a90b1) C:\Windows\system32\DRIVERS\vpnva64.sys
17:40:05.0807 1344 vpnva - ok
17:40:06.0573 1344 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:40:06.0602 1344 vsmraid - ok
17:40:07.0613 1344 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:40:07.0663 1344 VSS - ok
17:40:09.0601 1344 VUAgent (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
17:40:09.0615 1344 VUAgent - ok
17:40:11.0630 1344 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:40:11.0632 1344 vwifibus - ok
17:40:11.0667 1344 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:40:11.0669 1344 vwififlt - ok
17:40:11.0700 1344 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:40:11.0701 1344 vwifimp - ok
17:40:12.0404 1344 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:40:12.0429 1344 W32Time - ok
17:40:12.0600 1344 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:40:12.0623 1344 WacomPen - ok
17:40:13.0191 1344 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:40:13.0208 1344 WANARP - ok
17:40:13.0217 1344 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:40:13.0219 1344 Wanarpv6 - ok
17:40:13.0966 1344 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:40:14.0000 1344 WatAdminSvc - ok
17:40:15.0613 1344 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:40:15.0654 1344 wbengine - ok
17:40:16.0905 1344 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:40:16.0944 1344 WbioSrvc - ok
17:40:17.0195 1344 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:40:17.0219 1344 wcncsvc - ok
17:40:17.0265 1344 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:40:17.0279 1344 WcsPlugInService - ok
17:40:17.0365 1344 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:40:17.0367 1344 Wd - ok
17:40:17.0569 1344 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:40:17.0581 1344 Wdf01000 - ok
17:40:17.0635 1344 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:40:17.0644 1344 WdiServiceHost - ok
17:40:17.0654 1344 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:40:17.0660 1344 WdiSystemHost - ok
17:40:17.0691 1344 wdkmd (7c2ef67b0a43c4deb7ef932ceda337d6) C:\Windows\system32\DRIVERS\WDKMD.sys
17:40:17.0693 1344 wdkmd - ok
17:40:18.0386 1344 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:40:18.0420 1344 WebClient - ok
17:40:18.0488 1344 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:40:18.0500 1344 Wecsvc - ok
17:40:18.0546 1344 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:40:18.0557 1344 wercplsupport - ok
17:40:18.0580 1344 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:40:18.0587 1344 WerSvc - ok
17:40:18.0608 1344 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:40:18.0609 1344 WfpLwf - ok
17:40:18.0633 1344 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:40:18.0635 1344 WIMMount - ok
17:40:18.0701 1344 WinDefend - ok
17:40:18.0724 1344 WinHttpAutoProxySvc - ok
17:40:19.0002 1344 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:40:19.0008 1344 Winmgmt - ok
17:40:19.0570 1344 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:40:19.0623 1344 WinRM - ok
17:40:19.0780 1344 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:40:19.0783 1344 WinUsb - ok
17:40:19.0877 1344 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:40:19.0897 1344 Wlansvc - ok
17:40:20.0576 1344 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:40:20.0630 1344 wlidsvc - ok
17:40:20.0968 1344 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:40:20.0970 1344 WmiAcpi - ok
17:40:21.0256 1344 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:40:21.0260 1344 wmiApSrv - ok
17:40:21.0395 1344 WMPNetworkSvc - ok
17:40:21.0477 1344 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:40:21.0486 1344 WPCSvc - ok
17:40:21.0525 1344 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:40:21.0530 1344 WPDBusEnum - ok
17:40:21.0537 1344 WPRO_40_1340 - ok
17:40:21.0574 1344 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:40:21.0576 1344 ws2ifsl - ok
17:40:21.0626 1344 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
17:40:21.0636 1344 wscsvc - ok
17:40:21.0649 1344 WSearch - ok
17:40:22.0439 1344 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:40:22.0602 1344 wuauserv - ok
17:40:22.0932 1344 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:40:22.0936 1344 WudfPf - ok
17:40:22.0973 1344 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:40:22.0978 1344 WUDFRd - ok
17:40:23.0056 1344 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:40:23.0073 1344 wudfsvc - ok
17:40:23.0275 1344 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:40:23.0294 1344 WwanSvc - ok
17:40:23.0516 1344 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
17:40:23.0524 1344 yukonw7 - ok
17:40:23.0601 1344 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:40:24.0523 1344 \Device\Harddisk0\DR0 - ok
17:40:24.0536 1344 Boot (0x1200) (ea1e2bd1c464a7ce2e05c4ea4d0be792) \Device\Harddisk0\DR0\Partition0
17:40:24.0537 1344 \Device\Harddisk0\DR0\Partition0 - ok
17:40:24.0548 1344 Boot (0x1200) (4bce8d27cc34c5ec76c0fa935f067203) \Device\Harddisk0\DR0\Partition1
17:40:24.0550 1344 \Device\Harddisk0\DR0\Partition1 - ok
17:40:24.0550 1344 ============================================================
17:40:24.0550 1344 Scan finished
17:40:24.0550 1344 ============================================================
17:40:24.0562 4484 Detected object count: 0
17:40:24.0562 4484 Actual detected object count: 0

#13 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:18 PM

Posted 09 July 2012 - 09:38 AM

The system had a "lot" of files in the temporary internet files area, and a number were tagged by DrWeb Cure-it.
You need to empty out temporary internet files on some regular basis, going forward.

The TDSSKILLER result is very good.

Temp file Cleaner
Download TFC by OldTimer and SAVE it to your desktop.
  • Double-click TFC.exe to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Online scan at Bitdefender
Close all open browsers at this point.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com

and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.

Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button

Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.

The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.

Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.

Re-enable your antivirus program.

Step 3
Make sure the system is in normal mode Windows 7.
Tell me if the rogue ransomware is gone !

Run a fresh (new) run of DDS & copy and paste the 2 logs.

Download Security Check by screen317 and save it to your Desktop: here or here
  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!
Posted Image If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.

and tell me, generally, How is the system now ?
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#14 widly05

widly05
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 10 July 2012 - 06:04 AM

In general, the computer seems completely fine. The computer runs well at startup, is NOT noticeably slower when browsing or performing any other type of action.

Results of screen317's Security Check version 0.99.42
Windows 7 Service Pack 1 x64
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Java™ 6 Update 29
Java version out of Date!
Adobe Reader X (10.1.3)
Mozilla Firefox 12.0 Firefox out of Date!
Google Chrome 19.0.1084.56
Google Chrome 20.0.1132.47
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````







.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Widly at 6:54:20 on 2012-07-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3758.2247 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\System32\vds.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://washingtonpost.com/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 192.1.1.16:80
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
Trusted Zone: cs50.net\courses
Trusted Zone: gq.com\www
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://core-vpn-1-gw.fas.harvard.edu/CACHE/stc/5/binaries/vpnweb.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{597649FD-27A4-4D35-AFDB-8328C72AAAD8} : DhcpNameServer = 140.247.233.163 140.247.233.194 128.103.1.7
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C} : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\071696E662349656 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\16474777966696 : DhcpNameServer = 192.168.5.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\24F43545F4E4 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\34F6C657D6269616345523 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\7516E61646F6F6F533167383 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7819E428-41CD-4B32-8090-1542E090823C}\F45767562747 : DhcpNameServer = 212.99.110.2 212.99.110.3
TCP: Interfaces\{9F9C137E-1868-405C-BB3A-C6108834CE8A} : DhcpNameServer = 192.168.100.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Widly\AppData\Roaming\Mozilla\Firefox\Profiles\u0bjl0uv.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B41e73a88-0f0e-4b5a-998e-a38c192d12fe%7D&mid=f4985ee5f72a47d08f96850b0fba2e0a-08566a9274eba5528e6248be135ae92e8985804f&ds=AVG&v=11.1.0.12&lang=en&pr=fr&d=2012-06-28%2007%3A52%3A00&sap=ku&q=
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\rsdrvx64.sys --> C:\Windows\system32\drivers\rsdrvx64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-5 44808]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-26 13336]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]
R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-1-12 259192]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-5-6 104960]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-4-26 2320920]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-8-16 592120]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-4-16 571248]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-1-12 44736]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-6 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-28 250056]
S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\androidusb.sys --> C:\Windows\system32\Drivers\androidusb.sys [?]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-6 135664]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-12 129976]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-12 340240]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-9-10 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-9-10 67952]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TVICHW64;TVICHW64;\??\C:\Windows\system32\DRIVERS\TVICHW64.SYS --> C:\Windows\system32\DRIVERS\TVICHW64.SYS [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-10 10:39:54 -------- d-----w- C:\Users\Widly\AppData\Roaming\QuickScan
2012-07-10 10:32:17 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB53AFA2-8549-400A-BCA0-6660FA0CD3E8}\mpengine.dll
2012-07-07 21:07:31 -------- d-----w- C:\Users\Widly\DoctorWeb
2012-07-06 01:36:45 -------- d-----w- C:\ProgramData\MFAData
2012-07-06 01:27:50 -------- d-----w- C:\Program Files (x86)\ESET
2012-07-05 23:43:10 -------- d-sh--w- C:\$RECYCLE.BIN
2012-07-05 22:57:44 -------- d-----w- C:\Users\Widly\AppData\Roaming\AVG2012
2012-07-02 00:14:42 -------- d-----w- C:\Program Files (x86)\Argente - Registry Cleaner
2012-07-02 00:06:15 -------- d-----w- C:\Users\Widly\AppData\Roaming\ParetoLogic
2012-07-02 00:06:15 -------- d-----w- C:\Users\Widly\AppData\Roaming\DriverCure
2012-07-01 12:24:24 -------- d-----w- C:\Program Files\CCleaner
2012-07-01 11:54:42 -------- d-----w- C:\rsleakDownload
2012-07-01 11:54:42 -------- d-----r- C:\RSABIN
2012-07-01 11:53:06 -------- d-----w- C:\Program Files (x86)\Rising
2012-07-01 11:52:54 -------- d-----w- C:\ProgramData\Rising
2012-06-29 03:23:35 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-06-29 03:23:35 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-06-29 03:23:35 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-06-29 03:23:00 41224 ----a-w- C:\Windows\avastSS.scr
2012-06-29 01:07:40 -------- d-----w- C:\ProgramData\blekko toolbars
2012-06-29 01:07:32 -------- d-----w- C:\Users\Widly\AppData\Local\blekkotb_031
2012-06-29 00:22:42 -------- d-----w- C:\sh4ldr
2012-06-29 00:22:42 -------- d-----w- C:\Program Files\Enigma Software Group
2012-06-28 23:23:56 -------- d-----w- C:\Users\Widly\AppData\Local\Threat Expert
2012-06-28 11:51:41 -------- d--h--w- C:\ProgramData\Common Files
2012-06-28 11:51:21 -------- d-----w- C:\$AVG
2012-06-28 11:51:11 -------- d-----w- C:\Program Files (x86)\AVG
2012-06-28 11:07:47 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2012-06-26 11:04:32 -------- d-----w- C:\Users\Widly\AppData\Local\Macromedia
2012-06-22 16:23:31 -------- d-sh--w- C:\Windows\System32\%APPDATA%
2012-06-21 04:59:14 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 04:58:47 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 04:58:28 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 04:58:28 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-12 23:49:26 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-12 23:49:26 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-12 23:49:26 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-12 23:49:24 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-12 23:49:22 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-12 23:49:22 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-12 23:49:19 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-06-12 23:49:08 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-12 23:48:56 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-12 23:48:56 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-12 23:48:56 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-12 23:48:56 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-12 23:48:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-12 23:48:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-12 23:48:13 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-06-12 23:48:12 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-06-12 23:48:10 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
.
==================== Find3M ====================
.
2012-06-23 21:39:58 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-23 21:39:58 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-11 15:14:26 251528 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-04-19 00:56:30 94208 ------w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56:30 69632 ------w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 6:55:14.56 ===============








QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Tue Jul 10 06:39:58 2012
Machine ID: 1E1009FA



No infection found.
-------------------



Processes
---------
avast! Antivirus 3892 C:\Program Files\AVAST Software\Avast\AvastUI.exe
DivX Update 2852 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
iTunes 2872 C:\Program Files (x86)\iTunes\iTunesHelper.exe
Windows® Internet Explorer 4168 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Windows® Internet Explorer 4264 C:\Program Files (x86)\Internet Explorer\iexplore.exe
Windows® Internet Explorer 5984 C:\Program Files (x86)\Internet Explorer\iexplore.exe


Network activity
----------------
Process iexplore.exe (4264) connected on port 443 (HTTP over SSL) --> 184.86.50.110
Process iexplore.exe (4264) connected on port 443 (HTTP over SSL) --> 69.63.190.74



Autoruns and critical files
---------------------------
Adobe CS6 Service Manager C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Apple Push C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastUI.exe
DivX Update C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Google Update C:\Users\Widly\AppData\Local\Google\Update\GoogleUpdate.exe
iTunes C:\Program Files (x86)\iTunes\iTunesHelper.exe
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
QuickTime C:\Program Files (x86)\QuickTime\QTTask.exe
SBSV 2010/02/19-11:02:07 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
VAIO Event Service C:\Windows\system32\VESWinlogon.dll
Windows® Internet Explorer c:\windows\syswow64\webcheck.dll


Browser plugins
---------------
AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
Adobe Acrobat C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
avast! WebRep c:\program files\avast software\avast\aswwebrepie.dll
Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Chrome IE Tab C:\Users\Widly\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.6.30.1_0\plugin\blackfishietab.dll
DivX Plus Web Player C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
DivX Plus Web Player HTML5 <video> c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll
DivX VOD Helper Plug-in C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
Google Update C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
Google Update C:\Users\Widly\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
Java Deployment Toolkit 6.0.290.11 C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
Java™ Platform SE 6 U29 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
Java™ Platform SE 6 U29 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
Microsoft Office 2010 c:\program files (x86)\microsoft office\office14\urlredir.dll
Microsoft® CoReXT c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
Microsoft® Windows® Operating System C:\Windows\system32\wshbth.dll
npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
npmathplugin.dll C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll
NPSWF32_11_3_300_262.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.2 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
RealJukebox NS Plugin C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
RealJukebox NS Plugin C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
RealNetworks™ Chrome Background Exte C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
RealPlayer Download and Record Plugin c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
RealPlayer Version Plugin C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
RealPlayer Version Plugin C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
RealPlayer™ G2 LiveConnect-Enabled P C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
RealPlayer™ G2 LiveConnect-Enabled P C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
RealPlayer™ HTML5VideoShim Plug-In ( C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
Shockwave for Director C:\Windows\system32\Adobe\Director\np32dsw.dll
Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
Unity Player C:\Users\Widly\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
Veetle Broadcaster Plugin C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
Veetle TV Core C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
Veetle TV Player C:\Program Files (x86)\Veetle\Player\npvlc.dll
Windows Live™ Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Windows® Internet Explorer c:\windows\syswow64\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


Missing files
-------------
File not found: c:\program files (x86)\avg\avg2012\avgdtiex.dll
--> HKLM\Software\Classes\CLSID\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\InprocServer32\"(default)"


Scan
----
MD5: 7ec56424e3e77ebf4bf5e0798175e4e5 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MD5: 3730b7b03e2fd363d63e9327e0e1ebea C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
MD5: 60e5af8b7b4140c711b050fae5a3ab70 c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: 62b7936f9036dd6ed36e6a7efa805dc0 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
MD5: c08823acb2994bacee9b01360e419487 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
MD5: f577910a133a592234ebaad3f3afa258 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MD5: 35ac4b63cbb9fb6b4472913e9948b517 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: 67b539d844f804ebac7a1e3828fde709 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: fd86c605fd7ad4a41c01ec7a4a1e1c5d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: a3609397ef273b03295dbb10274be12c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 18301b40411b2108076ab685b4e4b6dc C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MD5: df1c1cd0c7ee95cc00d71e9e415e7bcd C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: c28fd3b37b6f18751c99e6022a2a9782 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: a56ccbbfccedce2fd9c69fed24e035e3 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 7ef47644b74ebe721cc32211d3c35e76 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 09ead9cb2346b671f8f079d3472134d8 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: e9901a7e569c4156fda69f5c9356b8ed C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MD5: 72794d112cbaff3bc0c29bf7350d4741 C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
MD5: 6bf01e200063d7274f3af06d226671f5 c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
MD5: 9d4a1690af93f233e15380398bec7431 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: c3e69db0a4e59564230e053232f39ac7 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
MD5: 65cc4779a29c3e82b987bd4961790dff C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
MD5: f47d75cee1844eef4a9ea6ee768828fb C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
MD5: d00058c1fff3f3de990444a5734e9639 C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
MD5: 8e68e4aa2d7abbf7c9159d9d2a38ae0f C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
MD5: 4afd0d0662692490dba91d2e94299f47 C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll
MD5: b938c1ae3adce166190895685b0beb0d C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
MD5: bc8ab9aa21934b663a07f79f7efa0123 c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll
MD5: a66a630e101e7b5cf0946f34935660cc C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
MD5: 4eb0c6c3ef4d8885cf2b5d0062f31e44 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MD5: eb4cdf2eca64fbacafbad2b04b1b2862 C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
MD5: 5460828f8951d310b42b442877603b8d C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
MD5: 9e89c2d6945389270de067ce51ff7425 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
MD5: cc800d2d9fd467542bac7c186c4774ad C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
MD5: faf339801b90638d88dfdc6424c297e3 C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MD5: 15bd4e217555c6792218614310de14bb C:\Program Files (x86)\Internet Explorer\IEShims.dll
MD5: 0129bb16161c2fd9a6b19111ab047198 C:\Program Files (x86)\Internet Explorer\iexplore.exe
MD5: 7d894ed61ef0505277d8a476d7df43f1 C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll
MD5: 1c356f14566f113695a10e4f319db0ed C:\Program Files (x86)\Internet Explorer\sqmapi.dll
MD5: b64f80b64ee7de4fb68a0feda192ee52 C:\Program Files (x86)\iTunes\iTunesHelper.dll
MD5: d9d79f547ae2a70c650dfcfc27aec0f7 C:\Program Files (x86)\iTunes\iTunesHelper.exe
MD5: f047ac8029004b2fb94e2429f54617a9 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: a0f110ab73271da15e6bc314a8c1512a C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 8d43de6f1385057b8ad2857547b7b828 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
MD5: dc365b6e595683f67bc21a203432e336 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
MD5: 1e96525ae85d402f9f8047f8caef5f06 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 13693b6354dd6e72dc5131da7d764b90 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
MD5: c3cddd18f43d44ab713cf8c4916f7696 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
MD5: 676ccc08d9e9a3f4ca39cb04e97048df C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MD5: 26fef9aac9f9f265dee995547d84c055 C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
MD5: fb8c6a46eaf7585d2ca8583c4c9a8edf C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 c:\program files (x86)\microsoft office\office14\urlredir.dll
MD5: 9013599b12923a45c029c34e8d2211ac c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
MD5: 47aff25b68ce4885fec6cfdef8febb5c C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
MD5: 7d894ed61ef0505277d8a476d7df43f1 C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
MD5: a514c4518d25c9ecfd765d8912aa6b27 C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
MD5: 8eb61c97b476268228393bcc607fd39b C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
MD5: db97b6d30f8cfcbf00537ff7a74ae12d C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
MD5: 96aa8ba23142cc8e2b30f3cae0c80254 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
MD5: 916a2c4eb028604783fd5ea169236c1d C:\Program Files (x86)\QuickTime\QTTask.exe
MD5: a514c4518d25c9ecfd765d8912aa6b27 C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
MD5: 8eb61c97b476268228393bcc607fd39b C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
MD5: db97b6d30f8cfcbf00537ff7a74ae12d C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
MD5: 9513b437b7adb1e6065b7f0d83d11ecf C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
MD5: 627fa58adc043704f9d14ca44340956f C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
MD5: 6b31c9cb94927dbeeb62e15275f4cc54 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
MD5: 866b027053f3a40bc36126d265c78e96 C:\Program Files (x86)\Veetle\Player\npvlc.dll
MD5: dc45b20ec28d0b626da2f3df12d0fd78 C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
MD5: 30740221c0ae535da3fa7228c1c5a826 C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
MD5: ac421a44de902f2627f1e63793ed89cd C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
MD5: e7470049933725c2acf035dd3ebb3dc6 C:\Program Files\AVAST Software\Avast\1033\Base.dll
MD5: 48c63de81747bd7758df1af04e98de8f C:\Program Files\AVAST Software\Avast\1033\UILangRes.dll
MD5: c0727aa6b63c80149b79ea53099d0772 C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MD5: 01eb8125481c4fa2c400350534fea31f C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MD5: e8ffc14d8cf54a7d5a3e4c6ead38e963 C:\Program Files\AVAST Software\Avast\ashBase.dll
MD5: a955aad5babab27cae88cbec07401f51 C:\Program Files\AVAST Software\Avast\ashTask.dll
MD5: e293c073dfd8a224ed4c0eeecb282c42 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MD5: 7f90431c12b5edb881dbb1e081506694 C:\Program Files\AVAST Software\Avast\aswAra.dll
MD5: 93b2f0c0e82680202f9417962f04383a C:\Program Files\AVAST Software\Avast\aswAux.dll
MD5: 2a57197f60ca9e0a0d9dfe88d55626e0 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MD5: 622d0b2c57ebc93cf9bd027b1da22172 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MD5: abcd006dfcbc7cf6e0e72051aaffcab0 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MD5: ed5a7805411e8598805de5a064e17603 C:\Program Files\AVAST Software\Avast\aswData.dll
MD5: 63affe4c27760beafa966cb28beb0bd1 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MD5: b83428f862645941fec65937d2c16b70 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MD5: 09ff9b9f7316a21b6269fed8ccd51320 C:\Program Files\AVAST Software\Avast\aswLog.dll
MD5: 0f69dffc9975a322b3f681ec2ea86fef C:\Program Files\AVAST Software\Avast\aswProperty.dll
MD5: dc21576533e5ba5fb6d7b51ed88c93f9 C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MD5: 8d2981596016df4de87d0dbad0204ccb C:\Program Files\AVAST Software\Avast\aswUtil.dll
MD5: b0b75b3286eda8fb2e2e1062f0f3afb4 c:\program files\avast software\avast\aswwebrepie.dll
MD5: 2f7c0f3e39c45e0127fb78b2f18a41f3 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
MD5: 20c4535969f2006f6082cdf146cd95c4 C:\Program Files\AVAST Software\Avast\AvastUI.exe
MD5: 29896000cfa457ed8fa1e37238affb2c C:\Program Files\AVAST Software\Avast\CommonRes.dll
MD5: a76e3a92274718243819750651b11a24 C:\Program Files\AVAST Software\Avast\defs\12071000\uiExt.dll
MD5: c9f43235625c43c35bf560c5e671544d C:\Program Files\AVAST Software\Avast\snxhk.dll
MD5: f9d908de6b166dac9b89bf62fa291ce8 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: ebbcd5dfbb1de70e8f4af8fa59e401fd C:\Program Files\Bonjour\mDNSResponder.exe
MD5: a60a9f1720f5da1431a3dec14d8833f4 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
MD5: 28ad5e311996a34025cfb07e131058dd C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 7e47c328fc4768cb8beafbcfafa70362 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
MD5: 65e5659e9c2a0762d05657c0e22a7ca2 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
MD5: c8e3ba694cc5eacec4c01660ace40d56 C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
MD5: 3777aec8cb30251e43bf0a2b4fec07d5 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
MD5: e8c8673e9a11b2c9dcaa7f954681de79 C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
MD5: 50d6ccc6ff5561f9f56946b3e6164fb8 C:\Program Files\iPod\bin\iPodService.exe
MD5: 735099a055c50fe534d4781d67fd6b83 C:\Program Files\Sony\VAIO Care\VCPerfService.exe
MD5: d347d3abe070aa09c22fc37121555d52 C:\Program Files\Sony\VAIO Care\VCService.exe
MD5: b8c9a7010afd5cbbe194cb9ef7c4fd14 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
MD5: d62d16e057be87f5b84a54d1b83822c4 C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
MD5: f19275655b42086c884abcdae2c659ae C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
MD5: cbb9f0d1017e0bed4cb5bbc0ebf26dc1 C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
MD5: 31da517946ffe416442e864592548f8a C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: 9dba702a134869f39a6bfd5923db17bc c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
MD5: 8fbed84a67cd0d424428b32b17b6e5c9 C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
MD5: cc021b4bac2edc0789fe42d45b183959 C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
MD5: c79dbf2195bd352fccaa7bcaed2a0ac3 C:\Users\Widly\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.6.30.1_0\plugin\blackfishietab.dll
MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Users\Widly\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
MD5: 506708142bc63daba64f2d3ad1dcd5bf C:\Users\Widly\AppData\Local\Google\Update\GoogleUpdate.exe
MD5: 5efdce32d13d2c217bb9b1c0f8cbadb3 C:\Users\Widly\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
MD5: 56940b50ab0e5923822f47b0e4463885 C:\Windows\Downloaded Program Files\qsax.dll
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
MD5: 332feab1435662fc6c672e25beb37be3 C:\Windows\Explorer.exe
MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: b6a800d881a0176c544988870861e798 C:\Windows\system32\Adobe\Director\np32dsw.dll
MD5: 37ce7a79d901235504f9add99a7ac177 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: cb4863f2bd46aa02d954b86b56a149da C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 2cae4ed96aa903578452b85e5383940c C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: e96170a923a69711b4d08e885f05d889 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: a2385b02cb492131af6f79959a42a93f C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 88dc1714e38d4eb41a4378aab98e753b C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: b302a1630e5aea2d830b76bbcd761d72 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 22f767bb3b704f79363999bd4a49e68e C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 00b83152f99e846fefb139c574cd4a96 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 50035c36acee069d0c209288208626d9 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 12c34c7325b74e8347e8db75279a8f3f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 96324ed3218133a13fff82055afac733 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 573c70d7076f2f101752a727db7c2280 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 0cc90316b34118e3b8af760d92c262a4 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 6f399c3e562c4e69df96039743a7aa26 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: f3b94e04053c2483a6fecf953d6661d6 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: c6942a18444bfffc3cceca69a7e1879c C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: 7a6986dd659b96398a11af5173892715 C:\Windows\system32\Cabinet.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
MD5: 6316957bb3431dfb06bffa98c0f1926e C:\Windows\system32\cryptnet.dll
MD5: 06e771aa596b8761107ab57e99f128d7 C:\Windows\system32\cryptsvc.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\cscapi.dll
MD5: 35cede6439ff0d8903223a0817ffe46c C:\Windows\system32\d2d1.dll
MD5: 2de90400a63818fa38c4c5c9adb166bf C:\Windows\system32\d3d10_1.dll
MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\Windows\system32\d3d10_1core.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\system32\d3d9.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\dbghelp.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\dnsapi.DLL
MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\system32\dnssd.dll
MD5: a29d734f650f958424743be3baa052c8 C:\Windows\system32\DWrite.dll
MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\Windows\system32\dxgi.dll
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\explorerframe.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
MD5: ccb604ce25a818b700005f3a1ba8d2c7 C:\Windows\system32\ieframe.dll
MD5: 42b346e66092ae04b8c906723381bcde C:\Windows\system32\IEUI.dll
MD5: 8205c534422fe13f6c32051afd605f7d C:\Windows\system32\igd10umd32.dll
MD5: 17a364fdaf36d32be28d2b8d82605f26 C:\Windows\system32\igdumd32.dll
MD5: a71c83e4164795260a4a497576d34c99 C:\Windows\system32\igdumdx32.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\iphlpapi.DLL
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: 7940c04ce581288a3498d57ec4ee47d2 C:\Windows\system32\msfeeds.dll
MD5: 9fb58f71104107d44540af1195f7a14d C:\Windows\system32\MSHTML.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\mswsock.dll
MD5: 4205ca4cd43e725db9ff02b0a588a8c6 C:\Windows\System32\msxml3.dll
MD5: 269d867585cda04d3972a39f3694e7df C:\Windows\System32\msxml6.dll
MD5: 8b57a1ad493653bb57f281fe75dd175b C:\Windows\System32\NaturalLanguage6.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
MD5: 104a1070e90f1c530328e69b49718841 C:\Windows\system32\NLAapi.dll
MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\Windows\system32\ntshrui.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\system32\propsys.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\system32\samcli.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: 69678722290c78d5d7198c60b5a4e3e8 C:\Windows\system32\Secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: 6a1e8deb746912df47cf651e138401d7 C:\Windows\System32\StructuredQuery.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: 465dbf63a5049e4db4bc5c12ffe781cb C:\Windows\system32\tquery.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\system32\userinit.exe
MD5: 84b633c780df58fbf240f37ea776e9e7 C:\Windows\system32\VESWinlogon.dll
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\system32\webio.dll
MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\Windows\system32\WindowsCodecs.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\WINHTTP.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
MD5: ac122407b29378ff9646f03404ac7c54 C:\Windows\system32\wshbth.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\Wtsapi32.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\system32\xmllite.dll
MD5: d2958325c1ae1ae37a83334c6229e3bc C:\Windows\SysWOW64\actxprxy.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\syswow64\ADVAPI32.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\syswow64\CFGMGR32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\syswow64\COMDLG32.dll
MD5: 1295338cfe6f249823ef9bc8d4368a84 C:\Windows\syswow64\CRYPT32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\syswow64\DEVOBJ.dll
MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\SysWOW64\Dxtmsft.dll
MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\SysWOW64\Dxtrans.dll
MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\Windows\syswow64\GDI32.dll
MD5: ee9d715af1b928982f417238b9914484 C:\Windows\SysWOW64\ieapfltr.dll
MD5: ccb604ce25a818b700005f3a1ba8d2c7 c:\windows\syswow64\ieframe.dll
MD5: e0c68ce8a3c548b101abc01db3ddb7ca C:\Windows\syswow64\iertutil.dll
MD5: 7c0fb8b077ad00df1622a9618ad66a89 C:\Windows\SysWOW64\jscript9.dll
MD5: 99c3f8e9cc59d95666eb8d8a8b4c2beb C:\Windows\syswow64\kernel32.dll
MD5: 5c2d21c9b6b6175b89bc5d7e3cb979e1 C:\Windows\syswow64\KERNELBASE.dll
MD5: a76e052fbdd0d8c8b7f6750cb685a7fd C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_3_300_257.ocx
MD5: 990dc6edc9f933194d7cd4e65146bc94 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: 1e3aea3d55f6f310c3c9e3dccf2d2a02 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\syswow64\MSASN1.dll
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\syswow64\msvcrt.dll
MD5: e73b0f1819602cb6ef176fb78d76a47b C:\Windows\SysWOW64\ntdll.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\syswow64\ole32.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\syswow64\OLEAUT32.dll
MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\Windows\syswow64\RPCRT4.dll
MD5: 1affb765af1fdcc0c185c38e9ddddaee C:\Windows\SysWOW64\schannel.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\syswow64\SETUPAPI.dll
MD5: 358fc25391c6733eaf49db480afdfd8c C:\Windows\syswow64\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\syswow64\SHLWAPI.dll
MD5: 44b2693080979a0e05085b3faaa43a09 C:\Windows\syswow64\SspiCli.dll
MD5: caaf911d2e61ae5c1518f53bef54c698 C:\Windows\syswow64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\syswow64\USER32.dll
MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\Windows\syswow64\USP10.dll
MD5: 5193de33f3284c447e0d31dafbf92570 c:\windows\syswow64\webcheck.dll
MD5: 1c191a4f0960f21b5d58c8a65baf5427 C:\Windows\syswow64\WININET.dll
MD5: a7d79e9f660340ab20cd73f12910985f C:\Windows\syswow64\WINTRUST.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\syswow64\WLDAP32.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\syswow64\WS2_32.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 58a14c45a5cd2528f10a889e7b0c3fc2 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: ca6ade4f7761bb15b3325356dc3b82bb C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MD5: fbfca1a574d47ee575448b719cbbf2e4 C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll


No file uploaded.

Scan finished - communication took 2 sec
Total traffic - 0.01 MB sent, 1.00 KB recvd
Scanned 388 files and modules - 85 seconds

==============================================================================





.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/2/2010 2:48:09 PM
System Uptime: 7/10/2012 6:37:02 AM (0 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz | N/A | 2266/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 221.03 GiB free.
E: is Removable
F: is Removable
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
.
AC3Filter 1.62b
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe Premiere Pro CS6
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 3
avast! Free Antivirus
bl
Brother HL-2140
Cisco AnyConnect VPN Client
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup
ESET Online Scanner v3
Evernote
Google Calendar Sync
Google Chrome
Google Update Helper
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
Java Auto Updater
Java™ 6 Update 29
K-Lite Codec Pack 6.7.0 (Full)
Malwarebytes Anti-Malware version 1.61.0.1400
Media Gallery
Mercury
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
Mp3tag v2.49a
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Octoshape add-in for Adobe Flash Player
OOBE
ph
PMB
PMB VAIO Edition Guide
PMB VAIO Edition plug-in (Click to Disc)
PMB VAIO Edition plug-in (VAIO Image Optimizer)
PMB VAIO Edition plug-in (VAIO Movie Story)
PyMOL
QuickTime
Raptr
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Seagate Manager Installer
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Setting Utility Series
Skype™ 5.3
SmartWi Connection Utility
SOHLib Merge Module
Sony Home Network Library
System Requirements Lab for Intel
TI Connect 1.6
Tunatic
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VAIO Care
VAIO Care Update
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Monitoring Settings
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data
VAIO Entertainment Platform
VAIO Event Service
VAIO Hardware Diagnostics
VAIO Help and Support
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story Template Data
VAIO Original Function Settings
VAIO Power Management
VAIO Quick Web Access
VAIO Survey
VAIO Transfer Support
VAIO Update
VAIO Wallpaper Contents
VC80CRTRedist - 8.0.50727.6195
Veehd Plugin
Veetle TV 0.9.18
Visual Studio 2008 x64 Redistributables
vShare Plugin
Vuze
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Wolfram CDF Player (M-WIN-D 8.0.3 2427703)
.
==== Event Viewer Messages From Past Week ========
.
7/9/2012 6:38:03 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® PROSet/Wireless Event Log service to connect.
7/9/2012 6:38:03 AM, Error: Service Control Manager [7000] - The Intel® PROSet/Wireless Event Log service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/9/2012 10:10:43 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 258
7/8/2012 5:27:12 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
7/8/2012 1:53:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
7/5/2012 7:36:10 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2012 7:35:39 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
7/5/2012 7:35:00 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/5/2012 7:25:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
7/5/2012 7:23:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/5/2012 7:22:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/5/2012 7:22:48 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
7/5/2012 7:22:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/5/2012 7:22:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/5/2012 7:22:29 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi discache ElRawDisk spldr Wanarpv6
7/5/2012 7:22:29 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2012 7:22:28 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
7/5/2012 6:54:39 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
7/5/2012 6:54:39 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/5/2012 6:54:03 PM, Error: Service Control Manager [7003] - The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
7/4/2012 9:07:34 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/4/2012 9:07:34 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The pipe has been ended.
7/4/2012 9:07:34 PM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: A system shutdown is in progress.
7/4/2012 9:07:34 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.
7/4/2012 9:07:34 PM, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The pipe has been ended.
7/4/2012 9:07:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1115" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
7/4/2012 9:07:33 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error: A system shutdown is in progress.
7/4/2012 9:07:33 PM, Error: Service Control Manager [7001] - The Intel® PROSet/Wireless Event Log service depends on the Windows Management Instrumentation service which failed to start because of the following error: A system shutdown is in progress.
7/4/2012 9:07:33 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The pipe has been ended.
7/4/2012 9:07:32 PM, Error: Service Control Manager [7023] - The VAIO Content Folder Watcher service terminated with the following error: %%-2147467243
7/4/2012 9:07:32 PM, Error: Service Control Manager [7000] - The vToolbarUpdater11.2.0 service failed to start due to the following error: The pipe has been ended.
7/4/2012 9:07:32 PM, Error: Service Control Manager [7000] - The VAIO Content Metadata Intelligent Network Service Manager service failed to start due to the following error: The pipe has been ended.
7/4/2012 9:07:31 PM, Error: Service Control Manager [7000] - The VAIO Content Metadata Intelligent Analyzing Manager service failed to start due to the following error: The pipe has been ended.
7/4/2012 9:07:30 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
7/4/2012 5:15:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.
7/4/2012 5:14:41 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: The authentication service is unknown.
7/4/2012 5:14:28 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
7/4/2012 5:13:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
7/4/2012 5:13:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gpsvc service.
7/4/2012 5:12:02 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
7/4/2012 5:11:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management & Security Application User Notification Service service to connect.
7/4/2012 5:11:11 PM, Error: Service Control Manager [7000] - The Intel® Management & Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/4/2012 5:10:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
7/4/2012 5:10:17 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/4/2012 5:09:44 PM, Error: Service Control Manager [7022] - The VAIO Care Performance Service service hung on starting.
7/4/2012 5:07:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Rapid Storage Technology service to connect.
7/4/2012 5:07:23 PM, Error: Service Control Manager [7000] - The Intel® Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/3/2012 4:03:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VcmINSMgr service.
7/10/2012 6:42:46 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
7/10/2012 6:39:04 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
7/10/2012 6:39:04 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
7/10/2012 6:38:40 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
7/10/2012 6:38:09 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 87
7/10/2012 6:37:58 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Seagate Service service to connect.
7/10/2012 6:29:07 AM, Error: Service Control Manager [7031] - The Cisco AnyConnect VPN Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
.
==== End Of File ===========================

#15 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:18 PM

Posted 10 July 2012 - 12:22 PM

Hello widly05.

We are nearly done ( on later rounds we can do cleanups). But for now, some services need to have correct settings, and I need a new report.

Windows backup & restore service & other service
This will be a batch-fix .
  • Press the Windows-key on keyboard.
  • In the Posted Image box, type notepad and press Enter.
  • Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.
    @Echo on
    sc config winmgmt start= auto
    sc config sdrsvc start= manual
    sc config vss start= auto
    shutdown -r -t 1
    del %0
  • Select File -> Save AS.
  • Press the Desktop button on the left side of the save dialog.
  • In the Posted Image box, type in Fix.bat.
  • Press Posted Image.
  • Close Notepad.
  • Right click Fix.bat on your desktop, and choose Posted Image.
  • Press Yes if prompted by User Account Control.
This procedure will do its tasks and then it will Restart Windows 7.

NEXT:
Download >> Farbar's Service Scanner utility << and Save to your Desktop.
If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.
If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
Click on "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Copy & Paste contents of FSS.txt into your reply.

Note that Firefox needs updating to the latest version, and so does your Java runtime. So do not go away.

Make sure at this point that your AVAST! antivirus is back on & active.

Edited by Maurice Naggar, 10 July 2012 - 12:23 PM.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users