Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with the FBI MoneyPak Virus


  • This topic is locked This topic is locked
17 replies to this topic

#1 RealTalk

RealTalk

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 29 August 2012 - 11:51 PM

Hey Guys. You have been very helpful in the past, unfortunately I'm back with a new problem. Today my computer started acting strange, not long after it started crashing, followed by the infamous FBI has taken over your computer screen. Says I have to pay $200 because I downloaded copyrighted material. Googled it and found some ideas but couldnt get anything to work on my own. I'm not very computer savvy. I tried running a program called Emrisoft ( i believe that was the name - it was suggested on this website as the fix) and it would make it to about 70% and then my computer would go black, i had to do a hard reboot each time just to get it on again. I tried running it at least 3-4 times and got the same result each time.

Heres my logs. I can sign in to safe mode without any trouble, but normal mode loads and then immediately goes to a white screen, if i let thewhite screen up long enough, it becomes that fbi screen.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 MINIMAL
Internet Explorer: 9.0.8112.16421
Run by Brian at 0:30:20 on 2012-08-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12193.11298 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig
mStart Page = hxxp://asus.msn.com
uURLSearchHooks: vshare.tv Bar Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsha.dll
mURLSearchHooks: vshare.tv Bar Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsha.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: vshare.tv Bar Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsha.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: vshare.tv Bar Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsha.dll
uRun: [Facebook Update] "C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [AIM for Windows] "C:\Users\Brian\AppData\Local\AOL\AIM\aim.exe"
uRun: [ladevi] rundll32.exe "C:\Users\Brian\AppData\Roaming\ladevi.dll",AddColumn
uRun: [<NO NAME>] C:\Users\Brian\AppData\Local\Temp\nasrocwmxe.exe
uRun: [ovcroe] rundll32.exe "C:\Users\Brian\AppData\Roaming\ovcroe.dll",Long_AsLong
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
TCP: DhcpNameServer = 207.22.166.2 207.22.166.61
TCP: Interfaces\{BB2A3391-3F15-4023-A8A2-A27D61024EF7} : DhcpNameServer = 207.22.166.2 207.22.166.61
TCP: Interfaces\{BB2A3391-3F15-4023-A8A2-A27D61024EF7}\262716E646F6E6 : DhcpNameServer = 24.96.83.3 24.96.83.2
TCP: Interfaces\{BB2A3391-3F15-4023-A8A2-A27D61024EF7}\373796467697073797E6564777F627B6 : DhcpNameServer = 207.22.166.2 207.22.166.61
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: vshare.tv Bar Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsha.dll
BHO-X64: vshare.tv Bar - No File
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64: IESpeakDoc - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: vshare.tv Bar Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsha.dll
mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun-x64: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
mRun-x64: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\system32\DRIVERS\FLxHCIc.sys --> C:\Windows\system32\DRIVERS\FLxHCIc.sys [?]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\system32\DRIVERS\FLxHCIh.sys --> C:\Windows\system32\DRIVERS\FLxHCIh.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
S1 A2DDA;A2 Direct Disk Access Support Driver;C:\Users\Brian\Desktop\Emisoft\Run\a2ddax64.sys [2012-8-29 23208]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
S1 SbFw;SbFw;C:\Windows\system32\drivers\SbFw.sys --> C:\Windows\system32\drivers\SbFw.sys [?]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
S2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
S2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-1-7 267480]
S2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-13 138400]
S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-2 135664]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-7 2009704]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]
S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-7 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 250568]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-2 135664]
S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;C:\Windows\system32\DRIVERS\sbfwim.sys --> C:\Windows\system32\DRIVERS\sbfwim.sys [?]
S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\Windows\system32\DRIVERS\SBFWIM.sys --> C:\Windows\system32\DRIVERS\SBFWIM.sys [?]
S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-29 22:28:55 -------- d-sh--w- C:\found.000
2012-08-29 21:25:49 655872 ----a-w- C:\Users\Brian\AppData\Roaming\ovcroe.dll
2012-08-29 21:19:12 158720 ----a-w- C:\Users\Brian\AppData\Roaming\ladevi.dll
2012-08-28 20:30:46 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D92FF57A-9BCA-4FE9-AF00-3C6900AE5E14}\mpengine.dll
2012-08-21 21:10:26 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-08-21 21:10:25 67072 ----a-w- C:\Windows\splwow64.exe
2012-08-21 21:10:25 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-08-21 21:10:25 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-08-21 21:10:21 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-08-21 21:10:21 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2012-08-15 22:23:15 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-08-15 22:20:11 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-08-15 22:20:11 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-08-15 22:20:11 136704 ----a-w- C:\Windows\System32\browser.dll
2012-08-15 22:20:09 956928 ----a-w- C:\Windows\System32\localspl.dll
2012-08-15 22:20:09 3148800 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2012-08-29 21:58:07 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2012-08-22 12:39:35 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-22 12:39:34 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-03 18:31:58 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-06-03 18:31:58 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 0:31:40.48 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:09 PM

Posted 31 August 2012 - 10:11 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 RealTalk

RealTalk
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 01 September 2012 - 12:23 PM

Thanks man! Looks good. Everythings running normal again so far. ComboFix said i had avast running but it was definitely uninstalled. Take a look at my logs:

sults of screen317's Security Check version 0.99.49
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
avast! Antivirus
Trend Micro Titanium Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java™ 6 Update 32
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader X (10.1.4)
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


ComboFix 12-08-31.08 - Brian 09/01/2012 13:05:42.2.8 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12193.10953 [GMT -4:00]
Running from: c:\users\Brian\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Brian\AppData\Roaming\ladevi.dll
c:\users\Brian\AppData\Roaming\ovcroe.dll
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-08-01 to 2012-09-01 )))))))))))))))))))))))))))))))
.
.
2012-09-01 17:09 . 2012-09-01 17:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-09-01 17:09 . 2012-09-01 17:09 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-09-01 17:09 . 2012-09-01 17:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-29 22:28 . 2012-08-29 22:28 -------- d-----w- C:\found.000
2012-08-28 20:30 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D92FF57A-9BCA-4FE9-AF00-3C6900AE5E14}\mpengine.dll
2012-08-21 21:10 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-21 21:10 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-21 21:10 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-21 21:10 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-21 21:10 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-21 21:10 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 22:23 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-15 22:20 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 22:20 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 22:20 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 22:20 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 22:20 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 22:20 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-29 21:58 . 2011-10-12 22:42 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-08-22 12:39 . 2012-04-04 12:41 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-22 12:39 . 2011-10-23 12:19 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-21 09:12 . 2011-10-13 00:55 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-15 22:21 . 2011-10-18 21:18 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-06-09 05:43 . 2012-07-10 21:37 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-10 21:37 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-10 21:37 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-10 21:37 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-10 21:37 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-10 21:37 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-10 21:37 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-03 18:31 . 2012-06-03 18:32 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-06-03 18:31 . 2011-12-06 22:31 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-19_00.49.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-06-11 05:58 . 2011-06-11 05:58 51024 c:\windows\SysWOW64\vcomp100.dll
+ 1999-11-24 21:40 . 1999-11-24 21:40 40960 c:\windows\SysWOW64\VBAME.DLL
- 2012-01-17 04:31 . 2011-11-17 05:28 96768 c:\windows\SysWOW64\sspicli.dll
+ 2012-07-10 21:37 . 2012-06-02 04:34 96768 c:\windows\SysWOW64\sspicli.dll
+ 2012-07-10 21:37 . 2012-06-02 04:40 22016 c:\windows\SysWOW64\secur32.dll
- 2012-01-17 04:31 . 2011-11-17 05:34 22016 c:\windows\SysWOW64\secur32.dll
+ 1998-03-25 00:54 . 1998-03-25 00:54 15872 c:\windows\SysWOW64\SCP32.DLL
+ 2011-08-07 12:59 . 2012-03-11 06:09 17920 c:\windows\SysWOW64\OpenCL.dll
+ 2012-08-15 22:20 . 2012-07-04 21:16 57344 c:\windows\SysWOW64\netapi32.dll
+ 1998-08-09 14:07 . 1998-08-09 14:07 94208 c:\windows\SysWOW64\MSSTKPRP.DLL
+ 2012-08-21 21:11 . 2012-06-29 00:01 73216 c:\windows\SysWOW64\mshtmled.dll
+ 2012-08-21 21:11 . 2012-06-29 00:06 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-04-11 14:59 . 2012-02-28 01:08 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 81744 c:\windows\SysWOW64\mfcm100u.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 81744 c:\windows\SysWOW64\mfcm100.dll
+ 1998-06-17 22:08 . 1998-06-17 22:08 53248 c:\windows\SysWOW64\MFC42ENU.DLL
+ 2011-06-11 05:58 . 2011-06-11 05:58 60752 c:\windows\SysWOW64\mfc100rus.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 43344 c:\windows\SysWOW64\mfc100kor.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 43856 c:\windows\SysWOW64\mfc100jpn.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 62288 c:\windows\SysWOW64\mfc100ita.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 64336 c:\windows\SysWOW64\mfc100fra.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 63824 c:\windows\SysWOW64\mfc100esn.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 55120 c:\windows\SysWOW64\mfc100enu.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 64336 c:\windows\SysWOW64\mfc100deu.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 36176 c:\windows\SysWOW64\mfc100cht.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 36176 c:\windows\SysWOW64\mfc100chs.dll
+ 1998-03-26 04:00 . 1998-03-26 04:00 38160 c:\windows\SysWOW64\MAPISRVR.EXE
+ 2012-08-21 21:11 . 2012-06-29 00:06 65024 c:\windows\SysWOW64\jsproxy.dll
- 2012-04-11 14:59 . 2012-02-28 01:08 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-05-15 21:21 . 2012-03-11 06:09 86528 c:\windows\SysWOW64\IntelOpenCL32.dll
+ 2012-03-19 19:12 . 2012-03-19 19:12 25088 c:\windows\SysWOW64\igfxexps32.dll
+ 2012-03-19 20:25 . 2012-03-19 20:25 58880 c:\windows\SysWOW64\igdde32.dll
+ 2003-08-18 18:26 . 2003-08-18 18:26 25872 c:\windows\SysWOW64\FM20ENU.DLL
+ 2009-07-14 04:54 . 2012-08-29 21:51 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-04-15 21:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-29 21:51 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-15 21:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-29 21:51 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-15 21:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2004-01-29 14:08 . 2004-01-29 14:08 32768 c:\windows\SysWOW64\ATHPRXY.DLL
+ 2012-06-24 12:09 . 2012-06-02 22:19 44056 c:\windows\system32\wups2.dll
+ 2012-06-24 12:09 . 2012-06-02 22:19 38424 c:\windows\system32\wups.dll
+ 2012-06-24 12:09 . 2012-06-02 22:15 99840 c:\windows\system32\wudriver.dll
+ 2012-06-24 12:09 . 2012-06-02 22:19 57880 c:\windows\system32\wuauclt.exe
+ 2012-06-24 12:09 . 2012-06-02 19:15 36864 c:\windows\system32\wuapp.exe
- 2011-02-18 19:49 . 2010-11-20 13:25 36864 c:\windows\system32\wuapp.exe
+ 2009-07-14 00:21 . 2009-07-14 01:41 88064 c:\windows\system32\WpdMtpUS.dll
+ 2011-02-18 20:13 . 2012-08-29 21:59 44600 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-29 21:59 40734 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-10-13 00:48 . 2012-08-29 21:59 13818 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2814915296-174591460-2764255659-1001_UserData.bin
- 2012-03-13 20:15 . 2012-01-25 06:38 77312 c:\windows\system32\rdpwsx.dll
+ 2012-06-16 05:33 . 2012-04-26 05:41 77312 c:\windows\system32\rdpwsx.dll
+ 2011-08-07 12:59 . 2012-03-11 06:17 20992 c:\windows\system32\OpenCL.dll
+ 2012-08-21 21:11 . 2012-06-29 03:40 96768 c:\windows\system32\mshtmled.dll
+ 2012-08-21 21:11 . 2012-06-29 03:46 86528 c:\windows\system32\migration\WininetPlugin.dll
- 2012-04-11 14:59 . 2012-02-28 06:47 86528 c:\windows\system32\migration\WininetPlugin.dll
- 2012-04-11 14:59 . 2012-02-28 06:47 85504 c:\windows\system32\jsproxy.dll
+ 2012-08-21 21:11 . 2012-06-29 03:45 85504 c:\windows\system32\jsproxy.dll
+ 2011-12-06 08:22 . 2011-12-06 08:22 14848 c:\windows\system32\IntcDAuC.dll
- 2011-04-12 02:25 . 2010-10-14 16:27 14848 c:\windows\system32\IntcDAuC.dll
+ 2011-04-12 02:25 . 2012-03-19 19:17 63488 c:\windows\system32\igfxsrvc.dll
- 2011-04-12 02:25 . 2011-01-27 00:24 28672 c:\windows\system32\igfxexps.dll
+ 2012-03-19 19:17 . 2012-03-19 19:17 28672 c:\windows\system32\igfxexps.dll
+ 2012-03-19 20:42 . 2012-03-19 20:42 90112 c:\windows\system32\igfxCoIn_v2696.dll
+ 2012-03-19 20:31 . 2012-03-19 20:31 79360 c:\windows\system32\igdde64.dll
+ 2009-07-14 05:30 . 2012-08-21 21:05 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-04-15 19:40 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-12-06 08:22 . 2011-12-06 08:22 14848 c:\windows\system32\DriverStore\FileRepository\intcdaud.inf_amd64_neutral_31955b183c8225fd\IntcDAuC.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 52736 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\OpenCL64.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 51200 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\OpenCL.dll
+ 2012-03-19 20:42 . 2012-03-19 20:42 90112 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igxpco64.dll
+ 2012-03-19 19:17 . 2012-03-19 19:17 63488 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxsrvc.dll
+ 2012-03-19 19:12 . 2012-03-19 19:12 25088 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxexps32.dll
+ 2012-03-19 19:17 . 2012-03-19 19:17 28672 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxexps.dll
+ 2012-03-19 20:31 . 2012-03-19 20:31 79360 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdde64.dll
+ 2012-03-19 20:25 . 2012-03-19 20:25 58880 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdde32.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 94208 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IccLibDll_x64.dll
+ 2011-10-16 22:20 . 2011-04-28 03:54 80384 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\BTHUSB.SYS
+ 2009-07-14 00:06 . 2009-07-14 00:06 41984 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\bthenum.sys
+ 2011-02-18 19:49 . 2010-11-20 10:43 41984 c:\windows\system32\drivers\winusb.sys
+ 2012-05-13 13:57 . 2012-03-17 07:58 75120 c:\windows\system32\drivers\partmgr.sys
+ 2012-07-10 21:37 . 2012-06-02 05:48 95600 c:\windows\system32\drivers\ksecdd.sys
- 2012-01-17 04:31 . 2011-11-17 06:49 95600 c:\windows\system32\drivers\ksecdd.sys
- 2011-10-12 22:10 . 2012-04-15 15:59 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-12 22:10 . 2012-08-29 21:25 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-12 22:10 . 2012-08-29 21:25 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-10-12 22:10 . 2012-04-15 15:59 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-29 21:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-15 15:59 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-08-28 21:42 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-11-22 03:57 . 2011-11-22 03:57 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 68880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-04-11 15:00 . 2012-04-11 15:00 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-16 22:32 . 2012-06-16 22:32 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-11 08:55 . 2012-04-11 08:55 41472 c:\windows\Installer\93c298.msi
+ 2005-11-14 20:38 . 2005-11-14 20:38 72192 c:\windows\Installer\3a4b6d.msp
+ 2012-07-19 23:04 . 2012-07-19 23:04 25600 c:\windows\Installer\399f62.msi
+ 2012-06-06 22:22 . 2012-06-10 06:17 90112 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2012-06-06 22:22 . 2012-06-10 06:17 45056 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2012-06-06 22:22 . 2012-06-10 06:17 22528 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2012-06-06 22:22 . 2012-06-10 06:17 30720 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2012-06-06 22:22 . 2012-06-10 06:17 16384 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2012-06-06 22:22 . 2012-06-10 06:17 34304 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2012-06-06 22:22 . 2012-06-10 06:17 81920 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2012-05-15 05:06 . 2012-05-15 05:06 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7fa267d10b2df6dbd00d00d130715f0a\System.Xml.Serialization.ni.dll
+ 2012-05-15 05:06 . 2012-05-15 05:06 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\054fce9466c6cef615b2f7cc9ff4e7f8\System.Windows.Presentation.ni.dll
+ 2012-05-15 05:06 . 2012-05-15 05:06 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\ff78ec1b5bf38a8fb74c2d4f41bb308a\System.Web.ApplicationServices.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\e144d0028365c62178eb0662911ac910\System.AddIn.Contract.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\93295f3771dc9e5be2d49d5f5d76a7a6\Microsoft.VisualC.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\5ea625ce2d6c08687f70cb81a003a28b\dfsvc.ni.exe
+ 2012-05-15 05:01 . 2012-05-15 05:01 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\061cbee19075e086d675a9e1f65725d7\Accessibility.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\f3a9c6e87bfa4bab3689ec1cdb56964f\System.Windows.Presentation.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\9b418f37f4594806e1f4b0ed6d083a95\System.Web.ApplicationServices.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\59be5fb54e018032511415f0b0523ee3\System.AddIn.Contract.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\fb4bc14964a1d415bdbe55b62ce73a52\System.Windows.Presentation.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\eef76dd965ea0a8ae5fb0c734d84389c\System.Web.DynamicData.Design.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\acd8bdefdcae0ce7c27b5ec016ef865c\System.Web.DynamicData.Design.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\78f495970511b726a0ca7b8119360e25\PresentationFontCache.ni.exe
+ 2012-05-15 04:26 . 2012-05-15 04:26 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\1a359e9b908a2565c546a8ca04b241c2\PresentationCFFRasterizer.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\9d57c4bbbc0b3243046fc7839da71b00\Microsoft.WSMan.Runtime.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\d6578432220dbabf2b15027681327bf8\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\66deb65a87750efddf62d1e0c0655352\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4b6402dc918e41b8de8c501f29833d91\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\28545d2b6a0aaef4aa168f9808603bc5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\1d8a17a2c1416a8ad4d6ad2a28b4c5fd\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0abc7256549c204f39af7dcc52c9e5d5\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-05-15 04:25 . 2012-05-15 04:25 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\3c3a6cce983114e7406e0a6e6116ecd8\Microsoft.VisualC.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6ab0575bf49b60fd4b697d47e1754072\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\1569a004b1f41193818e3b3777f2c73d\LoadMxf.ni.exe
+ 2012-05-15 04:59 . 2012-05-15 04:59 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\3ee98e8b2084e27d65953bbd7e362bf8\ehiUPnP.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\1cd9f92749d29b9fd61fcb1c4ae84294\ehiTVMSMusic.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\0811f67973c32efb2bfad62a4a2592b5\dfsvc.ni.exe
+ 2012-05-15 04:26 . 2012-05-15 04:26 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\ae9311dcb0e713330a2a86b04cf361dc\Accessibility.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\fbca78795c4dd2a0df1fbc45cef56513\WindowsLiveWriter.ni.exe
+ 2012-05-15 04:53 . 2012-05-15 04:53 81408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\20225dde0701a809f23364e1c3492449\WindowsLive.Writer.Passport.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\66d750f3f8dde0cc865f921497ab3545\System.Windows.Presentation.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2b97ccae44726f13c418f1406180c3e8\System.Web.DynamicData.Design.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\543b0e12423bcec010bdd2ac27c5dc04\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f34410ab8e82063735d876533db26c49\System.AddIn.Contract.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\d24744f15243e28ea541a459ff7ff5d5\PresentationFontCache.ni.exe
+ 2012-05-15 04:28 . 2012-05-15 04:28 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5a9d0ff936810991cedd098fe006a9be\PresentationCFFRasterizer.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\87a30ba337ed55d0905f19742e2985bc\napcrypt.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\9f2e8e0df9ff39ad21088f1d66cfadb1\Microsoft.WSMan.Runtime.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d797123d55bb7b823120d0a7ffbbc2a7\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb8ad29814d9e5589bd400d38e7a0b10\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cb42a0f25b7608b2675080081b03f6e5\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\c6e9143be5afb36345875d56b61c444f\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\91767cf3facefe10e00734c815e925ad\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\66cd99d2f576cde047074e98bd5e1848\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\4308e1bdc640e1c3f1ea966e84e48900\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\06fcf2fbbe38d9425fc49d935498ec93\Microsoft.Vsa.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\55c57057dc81a5e8c5bde3a230f0bcb9\Microsoft.VisualC.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e3ef400b1f37e4d3b79a42a8a602ea02\Microsoft.Build.Framework.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\2095344bf8c40f8baa94ba53a993fb4c\Microsoft.Build.Framework.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\dc93539af5a961641a26ada75f730136\ehiUserXp.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\53d03b0e238c77cf7e5ac88e02aecd2c\dfsvc.ni.exe
+ 2012-05-15 04:28 . 2012-05-15 04:28 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2012-07-10 21:37 . 2010-06-26 03:24 2048 c:\windows\SysWOW64\msxml3r.dll
- 2009-07-14 00:19 . 2009-07-14 01:07 2048 c:\windows\SysWOW64\msxml3r.dll
+ 2011-10-20 12:39 . 2012-08-29 21:26 4564 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-11-05 01:05 . 2012-08-29 21:24 2068 c:\windows\system32\wdi\{88d4896f-f553-446a-9c75-9dec124ff8b7}.bin
+ 2012-06-16 05:33 . 2012-04-26 05:34 9216 c:\windows\system32\rdrmemptylst.exe
- 2012-03-13 20:15 . 2012-01-25 06:33 9216 c:\windows\system32\rdrmemptylst.exe
+ 2012-05-05 11:42 . 2012-05-05 11:42 9560 c:\windows\system32\NetworkList\Icons\{F5C80B46-8816-4121-A5EA-4F9B2FD03C0F}_48.bin
+ 2012-05-05 11:42 . 2012-05-05 11:42 4280 c:\windows\system32\NetworkList\Icons\{F5C80B46-8816-4121-A5EA-4F9B2FD03C0F}_32.bin
+ 2012-05-05 11:42 . 2012-05-05 11:42 2456 c:\windows\system32\NetworkList\Icons\{F5C80B46-8816-4121-A5EA-4F9B2FD03C0F}_24.bin
+ 2012-07-31 00:58 . 2012-07-31 00:58 9560 c:\windows\system32\NetworkList\Icons\{6CCEDFF6-367C-43FE-A6B9-AED5E11C5313}_48.bin
+ 2012-07-31 00:58 . 2012-07-31 00:58 4280 c:\windows\system32\NetworkList\Icons\{6CCEDFF6-367C-43FE-A6B9-AED5E11C5313}_32.bin
+ 2012-07-31 00:58 . 2012-07-31 00:58 2456 c:\windows\system32\NetworkList\Icons\{6CCEDFF6-367C-43FE-A6B9-AED5E11C5313}_24.bin
- 2009-07-14 00:41 . 2009-07-14 01:30 2048 c:\windows\system32\msxml3r.dll
+ 2012-07-10 21:37 . 2010-06-26 03:55 2048 c:\windows\system32\msxml3r.dll
+ 2012-03-19 19:17 . 2012-03-19 19:17 9216 c:\windows\system32\IGFXDEVLib.dll
+ 2012-03-19 19:17 . 2012-03-19 19:17 9216 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IGFXDEVLib.dll
- 2012-04-15 21:38 . 2012-04-18 23:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-01 16:55 . 2012-09-01 16:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-01 16:55 . 2012-09-01 16:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-04-15 21:38 . 2012-04-18 23:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-06 22:22 . 2012-06-10 06:17 3584 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2012-06-06 22:22 . 2012-06-10 06:17 8192 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2012-06-06 22:22 . 2012-06-10 06:17 2560 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2012-05-15 04:57 . 2012-05-15 04:57 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\4b540b784465ca3f0742990e5af444e3\System.Xml.Serialization.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fd866b4158c3bd2a26c875f2896c5573\dfsvc.ni.exe
+ 2012-08-21 21:11 . 2012-06-29 00:07 231936 c:\windows\SysWOW64\url.dll
- 2012-04-11 14:59 . 2012-02-28 01:09 231936 c:\windows\SysWOW64\url.dll
+ 2012-07-10 21:37 . 2012-06-02 04:40 225280 c:\windows\SysWOW64\schannel.dll
+ 2000-04-03 21:52 . 2000-04-03 21:52 151552 c:\windows\SysWOW64\RDOCURS.DLL
+ 1998-12-08 22:53 . 1998-12-08 22:53 212480 c:\windows\SysWOW64\PCDLIB32.DLL
+ 2012-05-15 21:22 . 2011-03-08 05:35 644712 c:\windows\SysWOW64\NV\igdumd32.dll
+ 2012-07-10 21:37 . 2012-06-02 04:39 219136 c:\windows\SysWOW64\ncrypt.dll
- 2009-07-13 23:33 . 2009-07-14 01:16 219136 c:\windows\SysWOW64\ncrypt.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 773968 c:\windows\SysWOW64\msvcr100.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 421200 c:\windows\SysWOW64\msvcp100.dll
+ 2000-05-24 01:45 . 2000-05-24 01:45 118784 c:\windows\SysWOW64\MSSTDFMT.DLL
+ 2000-05-11 17:06 . 2000-05-11 17:06 397312 c:\windows\SysWOW64\MSRDO20.DLL
+ 1998-10-01 16:00 . 1998-10-01 16:00 520128 c:\windows\SysWOW64\MAPI.DLL
+ 2012-08-22 12:39 . 2012-08-22 12:39 690888 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
+ 2012-08-22 12:39 . 2012-08-22 12:39 474824 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.dll
+ 2012-04-04 12:41 . 2012-08-22 12:39 250568 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-08-21 21:11 . 2012-06-29 00:04 717824 c:\windows\SysWOW64\jscript.dll
- 2011-12-06 22:31 . 2011-12-06 22:31 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-06-03 18:32 . 2012-06-03 18:31 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-06-03 18:32 . 2012-06-03 18:31 149280 c:\windows\SysWOW64\javaw.exe
+ 2012-06-03 18:32 . 2012-06-03 18:31 149280 c:\windows\SysWOW64\java.exe
+ 2012-03-19 20:44 . 2012-03-19 20:44 276248 c:\windows\SysWOW64\IntelCpHeciSvc.exe
+ 2012-03-19 19:09 . 2012-03-19 19:09 519680 c:\windows\SysWOW64\iglhsip32.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 177152 c:\windows\SysWOW64\iglhcp32.dll
+ 2012-03-19 20:31 . 2012-03-19 20:31 963912 c:\windows\SysWOW64\igkrng600.bin
+ 2012-03-19 19:11 . 2012-03-19 19:11 325120 c:\windows\SysWOW64\igfxdv32.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 237056 c:\windows\SysWOW64\igfxcmrt32.dll
+ 2012-03-19 20:31 . 2012-03-19 20:31 261208 c:\windows\SysWOW64\igfcg600m.bin
- 2011-03-28 23:24 . 2011-03-28 23:24 142848 c:\windows\SysWOW64\ieUnatt.exe
+ 2012-08-21 21:11 . 2012-06-29 00:04 142848 c:\windows\SysWOW64\ieUnatt.exe
- 2012-04-11 14:59 . 2012-02-28 00:59 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-08-21 21:11 . 2012-06-28 23:57 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-06-16 05:31 . 2012-04-24 04:36 140288 c:\windows\SysWOW64\cryptsvc.dll
+ 2012-06-16 05:31 . 2012-04-24 04:36 103936 c:\windows\SysWOW64\cryptnet.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 138056 c:\windows\SysWOW64\atl100.dll
+ 2012-06-24 12:09 . 2012-06-02 19:19 186752 c:\windows\system32\wuwebv.dll
+ 2012-06-24 12:09 . 2012-06-02 22:19 701976 c:\windows\system32\wuapi.dll
+ 2009-07-14 00:21 . 2009-07-14 01:41 297984 c:\windows\system32\WpdMtp.dll
+ 2011-10-16 04:06 . 2012-08-25 16:38 289994 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-10-13 02:14 . 2012-08-29 21:24 277116 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2012-04-11 14:59 . 2012-02-28 06:48 237056 c:\windows\system32\url.dll
+ 2012-08-21 21:11 . 2012-06-29 03:47 237056 c:\windows\system32\url.dll
- 2012-01-17 04:31 . 2011-11-17 06:35 340992 c:\windows\system32\schannel.dll
+ 2012-07-10 21:37 . 2012-06-02 05:45 340992 c:\windows\system32\schannel.dll
+ 2012-06-16 05:33 . 2012-04-26 05:41 149504 c:\windows\system32\rdpcorekmts.dll
- 2012-03-13 20:15 . 2012-01-25 06:38 149504 c:\windows\system32\rdpcorekmts.dll
- 2011-02-18 19:49 . 2010-11-20 13:27 209920 c:\windows\system32\profsvc.dll
+ 2012-06-16 05:33 . 2012-05-01 05:40 209920 c:\windows\system32\profsvc.dll
+ 2009-07-14 02:36 . 2012-08-11 01:09 635824 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-08-11 01:09 110508 c:\windows\system32\perfc009.dat
+ 2012-07-10 21:37 . 2012-06-02 05:44 307200 c:\windows\system32\ncrypt.dll
- 2009-07-13 23:49 . 2009-07-14 01:41 307200 c:\windows\system32\ncrypt.dll
+ 2011-10-13 01:05 . 2012-05-31 16:25 279656 c:\windows\system32\MpSigStub.exe
+ 2012-08-22 12:39 . 2012-08-22 12:39 420552 c:\windows\system32\Macromed\Flash\FlashUtil64_11_4_402_265_ActiveX.exe
+ 2012-08-22 12:39 . 2012-08-22 12:39 522952 c:\windows\system32\Macromed\Flash\FlashUtil64_11_4_402_265_ActiveX.dll
+ 2012-08-21 21:11 . 2012-06-29 03:44 816640 c:\windows\system32\jscript.dll
+ 2012-05-15 21:21 . 2012-03-11 06:17 121344 c:\windows\system32\IntelOpenCL64.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 524800 c:\windows\system32\iglhsip64.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 213504 c:\windows\system32\iglhcp64.dll
+ 2012-03-19 20:31 . 2012-03-19 20:31 963912 c:\windows\system32\igkrng600.bin
+ 2012-03-19 20:44 . 2012-03-19 20:44 170264 c:\windows\system32\igfxtray.exe
+ 2012-03-19 19:18 . 2012-03-19 19:18 410624 c:\windows\system32\igfxTMM.dll
+ 2012-03-19 20:44 . 2012-03-19 20:44 509720 c:\windows\system32\igfxsrvc.exe
+ 2012-03-19 19:18 . 2012-03-19 19:18 386560 c:\windows\system32\igfxpph.dll
+ 2012-03-19 20:44 . 2012-03-19 20:44 439064 c:\windows\system32\igfxpers.exe
+ 2012-03-19 20:44 . 2012-03-19 20:44 250136 c:\windows\system32\igfxext.exe
+ 2012-03-19 19:16 . 2012-03-19 19:16 142336 c:\windows\system32\igfxdo.dll
- 2011-04-12 02:25 . 2011-01-27 00:22 142336 c:\windows\system32\igfxdo.dll
+ 2012-03-19 19:17 . 2012-03-19 19:17 434688 c:\windows\system32\igfxdev.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 193024 c:\windows\system32\igfxcmrt64.dll
+ 2012-03-19 20:31 . 2012-03-19 20:31 261208 c:\windows\system32\igfcg600m.bin
+ 2012-08-21 21:11 . 2012-06-29 03:43 173056 c:\windows\system32\ieUnatt.exe
- 2011-03-28 23:24 . 2011-03-28 23:24 173056 c:\windows\system32\ieUnatt.exe
- 2012-04-11 14:59 . 2012-02-28 06:39 248320 c:\windows\system32\ieui.dll
+ 2012-08-21 21:11 . 2012-06-29 03:35 248320 c:\windows\system32\ieui.dll
+ 2012-03-19 20:44 . 2012-03-19 20:44 398616 c:\windows\system32\hkcmd.exe
+ 2011-04-12 02:25 . 2012-03-19 19:17 110592 c:\windows\system32\hccutils.dll
+ 2012-03-19 19:17 . 2012-03-19 19:17 172032 c:\windows\system32\gfxSrvc.dll
+ 2009-07-14 04:45 . 2012-08-21 21:17 296032 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:30 . 2012-08-21 21:05 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-04-15 19:40 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-08-21 21:05 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2012-04-15 19:40 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-12-06 08:23 . 2011-12-06 08:23 331264 c:\windows\system32\DriverStore\FileRepository\intcdaud.inf_amd64_neutral_31955b183c8225fd\IntcDAud.sys
+ 2012-03-19 20:03 . 2012-03-19 20:03 236544 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IntelOpenCL64.dll
+ 2012-03-19 20:00 . 2012-03-19 20:00 188416 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IntelOpenCL32.dll
+ 2012-03-19 20:44 . 2012-03-19 20:44 276248 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IntelCpHeciSvc.exe
+ 2012-03-19 19:09 . 2012-03-19 19:09 524800 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\iglhsip64.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 519680 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\iglhsip32.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 213504 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\iglhcp64.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 177152 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\iglhcp32.dll
+ 2012-03-19 20:37 . 2012-03-19 20:37 755188 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igkrng700.bin
+ 2012-03-19 20:31 . 2012-03-19 20:31 963912 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igkrng600.bin
+ 2012-03-19 20:44 . 2012-03-19 20:44 170264 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxtray.exe
+ 2012-03-19 19:18 . 2012-03-19 19:18 410624 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxTMM.dll
+ 2012-03-19 20:44 . 2012-03-19 20:44 509720 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxsrvc.exe
+ 2012-03-19 19:18 . 2012-03-19 19:18 386560 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxpph.dll
+ 2012-03-19 20:44 . 2012-03-19 20:44 439064 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxpers.exe
+ 2012-03-19 20:44 . 2012-03-19 20:44 250136 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxext.exe
+ 2012-03-19 19:11 . 2012-03-19 19:11 325120 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxdv32.dll
+ 2012-03-19 19:16 . 2012-03-19 19:16 142336 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxdo.dll
+ 2012-03-19 19:17 . 2012-03-19 19:17 434688 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxdev.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 193024 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxcmrt64.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 237056 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxcmrt32.dll
+ 2012-03-19 20:37 . 2012-03-19 20:37 561508 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfcg700m.bin
+ 2012-03-19 20:31 . 2012-03-19 20:31 261208 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfcg600m.bin
+ 2012-03-19 20:03 . 2012-03-19 20:03 591872 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdrcl64.dll
+ 2012-03-19 20:00 . 2012-03-19 20:00 518144 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdrcl32.dll
+ 2012-03-19 20:31 . 2012-03-19 20:31 145804 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igcompkrng600.bin
+ 2012-03-19 20:44 . 2012-03-19 20:44 398616 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\hkcmd.exe
+ 2012-03-19 19:17 . 2012-03-19 19:17 110592 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\hccutils.dll
+ 2012-03-19 19:17 . 2012-03-19 19:17 172032 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\gfxSrvc.dll
+ 2012-03-19 20:44 . 2012-03-19 20:44 184600 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\difx64.exe
+ 2011-02-18 19:49 . 2010-11-20 13:24 229376 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\fsquirt.exe
+ 2012-08-15 22:23 . 2012-07-06 20:07 552960 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\bthport.sys
+ 2009-07-14 05:31 . 2012-08-21 21:05 399360 c:\windows\system32\DriverStore\drvindex.dat
- 2009-07-14 05:31 . 2011-10-18 21:20 399360 c:\windows\system32\DriverStore\drvindex.dat
+ 2012-06-16 05:31 . 2012-04-28 03:55 210944 c:\windows\system32\drivers\rdpwd.sys
- 2012-03-13 20:15 . 2012-02-17 04:58 210944 c:\windows\system32\drivers\rdpwd.sys
+ 2012-07-10 21:37 . 2012-06-02 05:48 151920 c:\windows\system32\drivers\ksecpkg.sys
+ 2011-12-06 08:23 . 2011-12-06 08:23 331264 c:\windows\system32\drivers\IntcDAud.sys
+ 2012-07-10 21:37 . 2012-06-02 05:50 458704 c:\windows\system32\drivers\cng.sys
+ 2012-03-19 20:44 . 2012-03-19 20:44 184600 c:\windows\system32\difx64.exe
+ 2012-06-16 05:31 . 2012-04-24 05:37 184320 c:\windows\system32\cryptsvc.dll
+ 2012-06-16 05:31 . 2012-04-24 05:37 140288 c:\windows\system32\cryptnet.dll
+ 2009-07-14 05:01 . 2012-08-29 21:26 260732 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-15 18:01 . 2011-12-15 18:01 226600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2012-04-21 15:03 . 2012-04-21 15:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 156440 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.AddIn.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 598784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2012-05-13 13:57 . 2012-02-10 23:29 172320 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationHostDLL.dll
- 2012-04-11 13:54 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-06-16 05:30 . 2012-04-23 22:33 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-05-13 13:57 . 2012-01-04 03:34 486144 c:\windows\Microsoft.NET\Framework64\v2.0.50727\SOS.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 182056 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2012-04-21 15:03 . 2012-04-21 15:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 156440 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 518400 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 957200 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 386824 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2012-05-13 13:57 . 2012-02-10 23:31 131360 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
- 2012-04-11 13:54 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-06-16 05:30 . 2012-04-23 22:35 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-05-13 13:57 . 2012-01-04 02:51 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2012-05-13 13:57 . 2012-01-04 02:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2012-05-13 13:57 . 2012-01-04 02:50 996624 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-04-11 15:01 . 2012-04-11 15:01 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-16 22:32 . 2012-06-16 22:32 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-16 22:32 . 2012-06-16 22:32 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-11-16 16:54 . 2010-11-16 16:54 906240 c:\windows\Installer\7d798.msp
+ 2012-03-28 17:09 . 2012-03-28 17:09 315392 c:\windows\Installer\65a25.msi
+ 2008-07-23 03:20 . 2008-07-23 03:20 110592 c:\windows\Installer\3a4bbe.msp
+ 2009-04-20 18:59 . 2009-04-20 18:59 219648 c:\windows\Installer\3a4b95.msp
+ 2009-11-05 18:21 . 2009-11-05 18:21 537600 c:\windows\Installer\3a4b43.msp
+ 2011-02-20 03:08 . 2011-02-20 03:08 163840 c:\windows\Installer\202816e.msi
+ 2012-06-03 18:32 . 2012-06-03 18:32 207360 c:\windows\Installer\2010e8.msi
+ 2012-06-06 22:22 . 2012-06-10 06:17 114688 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2012-06-06 22:22 . 2012-06-10 06:17 167936 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2010-03-18 17:16 . 2010-03-18 17:16 181096 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_X86.dll
+ 2010-03-18 18:27 . 2010-03-18 18:27 225640 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationHostDLL_AMD64.dll
+ 2011-06-06 16:55 . 2011-06-06 16:55 686464 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\JP2KLib.dll
+ 2012-01-03 07:37 . 2012-01-03 07:37 320456 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\adobearmhelper.exe
+ 2011-06-06 16:55 . 2011-06-06 16:55 937920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\adobearm.exe
+ 2012-05-15 05:06 . 2012-05-15 05:06 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\65f25960625d91ca79a40f9067adc021\WindowsFormsIntegration.ni.dll
+ 2012-06-17 15:41 . 2012-06-17 15:41 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\fb43d84bc59b21e8a7f3e36d616eea90\UIAutomationTypes.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\26f12a0a3baed2a227cf30aaeae03913\UIAutomationProvider.ni.dll
+ 2012-05-15 05:06 . 2012-05-15 05:06 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\1c3c298326e9ac14796516ac1da09a16\UIAutomationClient.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\307eea660f877dc40ae90882ce554757\System.Xml.Linq.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\b4afa252d0f0e27b0b5e8fcb2cc5b3a7\System.Windows.Input.Manipulations.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\8c0ee7b970cc4e8c2986c7898af71661\System.Transactions.ni.dll
+ 2012-06-17 15:41 . 2012-06-17 15:41 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\85810fe277a718273eb946a460ae8010\System.ServiceProcess.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\eb4fb369926faaffede7aaf317fd6532\System.ServiceModel.Channels.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e5ab3c37897bb578bdbfe6b7e0558ad8\System.ServiceModel.Routing.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\e48b6a8c491a96d1bc601795532af605\System.Security.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\7590828d50338d512b11a4d3f87d69a2\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\21d5b44ef01ccfa69e79674a51707de0\System.Runtime.Remoting.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\5f2bfb0585061dc256ee9587d430959f\System.Numerics.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\6996a415485a84fef2d2556b0462336f\System.Net.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\a3849a373beeb3509d8c22d5751dfad3\System.Messaging.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\92d266f677605e5475b7f39c063c4a9d\System.Management.Instrumentation.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\07a0e1efc063042be3e8faf62b413a12\System.IO.Log.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\7fd39b9a208214e6e5eba4e9396409f1\System.IdentityModel.Selectors.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.Wrapper.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\521f5bccf74318a4777597b0c01fda1e\System.Dynamic.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\6a8bd7d373c988a585e90bb61c5ec8cc\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\78dd02d104bb15bc3820c06bd2876239\System.Device.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\97d1aaf3733b107ecdbecb9d21050ff4\System.Data.DataSetExtensions.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c3d7a7ff58ff502887d8f1b77e61adbc\System.Configuration.Install.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\a4f91f2dfd1656ef2e42917963f6bf50\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 871936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\b1c67ee2e0e6e78c31985069fbc82596\System.AddIn.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\c69fb0f955adc7ca80cd5f2fd730edea\System.Activities.DurableInstancing.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\11fc863fa4f5092fca4f2ce25a9ac361\SMSvcHost.ni.exe
+ 2012-05-15 05:03 . 2012-05-15 05:03 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\50e8e826488639e549589ba34666933e\SMDiagnostics.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\722c0236432dd5ccc047481d3ebbd49e\PresentationFramework.Royale.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\6739c3715c9e38dbdfbfd57b424a3094\PresentationFramework.Aero.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\3e7359f5f0fb68565314f88f6ec2d67a\PresentationFramework.Luna.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\263748f3d18955b9e467710da1e8546f\PresentationFramework.Classic.ni.dll
+ 2012-06-17 15:39 . 2012-06-17 15:39 289280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\88618d3ecf29f3fdeb504a7e8128d109\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 289280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\798505dff98cafa6debc659b9030cd51\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\6480551111832c83ee88bcf756a72533\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\0e81a3996f7cbff23fc01bea4185a918\CustomMarshalers.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\7a9f70fa774076a7ec19bc03e7064d0d\UIAutomationClient.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\c477bbff1e4662263255a1bf17bd9c2a\System.Windows.Input.Manipulations.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\5a4d233916a69d48fa12a9f7f103d893\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd25ddcfa0417d40e3f1385e30abcd6f\System.Net.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\08397796343d5730a29f42e61c7f6ee7\System.Management.Instrumentation.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\ff1250d2409bd16283c423650d6fd3f6\System.IO.Log.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\e60675d3ba7fa94924489dc8466ebff5\System.IdentityModel.Selectors.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a9b1e597aaa263dea2cf8754440bd271\System.Dynamic.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e41e86da56bb60523251e0e08210a77b\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\94d45f7f28d81304d7fa83bcea849141\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4c50d8a951546d6dffdc8bcb23f47a7b\System.Device.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\7803f4398a527a87d5cace8023e93e8b\System.Data.DataSetExtensions.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\877ef74350e6d374ca8f80b489a8cc8e\System.ComponentModel.Composition.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4330e93f9d0ef85f1a972e11c2ac5156\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 624128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\0c67d9fc14856eb7d8b4e405aef79960\System.AddIn.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2b046f2d5f056b906d7b25b75ca23575\System.Activities.DurableInstancing.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\4847f66153121ec4ed532909f7c152be\SMSvcHost.ni.exe
+ 2012-05-15 04:56 . 2012-05-15 04:56 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
+ 2012-05-14 02:08 . 2012-05-14 02:08 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ef6e3eb351fe12a5766be7c956c35d95\PresentationFramework.Classic.ni.dll
+ 2012-05-14 02:08 . 2012-05-14 02:08 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e49a124fdad0f1db135f03a49f18fb48\PresentationFramework.Royale.ni.dll
+ 2012-05-14 02:08 . 2012-05-14 02:08 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
+ 2012-05-14 02:08 . 2012-05-14 02:08 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\141f0a8fbfb83604fa3dd43dbe8fa0f4\PresentationFramework.Luna.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\cb90e8f4f8a6b23eb9f56c7e2e866bcf\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\01c5ff7a1ea0463414736df5d449e0a9\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\ad7f43afb4f124acae4d503b40f591c1\WsatConfig.ni.exe
+ 2012-06-16 19:06 . 2012-06-16 19:06 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f4d304fcbfda323997083a1f88b83719\WindowsFormsIntegration.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\cefe28fde401a6a5718d1718c345fb37\WindowsFormsIntegration.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\bf634b0e2e28466c6ed6ae1eb602b09f\UIAutomationTypes.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\1ff8fb81d6f045f1dc6f50be95444292\UIAutomationProvider.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\1f36e020c3563e0ff414f13138e238e1\UIAutomationClient.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\769b7666d915de95db5b63ec22bf3e42\TaskScheduler.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\681410f842337dccc72eb059738c3ced\TaskScheduler.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\de45d043775d8c805f6feca40d7a9ed2\System.Xml.Linq.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\72b4992e45d232251a273a59eb3333d5\System.Web.Routing.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\181702fb83901c085401957c6f731cf4\System.Web.Routing.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\76662ce36d2141e45513e64386073cc2\System.Web.RegularExpressions.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\b905eb57b631a30c60caa4d68c186963\System.Web.Entity.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\9b9d3e3e44dc7d03bb96033a5b829a6b\System.Web.Entity.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e412dfbf1aa49bbe345a02a4d23104f5\System.Web.Entity.Design.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\ad2339c5f0fd9aa8a9989800825da487\System.Web.Entity.Design.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\8309dc5dd39b93f3e105a4d455b74a00\System.Web.DynamicData.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\815769f953ebe3f84439d522c97317b8\System.Web.DynamicData.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\c8144ee08dccdac183527e53c86aa901\System.Web.Abstractions.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\a79640760b61cc1c23ac3cfdfa6f0f3f\System.Web.Abstractions.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ec95ad2463c5588fc8ef552b3f375ee6\System.Transactions.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\05acafa7eb44049849a5aafd39147ee5\System.ServiceProcess.ni.dll
+ 2012-05-15 04:25 . 2012-05-15 04:25 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\1875b50d0228f29aef00bed38ab594d6\System.Security.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\3b3581851a728bef36f319e9d4c72499\System.Net.ni.dll
+ 2012-06-16 19:04 . 2012-06-16 19:04 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\d5d612f7d372f500e3062e3814e79d75\System.Messaging.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\b4297ef47e0839fce0145f665349dcc9\System.Messaging.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\599954438a668c94dd38e8e7e506ac2a\System.Management.Instrumentation.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\fd51741bfd973ad507bbd141e98932f8\System.IO.Log.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\ef6abe121bb11bff2514bfdfb7e76b7a\System.IdentityModel.Selectors.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.Wrapper.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\fbc02e9f5a14bb93082ebc88bc577413\System.Drawing.Design.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\e7abd70c16a5e638a7121fc5f68484cc\System.Drawing.Design.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\4bb1134d9b166434327385ddf3c5dd54\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\7c4ce1b8a2f83ef29aa6d5f126ab5b71\System.Data.Services.Design.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\19d1414f1ca718ce4d0c07e7305b3450\System.Data.DataSetExtensions.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\a88ca70ab9641b8236149bc5dd8d1564\System.Configuration.Install.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\4aebed13b5309398cd809454cafe472f\System.Configuration.Install.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\9536bb262c4f1ea389d287ab669767d4\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 890880 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\84262138e2e9f34c88fd282caa82baa5\System.AddIn.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\176899be7b920fb20408ff49e636a776\System.AddIn.Contract.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\ee0608cd62dfb37016016884fc39e425\sysglobl.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\9fa1abf006689e262527ae50d452e97e\SMSvcHost.ni.exe
+ 2012-05-15 04:58 . 2012-05-15 04:58 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\2eac9c598de3341eba5c16787c74f220\SMDiagnostics.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\89de197bdde5984658045ade41c2c9b9\PresentationFramework.Classic.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\7ffb91db770d0b09921f623bc5d68b4f\PresentationFramework.Luna.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4f3567165e2a444fc9a62980c4d0ea82\PresentationFramework.Aero.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\205bb33cef9ae6b906ceadd6f2861c86\PresentationFramework.Royale.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\bc8a2d99d8ebd29f94905072ccf4b3b8\napsnap.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\2f1bad2fb963482a02443d5e7fece2b6\napsnap.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\bb4947f0ecc925a7bcfd129b6eec8f9b\napinit.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\b79da521cf602154b475ea740cc7fd3b\napinit.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\5f0ae15f9d1cade37fbfaacff7e64bff\naphlpr.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\5346ceca518baf5e5fa3fed9f900f792\napcrypt.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\8f792883d0adad8c7beccf24aed65817\MSBuild.ni.exe
+ 2012-05-15 04:59 . 2012-05-15 04:59 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\926d20041c179cebc6f4398155b1b2c4\MMCFxCommon.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\67240ddde494b9cc05cd732ccd099668\MMCFxCommon.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\b78beede8a3c9720095dde4a4a162acc\Microsoft.WSMan.Management.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\83222514e209f186ad3a1c3794168bfd\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\a843956bb452503139683304de4cc8f6\Microsoft.Vsa.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\c56d6513e4b239b1b1dbe29b0588321a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\fb0d102ca78bd05fe7064b9e6be30fc7\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b21fa6ff448b99a97319e18c166c03e2\Microsoft.PowerShell.Security.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6c3fe42a14ac5b48ebd43be290973d24\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\2572e94f9d0b412cdc529c8d74fdb689\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f4faec8b6d3e2c327c68070963ec1750\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f04ccbbf5199d2b264f1b1175be44686\Microsoft.MediaCenter.Mheg.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f015188310f7613f819fcf032f98705a\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e29cbd30a31d3c8dae19eb17f70c4ec4\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c5f4ab28f67d5bf0cc221ef81e7f6966\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\6dbd502a13b5e3caae0b1f2b4847612f\Microsoft.MediaCenter.Playback.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\514667153fd74307d21e7f50b79858c9\Microsoft.MediaCenter.Interop.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\409dae089f2e041343cff71f822cd505\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\18367b9a0b9e9261d1d9e371230af87c\Microsoft.MediaCenter.Sports.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\803188573fb19785a94284e097c48a67\Microsoft.ManagementConsole.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\718cd5a598ed3e225a73b2aba7bcc1e1\Microsoft.ManagementConsole.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\d68a27daca73749e4438a47e61643c3c\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\3151235c1c38db94fd44e3c6f290ff38\Microsoft.Build.Utilities.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 121344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\cf5e9b5d10682467a9e03358a6d6258f\Microsoft.Build.Framework.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\0f233d0eb396065719e83ab573a72cc5\Microsoft.Build.Framework.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\2416af06edb993f98a751acb69f67016\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 107008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\2e54c0c284ab2337d24b5f5d26f457e1\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\74e4adc90675c3b1365825c7e78b5ce9\Mcx2Dvcs.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\4a1f9a648a3928d42b77a91666d9aa8a\mcupdate.ni.exe
+ 2012-05-15 04:58 . 2012-05-15 04:58 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\40d70417c04f9ccb5fdecb5b9be5a6a3\mcstoredb.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\927ada02b440d95fdf36a37ee96aaa54\mcplayerinterop.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\4ae6ccc32dafb4e3765b9db05585bd48\mcplayerinterop.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\b0db345fd62a84c98fd8b0bf3c72e8bb\mcGlidHostObj.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\35023ad5cb299ca2020bd660f5dba2fc\mcGlidHostObj.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\3fc113fe40d0145cd87afca2d107bf6d\MCESidebarCtrl.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\bc5df15ee827e248dd6f819874a85718\EventViewer.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\0bd8d37bc6f648d092e1d8034609a107\EventViewer.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\584d419d4c837ea19f7f450a807b0273\ehRecObj.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\20c3505378a50f4859c9b2e7dcbb5fa2\ehiWUapi.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\2f9f48ad6496c9103043db1c21a651fd\ehiwmp.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\0955237aa3c1cb3a643248b8c58ec34c\ehiUserXp.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\7998173654fa518876cc97e37b86d465\ehiiTv.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\6c97aa6908f96ac9816ce74e4f6251ac\ehiExtens.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\a501747a95523297a8a1f119df8b1642\ehiBmlDataCarousel.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 125440 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\880c8b97f2b065a3bbe27b7c37581d17\ehiActivScp.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\24d3859bba3ed02775f22c50ae5ab5a6\ehExtHost.ni.exe
+ 2012-06-16 19:04 . 2012-06-16 19:04 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\08c9aa18b306aa47ddc0ae4a63b05d04\ehExtHost.ni.exe
+ 2012-05-15 04:58 . 2012-05-15 04:58 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\ff7ef4caed03d6934669d1a39877a8ac\ehCIR.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\b7916689137fd0bc9ba1ba5a27e2a38a\CustomMarshalers.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\cc6e6febcd804604bf4d92d0eb8ec6ae\ComSvcConfig.ni.exe
+ 2012-05-15 04:58 . 2012-05-15 04:58 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\d18719c2df1334364cac199bb9c86adf\BDATunePIA.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\9d60139fdead64a892985181d663989f\WsatConfig.ni.exe
+ 2012-06-16 19:06 . 2012-06-16 19:06 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\5b4b71fd140484201d0e285a14cce17a\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e92c100773e1aa6e0094ac430b496ace\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e35141184454c11a98f333c5b7b5c4c3\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-05-15 04:53 . 2012-05-15 04:53 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dbbb5914ff727ce0f6793177c4da31ba\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2012-05-15 04:53 . 2012-05-15 04:53 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c3902b80bdc944a554776f5d6c07cff9\WindowsLive.Writer.Instrumentation.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ac47170bea9a3515287134ce8c3dae4a\WindowsLive.Writer.Interop.ni.dll
+ 2012-05-15 04:53 . 2012-05-15 04:53 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aab0bad2dc60d6748745835dc38c52c6\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8adf64dec1f056a5c36720ac34045370\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\882aeb909ff121fae01034b7e9627936\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8437eb811a83c1d04c10c6d91abc606b\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6f110f192197df8fd4d84e270edf7825\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-05-15 04:53 . 2012-05-15 04:53 374272 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\43f78ae7292b5d31b471b9ecf89430af\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3e388ec2100141e62e0f3cb81aa42ce0\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2bfd2895928710d7cf422c48b6e915d0\WindowsLive.Writer.Controls.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1af8e0bd9d63b6263bda26b9ffc1f053\WindowsLive.Writer.Api.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 223232 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\c5d63c774d84fccad17b4215692d4f02\WindowsLive.Client.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\779b08c46960a1824503aa6f089673fa\UIAutomationClient.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\f3e052584df9c614407da662dd3c3df3\TaskScheduler.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\06e4119a0a3484bb0ca667a16145ce74\System.Web.Routing.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\2b129372a27469195acbe3b6b81786ef\System.Web.RegularExpressions.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\4f13c2c06fb97f6659473f02802b377b\System.Web.Extensions.Design.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bc239944bca7cc6b6ddb473259183c7d\System.Web.Entity.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\3701488fb9e601ebe963db25b784d684\System.Web.Entity.Design.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a09cc9877f51f16a4610b702155e8b70\System.Web.DynamicData.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c6aad1edcc51862ceb26b6b65dad1490\System.Web.Abstractions.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\0b5f082230e3486412e0fa333290e85a\System.Net.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\8280490a2939075b726fd051d9010cc0\System.Management.Instrumentation.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\a03191ed937f6c1dc827b53d94ea0176\System.IO.Log.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\100d39c2f8985cb93e26feef86ba5212\System.IdentityModel.Selectors.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.Wrapper.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\912a0776c2bfd35ff76bd0b8ba977ed4\System.Drawing.Design.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\55545e89f96539ef93375524d1145a6f\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\4d73a7649876bb6e54a01ccbf235919b\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e36e03067b12bc35fcc3787dc81022c8\System.Data.Services.Design.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\5a29fff52e2c3d13ec15e8701027ab17\System.Data.Entity.Design.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\940f62a5d077405e0b324422afb6ff2c\System.Data.DataSetExtensions.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\498d2033c60fe5b777cf923b71b25972\System.Configuration.Install.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\a90ec436f1d2c5cb0133a53c2e47d61a\System.AddIn.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\1ed79278fe139272e868e3a53d736f22\sysglobl.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\1b0b19607668635281fa260707f4352f\SMSvcHost.ni.exe
+ 2012-05-15 04:54 . 2012-05-15 04:54 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae55e761d480fe15781156d1311a1837\PresentationFramework.Classic.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7df1f379457aa5f39183903d115b5479\PresentationFramework.Royale.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\496bc57a53989bb83ec58865fa34be1d\PresentationFramework.Luna.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\acfafa161ea232928cb02b01c50acf1c\napsnap.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\0abec246c5ca6ec4858bfd3ab84da0ec\napinit.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\e0c40329b9cdd7f141a3702d79eb4bda\naphlpr.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\74a8b6419deb005337a1e43ec2502134\MSBuild.ni.exe
+ 2012-06-16 19:07 . 2012-06-16 19:07 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\1e03b7c2539c5376f0665a4aba04efbd\MMCFxCommon.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\070505350ec9daa3343b3cd2bc8cf59e\Microsoft.WSMan.Management.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1e639225ba30d7f182b893ddacea506b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d4c36b363fcd1ca494218e74ba606e99\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ba2ca86f5d270f493501848843d2f227\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\607324a312b1c6d7fbede8300e8cee91\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1f1185444c8a12ace85ba4c2d49f41f8\Microsoft.PowerShell.Security.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\12715b7e3e89758161053520b57764b2\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\622b582866fca37f113bd97ae4c6d1f6\Microsoft.ManagementConsole.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\7e59b3b84ca3c61adfc0dc74a65ea177\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\07e346ee0e3f7433f2de7a72fadd6713\Microsoft.Build.Utilities.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\432160eff3b1f9301c6a74c2e647e03d\Microsoft.Build.Engine.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\8297305de86377d0070a983d99a7f943\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\541a5bb4d0f8490e506f885a4b435566\mcstoredb.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\02577b78c6ed2f9bda301de888dccad8\EventViewer.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\5ae5c6732ef8e7115baaeb66fd69cdd2\ehRecObj.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\fbfc09fefc5a4d33f9a009f0157875f0\ehiVidCtl.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\cbf3a07d3ab873b19f47d6a24f06c796\ehiProxy.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\5cc4a5672758f4732ef430b3431f47fc\ehiExtens.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\a6b8eb80cfbdd927b2fa4ecb69fc0209\ehExtHost32.ni.exe
+ 2012-05-15 04:54 . 2012-05-15 04:54 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\3912b69593af13d0922279a063e5af66\ComSvcConfig.ni.exe
+ 2012-05-15 04:53 . 2012-05-15 04:53 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\e1c3540ffb669448747187f76c6ebe82\BDATunePIA.ni.dll
- 2012-04-11 13:54 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-16 05:30 . 2012-04-23 22:35 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-02-18 19:49 . 2010-11-05 01:53 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-05-13 13:57 . 2012-01-04 02:50 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-05-13 13:57 . 2012-02-10 23:31 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-02-18 19:49 . 2010-11-05 01:53 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-02-18 19:49 . 2010-11-05 01:52 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-13 13:57 . 2012-02-10 23:29 358912 c:\windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-13 13:57 . 2012-02-10 23:31 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-02-18 19:49 . 2010-11-05 01:53 372736 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2012-08-21 21:11 . 2012-06-29 00:09 1129472 c:\windows\SysWOW64\wininet.dll
+ 2012-08-21 21:11 . 2012-06-29 00:09 1103872 c:\windows\SysWOW64\urlmon.dll
+ 2012-06-16 05:32 . 2012-05-04 10:03 3913072 c:\windows\SysWOW64\ntoskrnl.exe
- 2012-04-11 14:58 . 2012-03-06 05:59 3913072 c:\windows\SysWOW64\ntoskrnl.exe
+ 2012-06-16 05:32 . 2012-05-04 10:03 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
- 2012-04-11 14:58 . 2012-03-06 05:59 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-06-16 05:31 . 2012-04-07 11:26 2342400 c:\windows\SysWOW64\msi.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 4422992 c:\windows\SysWOW64\mfc100u.dll
+ 2011-06-11 05:58 . 2011-06-11 05:58 4397384 c:\windows\SysWOW64\mfc100.dll
+ 2012-08-21 21:11 . 2012-06-29 00:16 1800704 c:\windows\SysWOW64\jscript9.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 2321408 c:\windows\SysWOW64\igfxcmjit32.dll
+ 2012-03-19 20:26 . 2012-03-19 20:26 6120960 c:\windows\SysWOW64\igdumd32.dll
+ 2012-03-19 20:11 . 2012-03-19 20:11 7795200 c:\windows\SysWOW64\igd10umd32.dll
+ 2012-08-21 21:11 . 2012-06-29 00:01 1793024 c:\windows\SysWOW64\iertutil.dll
+ 2012-08-21 21:11 . 2012-06-29 00:27 9737728 c:\windows\SysWOW64\ieframe.dll
+ 2009-08-20 19:09 . 2009-08-20 19:09 1193832 c:\windows\SysWOW64\FM20.DLL
- 2012-03-13 20:15 . 2012-02-10 05:38 1077248 c:\windows\SysWOW64\DWrite.dll
+ 2012-05-13 13:58 . 2012-03-03 05:31 1077248 c:\windows\SysWOW64\DWrite.dll
+ 2012-06-16 05:31 . 2012-04-24 04:36 1158656 c:\windows\SysWOW64\crypt32.dll
+ 2012-06-24 12:09 . 2012-06-02 22:15 2622464 c:\windows\system32\wucltux.dll
+ 2012-06-24 12:09 . 2012-06-02 22:19 2428952 c:\windows\system32\wuaueng.dll
+ 2012-08-21 21:11 . 2012-06-29 03:49 1392128 c:\windows\system32\wininet.dll
+ 2011-02-25 00:01 . 2011-02-25 00:01 1721576 c:\windows\system32\WdfCoInstaller01009.dll
+ 2012-08-21 21:11 . 2012-06-29 03:49 1346048 c:\windows\system32\urlmon.dll
+ 2012-05-13 13:58 . 2012-03-31 05:40 1402880 c:\windows\system32\spool\drivers\x64\3\JNWDRV.dll
- 2009-07-14 00:03 . 2009-07-14 01:41 1402880 c:\windows\system32\spool\drivers\x64\3\JNWDRV.dll
+ 2012-06-16 05:32 . 2012-05-04 11:06 5559664 c:\windows\system32\ntoskrnl.exe
+ 2012-06-16 05:31 . 2012-04-07 12:31 3216384 c:\windows\system32\msi.dll
+ 2012-08-21 21:11 . 2012-06-29 03:56 2312704 c:\windows\system32\jscript9.dll
+ 2011-04-12 02:25 . 2012-03-19 19:16 9007616 c:\windows\system32\igfxress.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 2967040 c:\windows\system32\igfxcmjit64.dll
+ 2012-03-19 20:31 . 2012-03-19 20:31 8087040 c:\windows\system32\igdumd64.dll
+ 2011-04-12 02:25 . 2012-03-19 20:22 9605632 c:\windows\system32\igd10umd64.dll
+ 2012-08-21 21:11 . 2012-06-29 03:42 2144768 c:\windows\system32\iertutil.dll
+ 2012-03-19 20:44 . 2012-03-19 20:44 5888792 c:\windows\system32\GfxUI.exe
+ 2012-05-13 13:58 . 2012-03-03 06:35 1544704 c:\windows\system32\DWrite.dll
+ 2012-03-19 19:16 . 2012-03-19 19:16 9007616 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxress.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 2967040 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxcmjit64.dll
+ 2012-03-19 19:09 . 2012-03-19 19:09 2321408 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxcmjit32.dll
+ 2012-03-19 20:31 . 2012-03-19 20:31 8087040 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdumd64.dll
+ 2012-03-19 20:26 . 2012-03-19 20:26 6120960 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdumd32.dll
+ 2012-03-19 20:03 . 2012-03-19 20:03 3749888 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdbcl64.dll
+ 2012-03-19 20:00 . 2012-03-19 20:00 2866688 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdbcl32.dll
+ 2012-03-19 20:22 . 2012-03-19 20:22 9605632 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igd10umd64.dll
+ 2012-03-19 20:11 . 2012-03-19 20:11 7795200 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igd10umd32.dll
+ 2012-03-19 20:44 . 2012-03-19 20:44 5888792 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\GfxUI.exe
+ 2009-07-14 00:22 . 2009-07-14 01:41 1195008 c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
+ 2012-05-13 13:57 . 2012-03-30 11:35 1918320 c:\windows\system32\drivers\tcpip.sys
+ 2012-06-16 05:31 . 2012-04-24 05:37 1462272 c:\windows\system32\crypt32.dll
- 2009-07-14 04:45 . 2012-04-14 03:19 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-08-21 21:20 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-08-07 13:14 . 2012-06-16 22:33 1948560 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-10-13 00:45 . 2012-08-22 12:44 2971364 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2814915296-174591460-2764255659-1001-12288.dat
+ 2012-01-19 17:08 . 2012-01-19 17:08 1369872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsBase.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 6429992 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.dll
+ 2012-01-19 17:52 . 2012-01-19 17:52 3825952 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationCore.dll
+ 2012-03-15 17:17 . 2012-03-15 17:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 3512072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 4970768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 1455376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 1515792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 1512712 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
- 2011-11-22 03:57 . 2011-11-22 03:57 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
+ 2011-12-15 18:01 . 2011-12-15 18:01 9793280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
+ 2012-05-13 13:57 . 2012-02-10 23:29 2256152 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
+ 2012-06-16 05:33 . 2012-03-21 22:30 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
- 2011-10-16 04:12 . 2011-03-29 22:32 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
+ 2012-05-13 13:57 . 2012-01-04 03:34 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
- 2012-02-15 14:37 . 2011-10-31 23:15 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
- 2011-02-18 19:49 . 2010-11-05 01:57 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
+ 2012-06-16 05:33 . 2012-03-21 22:30 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
+ 2012-05-13 13:57 . 2012-01-04 03:34 9992464 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
- 2011-10-16 04:12 . 2011-07-08 22:31 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
+ 2012-05-13 13:57 . 2012-01-04 03:34 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
+ 2012-05-13 13:57 . 2012-01-04 03:34 1577232 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
+ 2012-05-13 13:57 . 2012-01-04 03:34 1756432 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscordacwks.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 1369872 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 6429992 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2012-01-19 17:08 . 2012-01-19 17:08 3790112 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2012-03-15 17:17 . 2012-03-15 17:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 3512072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 5201168 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 1143568 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
- 2011-11-22 02:31 . 2011-11-22 02:31 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 6727424 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2012-05-13 13:57 . 2012-02-10 23:31 1737496 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2012-06-16 05:33 . 2012-03-21 22:32 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2011-10-16 04:12 . 2011-03-29 22:33 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2012-02-15 14:37 . 2011-10-31 23:16 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-05-13 13:57 . 2012-01-04 02:51 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-06-16 05:33 . 2012-03-21 22:32 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2011-02-18 19:49 . 2010-11-05 01:58 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2012-05-13 13:57 . 2012-01-04 02:51 5925136 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-10-16 04:12 . 2011-07-08 22:33 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-05-13 13:57 . 2012-01-04 02:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-16 22:32 . 2012-06-16 22:32 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-04-11 15:00 . 2012-04-11 15:00 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

continued...

+ 2012-04-23 02:46 . 2012-04-23 02:46 1187328 c:\windows\Installer\c3d35a.msp
+ 2012-03-15 18:26 . 2012-03-15 18:26 4212736 c:\windows\Installer\c3d351.msp
+ 2006-08-29 21:50 . 2006-08-29 21:50 3210240 c:\windows\Installer\7d85b.msp
+ 2010-08-27 17:36 . 2010-08-27 17:36 2807296 c:\windows\Installer\7d846.msp
+ 2004-03-10 13:13 . 2004-03-10 13:13 2602496 c:\windows\Installer\7d82a.msp
+ 2010-08-18 14:19 . 2010-08-18 14:19 8400896 c:\windows\Installer\7d816.msp
+ 2004-09-13 04:35 . 2004-09-13 04:35 1452544 c:\windows\Installer\7d801.msp
+ 2009-08-20 19:27 . 2009-08-20 19:27 3622400 c:\windows\Installer\7d7ad.msp
+ 2011-04-28 16:23 . 2011-04-28 16:23 9607680 c:\windows\Installer\7d77e.msp
+ 2011-02-25 18:25 . 2011-02-25 18:25 7968256 c:\windows\Installer\7d768.msp
+ 2010-05-24 17:54 . 2010-05-24 17:54 6704640 c:\windows\Installer\7d752.msp
+ 2008-09-04 19:52 . 2008-09-04 19:52 4337664 c:\windows\Installer\3a4b81.msp
+ 2010-08-09 20:44 . 2010-08-09 20:44 3778048 c:\windows\Installer\3a4b58.msp
+ 2010-01-11 20:35 . 2010-01-11 20:35 4480000 c:\windows\Installer\3a4b2c.msp
+ 2006-02-27 20:31 . 2006-02-27 20:31 1269248 c:\windows\Installer\3a4b17.msp
+ 2010-10-04 17:59 . 2010-10-04 17:59 8300032 c:\windows\Installer\3a4b03.msp
+ 2006-03-28 19:37 . 2006-03-28 19:37 6956032 c:\windows\Installer\3a4aef.msp
+ 2001-03-02 04:38 . 2001-03-02 04:38 3485184 c:\windows\Installer\20b298e.msi
+ 2011-06-29 01:27 . 2011-06-29 01:27 4028928 c:\windows\Installer\1bc897.msp
+ 2011-06-06 16:55 . 2011-06-06 16:55 5509512 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AGM.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e41f5739292f4771c64a55940369efd2\WindowsBase.ni.dll
+ 2012-06-17 15:39 . 2012-06-17 15:39 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll
+ 2012-05-15 05:06 . 2012-05-15 05:06 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\6ee9d76d9f1e618cd6fb94b13355bcc9\UIAutomationClientsideProviders.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\28ca4f076264ab07f1d00a6c9623dc49\System.Xml.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\df013cbfec0defc7e9997cdaa90b89bc\System.Xaml.ni.dll
+ 2012-05-15 05:06 . 2012-05-15 05:06 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\9e50e3bca6cb19f9acab815d46f5e7e5\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-17 15:41 . 2012-06-17 15:41 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-05-15 05:06 . 2012-05-15 05:06 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\bc6df78c506c89659ab7be738179b2ba\System.Web.Services.ni.dll
+ 2012-05-15 05:06 . 2012-05-15 05:06 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\cd7c3aed4408c3554c30a8f0236b90e1\System.Speech.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\94289b88c5b494f572cd7114fa995487\System.ServiceModel.Activities.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\2dbc7aabd92cc0d470acb455c498d919\System.ServiceModel.Discovery.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\affb28e2d9cc3c19de0758e7e8c68e8f\System.Runtime.Serialization.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\b37e6f4b1d742031f328504eb99d0f6c\System.Runtime.DurableInstancing.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\682ea473b36fc9043d982c4f5a667568\System.Printing.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\b83f2453b4538b2e80fe09cfd94dce00\System.Management.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\60bf6251873ef465abcebeb9a24b7932\System.IdentityModel.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\8e10d4f2a408dc5a9740f8d0df5cebac\System.EnterpriseServices.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 2303488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\dadeee26c90fecbf3196eba10dc077b4\System.Drawing.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 2305024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\a68116468a194678fd04167067134712\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\3a737af86a6a819af97a6d1a04c0e944\System.DirectoryServices.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\f20144fba069563333d0f6be2e0b6e06\System.Deployment.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\0ec8effb7b9d03ae69d37922813bc880\System.Data.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\0eb72df497fad5c273ff16f88b0fb950\System.Data.SqlXml.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\536e12016ad3adc78e0708b77e6b9219\System.Data.Services.Client.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\86553c1d7f3e66c17fc3e0274de7a2de\System.Data.Linq.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\6aea67f24827961ce1d48356715389d8\System.Configuration.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\eac19ca5a18a6d08cd247e68b618ba68\System.ComponentModel.Composition.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\3869077874ba987242c791b3a18b2f8b\System.Activities.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\a7c19841c70fbce3b17ad3a46ee410d8\System.Activities.Presentation.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\96083298999a677341c98fc2bf01b248\System.Activities.Core.Presentation.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\fe1704ff12348776e6b70dd4a2c69163\ReachFramework.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\b0b05b1ecbfb813474f685de13027585\PresentationUI.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 1838080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\b1263a118c3f2f498cbeef23d79a16af\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\93536d93a44ce7d5a60faf1aeb55f49e\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 15:39 . 2012-06-17 15:39 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 15:39 . 2012-06-17 15:39 1838080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\4435d0313c51c0e2d022384e24f7e280\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\16425c121db8083cbaa51f619c9e51e7\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\5284682fcf04815a86233bcaf696da66\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\4b1d24a96b3882f9e77445e48a7c59ee\Microsoft.JScript.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\1ff62486cdefbfc2dab41b686a9aa4e2\Microsoft.CSharp.ni.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\24ed0e1df6a605cdb2088f87ae2ab8ff\UIAutomationClientsideProviders.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 9091584 c:\windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\7f0476e4df01ca2219f7db531408e91c\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\b37cc0aa41e7feaba9f290da4da91d71\System.Web.Services.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\f368c85283c4e6c9650dd1c8d369dcc5\System.Speech.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ec057796972ce41b751eaa3a8306fbcb\System.ServiceModel.Discovery.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5055b60e339143bbace5871f5fe4b114\System.ServiceModel.Activities.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f87f8bc0bc9563096150f23f6c220e7b\System.Printing.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\0fe1e56d17858b6156a3a46330f75f27\System.DirectoryServices.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e899cda47704280f54949c69b78c55cc\System.Deployment.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 2550272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\fdb98c6d783fe167c1dc0022f27b7cd6\System.Data.SqlXml.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\b894a1df3e6d58ada8f1aa303465ca23\System.Data.Services.Client.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\82c0c56ff8259e1440cfd0d5727a26d8\System.Data.Linq.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 7069184 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 4129280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\51025a1c89f6fd752a5396a059d608b2\System.Activities.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\36299fad6b7b591cfb6bd9e50dbd33df\System.Activities.Presentation.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 1546752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\66893548d2b2cad29cabf3b3578f356f\System.Activities.Core.Presentation.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\442af6f7c8b447bdec3ad8d23da89c5a\ReachFramework.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\cf455da9b8fedf66767c1a7ab3eea9c9\PresentationUI.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\42a7f127f3fda82fb12c6a6e144d08c1\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-06-17 15:38 . 2012-06-17 15:38 1136640 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\40e4b755f030a61f0b2e729258fc6d2a\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-17 15:37 . 2012-06-17 15:37 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll
+ 2012-05-15 04:56 . 2012-05-15 04:56 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9a37f4e64ce5b856ac3892fef064c7de\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\cfcc92c125ddfaabad24abe61cfc0471\Microsoft.JScript.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 1616896 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\9912b6d76c1017b5af6ef24730f550ca\Microsoft.CSharp.ni.dll
+ 2012-05-15 04:25 . 2012-05-15 04:25 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\783df1ee260d3df406fa80afa38502d4\UIAutomationClientsideProviders.ni.dll
+ 2012-05-15 04:25 . 2012-05-15 04:25 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\b7d8410b7226a2654823657f0a714441\System.WorkflowServices.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\70cc5e8a5a3372fe0b104c1b20392cd2\System.WorkflowServices.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\aa638ba79250284eb4af4adaa4a4117b\System.Workflow.Runtime.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\8ac687b7f43937c81f1c49d14975c740\System.Workflow.Runtime.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\996dc2af3b9e5c111130935f298908c6\System.Workflow.ComponentModel.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\6fdec1a3278d87cbbc5211736d446d32\System.Workflow.ComponentModel.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\178797db84abae2eeaed835bd28ca52c\System.Workflow.Activities.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\052fd2c15eb37e00cecf33f6d13d9b09\System.Workflow.Activities.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\a32734087cd0db5607d5744ca63235d7\System.Web.Services.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\6a0b589c4c1467f6b783991842a0f961\System.Web.Services.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\af7689e8cbec5d2755497be23c30e293\System.Web.Mobile.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\395c96f5d2a876805d3846d396081c79\System.Web.Mobile.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\e4860ce9959b3593834516b4a6a75593\System.Web.Extensions.Design.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\baa7ed93207641c186f79f82ee22aea0\System.Web.Extensions.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\768ea257d75839979b4efb2d49d653f6\System.Web.Extensions.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\2c47bc5d426a7cf9ffef1425eda08184\System.Web.Extensions.Design.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\ca51f026916139f886519fdf6d6c73e9\System.Speech.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\56ee9b5f220583c1c7374a61ad904044\System.ServiceModel.Web.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\f0bcd188487600cb07ce08dfd7b471ba\System.Printing.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\b964519964d302b4977e1380d8d15f1a\System.Printing.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\d1f21a29e79e73b5401fae156f339f67\System.IdentityModel.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 2317312 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\92c038385ee5b9840e941f9c84b988df\System.Drawing.ni.dll
+ 2012-06-16 19:00 . 2012-06-16 19:00 2318848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\39d16229a3d5c6e7c1594ef10758bf75\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\152ef61928f1c300fdad8fa6d5905880\System.DirectoryServices.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\7c7024b309424dfaf8abae617f669fa0\System.Deployment.ni.dll
+ 2012-06-16 19:00 . 2012-06-16 19:00 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6e4e9b07f376d445df1718c0011fa99b\System.Deployment.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\ea1848ec07c70f3d3c3445f4fbdae87a\System.Data.ni.dll
+ 2012-05-15 04:25 . 2012-05-15 04:25 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\7f6f74f1cc0ea6c40a2d6707b12af818\System.Data.SqlXml.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\0679fe5f3f9164f499e50cdade962ba3\System.Data.Services.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\2e9de1acfb7974cad94b747442ca325f\System.Data.Services.Client.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\97429a1c70c94c49850be3f944a32a2e\System.Data.OracleClient.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\2ec3d436b861d35c586b710a570e170d\System.Data.Linq.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\b7b5364bc524988f7ca5b8c20a24119d\System.Data.Entity.Design.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\766ce7ee1a2e4f2a85fd90e7572f5d53\System.Core.ni.dll
+ 2012-05-15 04:25 . 2012-05-15 04:25 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\d6379f3503f00cf1c2bb4f6118efdbd9\ReachFramework.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\1f88a3693c8ddd527a130aff49dc58b3\ReachFramework.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\b91c32fab08ba62d8c7681cc596895be\PresentationUI.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\5fa575ebe76aab9d9fd07ce601c0d2e1\PresentationUI.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\4fbff79b8ebf082d08c0080923ff5036\PresentationBuildTasks.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\d0c041e321cf4d752d5113a0cdbccbaa\Narrator.ni.exe
+ 2012-06-16 19:05 . 2012-06-16 19:05 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\ac1ba76ed19d668ce53a74593f040453\Narrator.ni.exe
+ 2012-06-16 19:05 . 2012-06-16 19:05 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\df2557ab1b8e4389d846e13dc82eba57\MMCEx.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\051b72a48f2c3f7ddd7353c7d5479b10\MMCEx.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\c79bf402b4840e3b0021f75cf467f82b\MIGUIControls.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\61812970c4743b686a67f28687e1dcb6\MIGUIControls.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\70b3f55017e9ddb67ce0f3c983eb6f37\Microsoft.VisualBasic.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1586ee919f86130df9771cf9b8d95d3a\Microsoft.VisualBasic.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\28ba52bc122353647f1b547506e2df7c\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f5790625975320b1ffad63b476da9132\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f29b31b09b826a27cced362030561d00\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d0328b4733d1a99d342a84928e319d4f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ca7e936eed0de2436d87b2601ee3a20a\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\99049fd20c2a5e2779e879c2d95c96a2\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6caa366471176a065a96d77e8ba01eeb\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3040e2de07177c0a6a66a49de61fdc59\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\efdc3b97b3c9d01dd00959970d086937\Microsoft.MediaCenter.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c057be8bb6614cce013af3721fe34983\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2012-06-16 19:04 . 2012-06-16 19:04 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b2afc0af3d89ae00e973b4e6e9db382c\Microsoft.MediaCenter.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\73bfbdccdc1b0ae87f70a0ec594fee3c\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-06-16 19:04 . 2012-06-16 19:04 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\653e1ee01f10d658d52ca42e17e74283\Microsoft.MediaCenter.UI.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5c50dfc78bd40be7ca0d850c781671e4\Microsoft.MediaCenter.UI.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\31fb31c16a37080687f869db6b443adf\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\260d83ee2128a3388051cf416d4450b0\Microsoft.MediaCenter.Shell.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\094f6a515ca31504f96b4bad5848d692\Microsoft.JScript.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\dac69844e6333484159a4cf544190906\Microsoft.Ink.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\a27890dd120635ba590a6fc9d9014197\Microsoft.Ink.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\588a688a0b71a211247d8e18b05d61e4\Microsoft.Build.Tasks.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4eeee4447f5045df9b4157d38d267de9\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4b362e9e25c33e371f06403edec8849a\Microsoft.Build.Tasks.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\33730d136a34d2f4e56a0322f49ee9b6\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\f1a0df6a86ceb708c5e50338f12b77ba\Microsoft.Build.Engine.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\6b727c7aa69ae3e04a869908bfbae696\Microsoft.Build.Engine.ni.dll
+ 2012-06-16 19:04 . 2012-06-16 19:04 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\cc4844e7242c1e35d145bf2439f944c5\mcstore.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\208e6937e39f8f516536ba5f23e79687\mcstore.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\596902addad034f4df2caf291b12d61d\mcepg.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 2165248 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\dcabda0d241272e0e2f08eacbd15e0b1\ehiVidCtl.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\0423915e377ec85d71ac216fafa77ab0\ehiProxy.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 7026176 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d3ded9525743f5484dd86c7806ec5553\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bb47137b3e002d82dc7c9f97eeec2c93\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7605419cce72fcf91bb7dbc31ebbbca5\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\328780f2db847d458362c28dfcb62bcd\WindowsLive.Writer.Localization.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\3b452cde57280624e1085699fe8beb03\UIAutomationClientsideProviders.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 7967232 c:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 5452800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\88bfc62ac0195a8ae673c444a3339505\System.Workflow.Runtime.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\cfb739be21092d5b8f7b4fde529e6aaa\System.Workflow.ComponentModel.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\a815fffab98375c1919df68b5b292725\System.Workflow.Activities.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4a90802e36dee6e10d9bf54832cbf549\System.Web.Mobile.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c45efc7ec92c1da8e67eb597559ec39c\System.Web.Extensions.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\83053c3eeb3255672d84c1ddc0ce8ef3\System.Speech.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\991dbe40be5b114ed705bb5b48e6b330\System.Printing.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\a8495b797e6f7adddc5811a4e1f97db5\System.Management.Automation.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ef0d8a4790c24a3a091170958bc7b976\System.DirectoryServices.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e9774272e9fc6ca49e6c616a31783040\System.Data.SqlXml.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\3285887b33030a7ce453573d3bed4e95\System.Data.Services.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\330d3ad45a00455b537047183e128def\System.Data.Services.Client.ni.dll
+ 2012-05-15 04:29 . 2012-05-15 04:29 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\0f4e07fb8b1b7e7133a98f478856f70c\System.Data.OracleClient.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\2fe1658f05b0a96fe25c956a31d27b06\System.Data.Linq.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\51a2589d5ee1c9c40fb6c56391570f9e\System.Data.Entity.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87f73de6e080d37be93adfc7d5c31d7a\ReachFramework.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll
+ 2012-05-15 04:55 . 2012-05-15 04:55 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b3f13707cbd5d48aabaa9ef5264c8a30\PresentationBuildTasks.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\17add09c98fa34255142d42697db53df\Narrator.ni.exe
+ 2012-06-16 19:07 . 2012-06-16 19:07 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\21abde8efab609732b2ade3f05234e79\MMCEx.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\0e7da0df83f0619e3b0e0a7d7ee05fa3\MIGUIControls.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\cd9e47effec6549cdec61eb3aef99f7c\Microsoft.Transactions.Bridge.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\99ae5f32cd1dc3618659bc3c77f2b2a9\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\77b5496d214dd5034294b058c0bb0e8d\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\72765e5fab12761eb6d3f58180fa34d7\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ce1d10f94b40f054017865757552f2d\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-16 19:06 . 2012-06-16 19:06 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7fab1ec8f5ed6a55a8a73b2c590bd7cd\Microsoft.MediaCenter.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\e3d2577e00aef6bc9b3e235eb83634f3\Microsoft.JScript.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\4d381048e3b9c0914c0f72c6aa0a599d\Microsoft.Ink.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3893fa9a19b52dee8b2cc424840d5d08\Microsoft.Build.Tasks.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\1d2250044b1ecff755e26ed12f6d27cb\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b66f52dbd8f87e53c3c9a1de7ca5bba\Microsoft.Build.Engine.ni.dll
+ 2012-06-16 19:07 . 2012-06-16 19:07 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\3a4e56a8d1075cf0af0619c383b3e592\mcstore.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\69b8de21b08c3412422c5918399ed702\mcepg.ni.dll
+ 2012-05-13 13:57 . 2012-02-10 23:31 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2011-02-18 19:49 . 2010-11-05 01:53 1253376 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-13 13:57 . 2012-01-04 02:51 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-02-15 14:37 . 2011-10-31 23:16 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-16 05:33 . 2012-03-21 22:32 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-10-16 04:12 . 2011-03-29 22:33 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-16 05:33 . 2012-03-21 22:32 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-02-18 19:49 . 2010-11-05 01:58 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-05-13 13:57 . 2012-02-10 23:31 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-13 13:57 . 2012-02-10 23:29 2256152 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
+ 2012-05-13 13:57 . 2012-02-10 23:29 3998208 c:\windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-13 13:57 . 2012-01-04 03:34 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-16 04:12 . 2011-07-08 22:31 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-13 13:57 . 2012-02-10 23:31 1737496 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
- 2011-02-18 19:49 . 2010-11-05 01:53 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-13 13:57 . 2012-02-10 23:31 4218880 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-13 13:57 . 2012-01-04 02:50 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-16 04:12 . 2011-07-08 22:33 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-06-24 23:07 . 2012-06-24 23:07 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-21 23:40 . 2012-03-21 23:40 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-10 21:37 . 2012-06-09 04:41 12873728 c:\windows\SysWOW64\shell32.dll
+ 2012-08-21 21:11 . 2012-06-29 00:52 12317184 c:\windows\SysWOW64\mshtml.dll
+ 2012-03-19 19:21 . 2012-03-19 19:21 13212672 c:\windows\SysWOW64\ig4icd32.dll
+ 2009-07-14 02:34 . 2012-08-21 21:17 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-08-21 21:11 . 2012-06-29 04:55 17809920 c:\windows\system32\mshtml.dll
+ 2012-03-19 19:31 . 2012-03-19 19:31 18137088 c:\windows\system32\ig4icd64.dll
+ 2012-08-21 21:11 . 2012-06-29 04:09 10925568 c:\windows\system32\ieframe.dll
+ 2012-03-19 20:32 . 2012-03-19 20:32 14745600 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdkmd64.sys
+ 2012-03-19 19:55 . 2012-03-19 19:55 28992000 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdfcl64.dll
+ 2012-03-19 19:43 . 2012-03-19 19:43 23460864 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdfcl32.dll
+ 2012-03-19 19:33 . 2012-03-19 19:33 17226240 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\ig7icd64.dll
+ 2012-03-19 19:23 . 2012-03-19 19:23 13024256 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\ig7icd32.dll
+ 2012-03-19 19:31 . 2012-03-19 19:31 18137088 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\ig4icd64.dll
+ 2012-03-19 19:21 . 2012-03-19 19:21 13212672 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\ig4icd32.dll
+ 2012-03-19 20:32 . 2012-03-19 20:32 14745600 c:\windows\system32\drivers\igdkmd64.sys
+ 2011-10-13 00:45 . 2012-08-29 21:26 36655243 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2814915296-174591460-2764255659-1001-8192.dat
+ 2012-01-19 18:20 . 2012-01-19 18:20 11997696 c:\windows\Installer\b4f342.msp
+ 2011-12-15 18:54 . 2011-12-15 18:54 39732736 c:\windows\Installer\b4f335.msp
+ 2012-05-20 07:00 . 2012-05-20 07:00 53217792 c:\windows\Installer\93c2a0.msp
+ 2012-07-28 01:47 . 2012-07-28 01:47 13123584 c:\windows\Installer\3cdaa.msp
+ 2011-04-27 23:21 . 2011-04-27 23:21 17515520 c:\windows\Installer\3a4baa.msp
+ 2012-06-03 18:31 . 2012-06-03 18:31 12962304 c:\windows\Installer\2010d8.msi
+ 2004-01-30 07:19 . 2004-01-30 07:19 56269996 c:\windows\Installer\1bc87e.msp
+ 2005-09-25 15:46 . 2005-09-25 15:46 16084480 c:\windows\Installer\19884cf.msp
+ 2009-07-20 16:03 . 2009-07-20 16:03 16465408 c:\windows\Installer\19884b5.msp
+ 2012-05-14 02:06 . 2012-05-14 02:06 11880448 c:\windows\assembly\NativeImages_v4.0.30319_64\System\935aea6e7eae16674abdd96a68ec97af\System.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll
+ 2012-05-15 05:04 . 2012-05-15 05:04 17353728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\401ebcc2dd54ce1e0d63a544f7ed7b8a\System.Windows.Forms.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\c4cc7eb7733c4221c32caccfd66ae320\System.ServiceModel.ni.dll
+ 2012-05-15 05:05 . 2012-05-15 05:05 18479616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9df4e7ae75baa7bbb1af30c8061a6e9b\System.Data.Entity.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 10440192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\b64f213e823a591607c45fac4997801e\System.Core.ni.dll
+ 2012-06-17 15:40 . 2012-06-17 15:40 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll
+ 2012-05-15 05:03 . 2012-05-15 05:03 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\34c2013b5f730680bd610d6a98d2977f\PresentationFramework.ni.dll
+ 2012-06-17 15:39 . 2012-06-17 15:39 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll
+ 2012-05-15 05:02 . 2012-05-15 05:02 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\4464e9df7184e3393b4cbb0f6dc286ba\PresentationCore.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 19353600 c:\windows\assembly\NativeImages_v4.0.30319_64\mscorlib\6087fce8f76d9af69af496cb10b7d1ee\mscorlib.ni.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 13198336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll
+ 2012-05-15 04:57 . 2012-05-15 04:57 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\7aa839fb16503243d6ae454ab334bcf4\System.Data.Entity.ni.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
+ 2012-06-16 22:33 . 2012-06-16 22:33 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
+ 2012-05-14 02:06 . 2012-05-14 02:06 14412800 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
+ 2012-05-15 04:25 . 2012-05-15 04:25 10624512 c:\windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e2ca64137e0da231edc4d158b153e4b7\System.Windows.Forms.ni.dll
+ 2012-06-16 19:00 . 2012-06-16 19:00 17383424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\1cb5a7cbd9cdf50f1d48cee830331c9f\System.Web.ni.dll
+ 2012-05-15 04:58 . 2012-05-15 04:58 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f74b2d1b8cf279ff6bfe479f79e70fe9\System.ServiceModel.ni.dll
+ 2012-05-15 05:00 . 2012-05-15 05:00 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\00c4a761d0a5cafc00f34d763fe76ac4\System.Management.Automation.ni.dll
+ 2012-05-15 04:27 . 2012-05-15 04:27 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\78c747493d14dd3db5134d26e623851c\System.Design.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\582144c0ee317038621aebc626187b56\System.Design.ni.dll
+ 2012-05-15 05:01 . 2012-05-15 05:01 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\daaff9fe9c85fc171d426a3cb6766dbb\System.Data.Entity.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9aa6320f06da2553fb04e78722c739c8\PresentationFramework.ni.dll
+ 2012-06-16 19:01 . 2012-06-16 19:01 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll
+ 2012-05-15 04:26 . 2012-05-15 04:26 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4dc6e89ac37368291890ba27c374208b\PresentationCore.ni.dll
+ 2012-06-16 19:00 . 2012-06-16 19:00 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll
+ 2012-05-15 04:25 . 2012-05-15 04:25 15570944 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
+ 2012-05-15 04:59 . 2012-05-15 04:59 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\d19a72cf466c23b193009386b25049ba\ehshell.ni.dll
+ 2012-06-16 19:05 . 2012-06-16 19:05 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\0c1f96a4136efe532bbb8eb91d3de300\ehshell.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 12436480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
+ 2012-05-15 04:54 . 2012-05-15 04:54 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c144f89b1f8f292d6940a1b2f8ffbec\System.Design.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
+ 2012-06-16 18:59 . 2012-06-16 18:59 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
+ 2012-05-15 04:28 . 2012-05-15 04:28 11492864 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7aeb3efd-e564-43f1-b658-5058a7c5743b}"= "c:\program files (x86)\vshare.tv_Bar\prxtbvsha.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7aeb3efd-e564-43f1-b658-5058a7c5743b}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7aeb3efd-e564-43f1-b658-5058a7c5743b}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\vshare.tv_Bar\prxtbvsha.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7aeb3efd-e564-43f1-b658-5058a7c5743b}"= "c:\program files (x86)\vshare.tv_Bar\prxtbvsha.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7aeb3efd-e564-43f1-b658-5058a7c5743b}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-16 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-02 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-02-25 40448]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"VirtualCloneDrive"="c:\program files (x86)\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-2 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2012-1-7 12862]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIService]
@=""
.
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\Brian\Desktop\Emisoft\Run\a2ddax64.sys [2012-08-30 23208]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-04-05 253528]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 135664]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-14 2009704]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-22 250568]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;e:\i386\AsPrOb64.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 135664]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-04-05 60504]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-16 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-03-08 25960]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 12:39]
.
2012-08-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2814915296-174591460-2764255659-1001Core.job
- c:\users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-13 16:09]
.
2012-08-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2814915296-174591460-2764255659-1001UA.job
- c:\users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-13 16:09]
.
2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 04:36]
.
2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 04:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 207.22.166.2 207.22.166.61
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AIM for Windows - c:\users\Brian\AppData\Local\AOL\AIM\aim.exe
Wow6432Node-HKCU-Run-ladevi - c:\users\Brian\AppData\Roaming\ladevi.dll
Wow6432Node-HKCU-Run-ovcroe - c:\users\Brian\AppData\Roaming\ovcroe.dll
Wow6432Node-HKLM-Run-Ad-Aware Browsing Protection - c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe
WebBrowser-{7AEB3EFD-E564-43F1-B658-5058A7C5743B} - (no file)
AddRemove-Veetle TV - c:\program files (x86)\Veetle\UninstallVeetleTV.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-01 13:11:06
ComboFix-quarantined-files.txt 2012-09-01 17:11
ComboFix2.txt 2012-04-19 00:50
.
Pre-Run: 10,049,396,736 bytes free
Post-Run: 11,801,432,064 bytes free
.
- - End Of File - - 98A56F451F6B3C131780409EF4DBB4D8

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:09 PM

Posted 01 September 2012 - 12:30 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 RealTalk

RealTalk
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 01 September 2012 - 02:30 PM

15:28:43.0011 15056 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
15:28:44.0442 15056 ============================================================
15:28:44.0442 15056 Current date / time: 2012/09/01 15:28:44.0442
15:28:44.0442 15056 SystemInfo:
15:28:44.0442 15056
15:28:44.0442 15056 OS Version: 6.1.7601 ServicePack: 1.0
15:28:44.0442 15056 Product type: Workstation
15:28:44.0442 15056 ComputerName: BRIANASUS
15:28:44.0442 15056 UserName: Brian
15:28:44.0442 15056 Windows directory: C:\Windows
15:28:44.0442 15056 System windows directory: C:\Windows
15:28:44.0442 15056 Running under WOW64
15:28:44.0442 15056 Processor architecture: Intel x64
15:28:44.0442 15056 Number of processors: 8
15:28:44.0442 15056 Page size: 0x1000
15:28:44.0442 15056 Boot type: Normal boot
15:28:44.0442 15056 ============================================================
15:28:44.0801 15056 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:28:44.0817 15056 ============================================================
15:28:44.0817 15056 \Device\Harddisk0\DR0:
15:28:44.0817 15056 MBR partitions:
15:28:44.0817 15056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x1749C000
15:28:44.0832 15056 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A69D000, BlocksNum 0x1FCE8800
15:28:44.0832 15056 ============================================================
15:28:44.0864 15056 C: <-> \Device\Harddisk0\DR0\Partition1
15:28:44.0879 15056 D: <-> \Device\Harddisk0\DR0\Partition2
15:28:44.0879 15056 ============================================================
15:28:44.0879 15056 Initialize success
15:28:44.0879 15056 ============================================================
15:28:49.0138 12820 ============================================================
15:28:49.0138 12820 Scan started
15:28:49.0138 12820 Mode: Manual;
15:28:49.0138 12820 ============================================================
15:28:49.0934 12820 ================ Scan system memory ========================
15:28:49.0934 12820 System memory - ok
15:28:49.0934 12820 ================ Scan services =============================
15:28:50.0152 12820 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:28:50.0152 12820 1394ohci - ok
15:28:50.0261 12820 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Users\Brian\Desktop\Emisoft\Run\a2ddax64.sys
15:28:50.0261 12820 A2DDA - ok
15:28:50.0277 12820 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:28:50.0292 12820 ACPI - ok
15:28:50.0308 12820 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:28:50.0308 12820 AcpiPmi - ok
15:28:50.0417 12820 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:28:50.0417 12820 AdobeARMservice - ok
15:28:50.0542 12820 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:28:50.0542 12820 AdobeFlashPlayerUpdateSvc - ok
15:28:50.0573 12820 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:28:50.0573 12820 adp94xx - ok
15:28:50.0604 12820 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:28:50.0604 12820 adpahci - ok
15:28:50.0620 12820 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:28:50.0620 12820 adpu320 - ok
15:28:50.0667 12820 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:28:50.0667 12820 AeLookupSvc - ok
15:28:50.0698 12820 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
15:28:50.0714 12820 AFBAgent - ok
15:28:50.0745 12820 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:28:50.0745 12820 AFD - ok
15:28:50.0776 12820 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:28:50.0776 12820 agp440 - ok
15:28:50.0792 12820 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:28:50.0792 12820 ALG - ok
15:28:50.0823 12820 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:28:50.0823 12820 aliide - ok
15:28:50.0838 12820 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:28:50.0838 12820 amdide - ok
15:28:50.0854 12820 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:28:50.0854 12820 AmdK8 - ok
15:28:50.0854 12820 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:28:50.0854 12820 AmdPPM - ok
15:28:50.0901 12820 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:28:50.0901 12820 amdsata - ok
15:28:50.0916 12820 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:28:50.0916 12820 amdsbs - ok
15:28:50.0932 12820 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:28:50.0932 12820 amdxata - ok
15:28:51.0041 12820 [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
15:28:51.0041 12820 Amsp - ok
15:28:51.0088 12820 [ 9C7F164B49CADC658D1B3C575782F346 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
15:28:51.0088 12820 AmUStor - ok
15:28:51.0119 12820 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:28:51.0119 12820 AppID - ok
15:28:51.0135 12820 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:28:51.0135 12820 AppIDSvc - ok
15:28:51.0150 12820 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:28:51.0150 12820 Appinfo - ok
15:28:51.0182 12820 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:28:51.0182 12820 arc - ok
15:28:51.0197 12820 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:28:51.0197 12820 arcsas - ok
15:28:51.0244 12820 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:28:51.0244 12820 ASLDRService - ok
15:28:51.0260 12820 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:28:51.0260 12820 ASMMAP64 - ok
15:28:51.0275 12820 ASUSProcObsrv - ok
15:28:51.0338 12820 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:28:51.0338 12820 aswFsBlk - ok
15:28:51.0369 12820 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:28:51.0369 12820 aswMonFlt - ok
15:28:51.0384 12820 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:28:51.0384 12820 aswRdr - ok
15:28:51.0431 12820 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:28:51.0447 12820 aswSnx - ok
15:28:51.0478 12820 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:28:51.0478 12820 aswSP - ok
15:28:51.0509 12820 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:28:51.0509 12820 aswTdi - ok
15:28:51.0525 12820 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:28:51.0525 12820 AsyncMac - ok
15:28:51.0556 12820 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:28:51.0556 12820 atapi - ok
15:28:51.0572 12820 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
15:28:51.0572 12820 AthBTPort - ok
15:28:51.0618 12820 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
15:28:51.0618 12820 Atheros Bt&Wlan Coex Agent - ok
15:28:51.0618 12820 [ 21753130331188C4B474E1D3B396E629 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
15:28:51.0618 12820 AtherosSvc - ok
15:28:51.0665 12820 [ DE8B9C3E0E09D918B394207F34AC16DD ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:28:51.0681 12820 athr - ok
15:28:51.0696 12820 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:28:51.0696 12820 ATKGFNEXSrv - ok
15:28:51.0743 12820 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
15:28:51.0743 12820 atksgt - ok
15:28:51.0759 12820 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:28:51.0759 12820 ATKWMIACPIIO - ok
15:28:51.0790 12820 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:28:51.0790 12820 AudioEndpointBuilder - ok
15:28:51.0806 12820 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:28:51.0821 12820 AudioSrv - ok
15:28:51.0915 12820 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:28:51.0915 12820 avast! Antivirus - ok
15:28:51.0962 12820 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:28:51.0962 12820 AxInstSV - ok
15:28:52.0024 12820 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:28:52.0024 12820 b06bdrv - ok
15:28:52.0086 12820 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:28:52.0086 12820 b57nd60a - ok
15:28:52.0118 12820 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:28:52.0118 12820 BDESVC - ok
15:28:52.0133 12820 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:28:52.0133 12820 Beep - ok
15:28:52.0180 12820 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:28:52.0180 12820 BFE - ok
15:28:52.0289 12820 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:28:52.0305 12820 BITS - ok
15:28:52.0352 12820 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:28:52.0352 12820 blbdrive - ok
15:28:52.0367 12820 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:28:52.0367 12820 bowser - ok
15:28:52.0383 12820 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:28:52.0383 12820 BrFiltLo - ok
15:28:52.0398 12820 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:28:52.0398 12820 BrFiltUp - ok
15:28:52.0430 12820 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:28:52.0430 12820 BridgeMP - ok
15:28:52.0461 12820 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:28:52.0461 12820 Browser - ok
15:28:52.0476 12820 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:28:52.0476 12820 Brserid - ok
15:28:52.0492 12820 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:28:52.0492 12820 BrSerWdm - ok
15:28:52.0492 12820 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:28:52.0492 12820 BrUsbMdm - ok
15:28:52.0508 12820 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:28:52.0508 12820 BrUsbSer - ok
15:28:52.0539 12820 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
15:28:52.0539 12820 BTATH_A2DP - ok
15:28:52.0570 12820 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
15:28:52.0570 12820 BTATH_BUS - ok
15:28:52.0586 12820 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
15:28:52.0601 12820 BTATH_HCRP - ok
15:28:52.0617 12820 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
15:28:52.0617 12820 BTATH_LWFLT - ok
15:28:52.0632 12820 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
15:28:52.0632 12820 BTATH_RCP - ok
15:28:52.0664 12820 [ AA0F5AFCF077C5246589B32ECEEAE566 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
15:28:52.0664 12820 BtFilter - ok
15:28:52.0710 12820 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:28:52.0710 12820 BthEnum - ok
15:28:52.0726 12820 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:28:52.0726 12820 BTHMODEM - ok
15:28:52.0742 12820 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:28:52.0742 12820 BthPan - ok
15:28:52.0788 12820 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:28:52.0788 12820 BTHPORT - ok
15:28:52.0804 12820 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:28:52.0804 12820 bthserv - ok
15:28:52.0820 12820 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:28:52.0820 12820 BTHUSB - ok
15:28:52.0835 12820 catchme - ok
15:28:52.0851 12820 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:28:52.0851 12820 cdfs - ok
15:28:52.0882 12820 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:28:52.0882 12820 cdrom - ok
15:28:52.0913 12820 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:28:52.0913 12820 CertPropSvc - ok
15:28:52.0929 12820 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:28:52.0929 12820 circlass - ok
15:28:52.0944 12820 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:28:52.0960 12820 CLFS - ok
15:28:53.0022 12820 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:28:53.0038 12820 clr_optimization_v2.0.50727_32 - ok
15:28:53.0116 12820 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:28:53.0116 12820 clr_optimization_v2.0.50727_64 - ok
15:28:53.0194 12820 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:28:53.0194 12820 clr_optimization_v4.0.30319_32 - ok
15:28:53.0225 12820 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:28:53.0225 12820 clr_optimization_v4.0.30319_64 - ok
15:28:53.0241 12820 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:28:53.0241 12820 CmBatt - ok
15:28:53.0256 12820 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:28:53.0256 12820 cmdide - ok
15:28:53.0303 12820 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:28:53.0303 12820 CNG - ok
15:28:53.0334 12820 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:28:53.0334 12820 Compbatt - ok
15:28:53.0350 12820 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:28:53.0350 12820 CompositeBus - ok
15:28:53.0366 12820 COMSysApp - ok
15:28:53.0412 12820 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:28:53.0412 12820 cphs - ok
15:28:53.0428 12820 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:28:53.0428 12820 crcdisk - ok
15:28:53.0444 12820 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:28:53.0444 12820 CryptSvc - ok
15:28:53.0475 12820 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:28:53.0490 12820 DcomLaunch - ok
15:28:53.0506 12820 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:28:53.0522 12820 defragsvc - ok
15:28:53.0522 12820 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:28:53.0522 12820 DfsC - ok
15:28:53.0553 12820 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:28:53.0553 12820 Dhcp - ok
15:28:53.0568 12820 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:28:53.0584 12820 discache - ok
15:28:53.0615 12820 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:28:53.0615 12820 Disk - ok
15:28:53.0631 12820 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:28:53.0631 12820 Dnscache - ok
15:28:53.0678 12820 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:28:53.0678 12820 dot3svc - ok
15:28:53.0709 12820 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:28:53.0709 12820 DPS - ok
15:28:53.0724 12820 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:28:53.0724 12820 drmkaud - ok
15:28:53.0756 12820 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:28:53.0756 12820 DXGKrnl - ok
15:28:53.0771 12820 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:28:53.0787 12820 EapHost - ok
15:28:53.0943 12820 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:28:53.0958 12820 ebdrv - ok
15:28:54.0036 12820 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:28:54.0036 12820 EFS - ok
15:28:54.0083 12820 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:28:54.0083 12820 ehRecvr - ok
15:28:54.0083 12820 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:28:54.0099 12820 ehSched - ok
15:28:54.0130 12820 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
15:28:54.0130 12820 ElbyCDIO - ok
15:28:54.0177 12820 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:28:54.0192 12820 elxstor - ok
15:28:54.0192 12820 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:28:54.0192 12820 ErrDev - ok
15:28:54.0239 12820 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:28:54.0239 12820 ETD - ok
15:28:54.0255 12820 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:28:54.0270 12820 EventSystem - ok
15:28:54.0286 12820 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:28:54.0286 12820 exfat - ok
15:28:54.0333 12820 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:28:54.0333 12820 fastfat - ok
15:28:54.0348 12820 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:28:54.0364 12820 Fax - ok
15:28:54.0380 12820 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:28:54.0380 12820 fdc - ok
15:28:54.0411 12820 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:28:54.0411 12820 fdPHost - ok
15:28:54.0426 12820 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:28:54.0426 12820 FDResPub - ok
15:28:54.0458 12820 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:28:54.0458 12820 FileInfo - ok
15:28:54.0458 12820 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:28:54.0458 12820 Filetrace - ok
15:28:54.0458 12820 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:28:54.0458 12820 flpydisk - ok
15:28:54.0473 12820 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:28:54.0473 12820 FltMgr - ok
15:28:54.0504 12820 [ 10B5AB16C34D4E316EDB825386F57DA6 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
15:28:54.0520 12820 FLxHCIc - ok
15:28:54.0536 12820 [ 66DE264C2DEFE746CB2E71F3A5EB5C2C ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
15:28:54.0536 12820 FLxHCIh - ok
15:28:54.0598 12820 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:28:54.0598 12820 FontCache - ok
15:28:54.0645 12820 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:28:54.0645 12820 FontCache3.0.0.0 - ok
15:28:54.0676 12820 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:28:54.0676 12820 FsDepends - ok
15:28:54.0707 12820 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:28:54.0707 12820 fssfltr - ok
15:28:54.0863 12820 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:28:54.0879 12820 fsssvc - ok
15:28:54.0926 12820 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:28:54.0926 12820 Fs_Rec - ok
15:28:54.0941 12820 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:28:54.0941 12820 fvevol - ok
15:28:54.0972 12820 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:28:54.0972 12820 gagp30kx - ok
15:28:55.0004 12820 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:28:55.0004 12820 gpsvc - ok
15:28:55.0050 12820 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:28:55.0050 12820 gupdate - ok
15:28:55.0082 12820 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:28:55.0082 12820 gupdatem - ok
15:28:55.0097 12820 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:28:55.0097 12820 hcw85cir - ok
15:28:55.0113 12820 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:28:55.0113 12820 HdAudAddService - ok
15:28:55.0144 12820 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:28:55.0144 12820 HDAudBus - ok
15:28:55.0160 12820 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:28:55.0160 12820 HidBatt - ok
15:28:55.0175 12820 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:28:55.0175 12820 HidBth - ok
15:28:55.0206 12820 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:28:55.0206 12820 HidIr - ok
15:28:55.0222 12820 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:28:55.0222 12820 hidserv - ok
15:28:55.0253 12820 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:28:55.0253 12820 HidUsb - ok
15:28:55.0269 12820 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:28:55.0269 12820 hkmsvc - ok
15:28:55.0284 12820 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:28:55.0284 12820 HomeGroupListener - ok
15:28:55.0331 12820 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:28:55.0331 12820 HomeGroupProvider - ok
15:28:55.0347 12820 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:28:55.0347 12820 HpSAMD - ok
15:28:55.0378 12820 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:28:55.0378 12820 HTTP - ok
15:28:55.0394 12820 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:28:55.0394 12820 hwpolicy - ok
15:28:55.0409 12820 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:28:55.0409 12820 i8042prt - ok
15:28:55.0440 12820 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:28:55.0440 12820 iaStor - ok
15:28:55.0503 12820 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:28:55.0503 12820 iaStorV - ok
15:28:55.0550 12820 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:28:55.0550 12820 idsvc - ok
15:28:56.0049 12820 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:28:56.0127 12820 igfx - ok
15:28:56.0189 12820 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:28:56.0189 12820 iirsp - ok
15:28:56.0236 12820 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:28:56.0252 12820 IKEEXT - ok
15:28:56.0330 12820 [ 177B4E48C7A288E70779B42AB81D2D06 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:28:56.0345 12820 IntcAzAudAddService - ok
15:28:56.0392 12820 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:28:56.0408 12820 IntcDAud - ok
15:28:56.0423 12820 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:28:56.0423 12820 intelide - ok
15:28:56.0454 12820 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:28:56.0454 12820 intelppm - ok
15:28:56.0470 12820 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:28:56.0470 12820 IPBusEnum - ok
15:28:56.0486 12820 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:28:56.0501 12820 IpFilterDriver - ok
15:28:56.0532 12820 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:28:56.0532 12820 iphlpsvc - ok
15:28:56.0548 12820 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:28:56.0548 12820 IPMIDRV - ok
15:28:56.0564 12820 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:28:56.0564 12820 IPNAT - ok
15:28:56.0579 12820 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:28:56.0579 12820 IRENUM - ok
15:28:56.0595 12820 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:28:56.0595 12820 isapnp - ok
15:28:56.0626 12820 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:28:56.0626 12820 iScsiPrt - ok
15:28:56.0642 12820 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:28:56.0642 12820 kbdclass - ok
15:28:56.0657 12820 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:28:56.0657 12820 kbdhid - ok
15:28:56.0688 12820 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
15:28:56.0688 12820 kbfiltr - ok
15:28:56.0688 12820 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:28:56.0688 12820 KeyIso - ok
15:28:56.0720 12820 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:28:56.0720 12820 KSecDD - ok
15:28:56.0751 12820 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:28:56.0751 12820 KSecPkg - ok
15:28:56.0751 12820 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:28:56.0751 12820 ksthunk - ok
15:28:56.0782 12820 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:28:56.0782 12820 KtmRm - ok
15:28:56.0813 12820 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
15:28:56.0813 12820 L1C - ok
15:28:56.0844 12820 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:28:56.0844 12820 LanmanServer - ok
15:28:56.0860 12820 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:28:56.0860 12820 LanmanWorkstation - ok
15:28:56.0907 12820 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
15:28:56.0907 12820 lirsgt - ok
15:28:56.0938 12820 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:28:56.0938 12820 lltdio - ok
15:28:56.0954 12820 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:28:56.0969 12820 lltdsvc - ok
15:28:56.0985 12820 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:28:56.0985 12820 lmhosts - ok
15:28:57.0032 12820 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:28:57.0047 12820 LMS - ok
15:28:57.0094 12820 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:28:57.0094 12820 LSI_FC - ok
15:28:57.0110 12820 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:28:57.0110 12820 LSI_SAS - ok
15:28:57.0125 12820 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:28:57.0125 12820 LSI_SAS2 - ok
15:28:57.0141 12820 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:28:57.0141 12820 LSI_SCSI - ok
15:28:57.0156 12820 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:28:57.0156 12820 luafv - ok
15:28:57.0172 12820 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:28:57.0188 12820 Mcx2Svc - ok
15:28:57.0203 12820 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:28:57.0203 12820 megasas - ok
15:28:57.0234 12820 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:28:57.0234 12820 MegaSR - ok
15:28:57.0266 12820 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:28:57.0266 12820 MEIx64 - ok
15:28:57.0281 12820 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:28:57.0281 12820 MMCSS - ok
15:28:57.0312 12820 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:28:57.0312 12820 Modem - ok
15:28:57.0344 12820 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:28:57.0344 12820 monitor - ok
15:28:57.0375 12820 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:28:57.0375 12820 mouclass - ok
15:28:57.0390 12820 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:28:57.0390 12820 mouhid - ok
15:28:57.0406 12820 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:28:57.0422 12820 mountmgr - ok
15:28:57.0437 12820 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:28:57.0437 12820 mpio - ok
15:28:57.0453 12820 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:28:57.0453 12820 mpsdrv - ok
15:28:57.0500 12820 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:28:57.0515 12820 MpsSvc - ok
15:28:57.0531 12820 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:28:57.0531 12820 MRxDAV - ok
15:28:57.0546 12820 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:28:57.0546 12820 mrxsmb - ok
15:28:57.0578 12820 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:28:57.0578 12820 mrxsmb10 - ok
15:28:57.0593 12820 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:28:57.0593 12820 mrxsmb20 - ok
15:28:57.0609 12820 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:28:57.0609 12820 msahci - ok
15:28:57.0624 12820 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:28:57.0624 12820 msdsm - ok
15:28:57.0640 12820 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:28:57.0640 12820 MSDTC - ok
15:28:57.0671 12820 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:28:57.0671 12820 Msfs - ok
15:28:57.0687 12820 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:28:57.0687 12820 mshidkmdf - ok
15:28:57.0687 12820 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:28:57.0702 12820 msisadrv - ok
15:28:57.0718 12820 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:28:57.0718 12820 MSiSCSI - ok
15:28:57.0734 12820 msiserver - ok
15:28:57.0734 12820 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:28:57.0734 12820 MSKSSRV - ok
15:28:57.0749 12820 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:28:57.0749 12820 MSPCLOCK - ok
15:28:57.0765 12820 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:28:57.0765 12820 MSPQM - ok
15:28:57.0780 12820 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:28:57.0780 12820 MsRPC - ok
15:28:57.0796 12820 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:28:57.0796 12820 mssmbios - ok
15:28:57.0812 12820 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:28:57.0812 12820 MSTEE - ok
15:28:57.0827 12820 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:28:57.0827 12820 MTConfig - ok
15:28:57.0827 12820 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:28:57.0827 12820 Mup - ok
15:28:57.0905 12820 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:28:57.0905 12820 napagent - ok
15:28:57.0921 12820 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:28:57.0921 12820 NativeWifiP - ok
15:28:57.0968 12820 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:28:57.0968 12820 NDIS - ok
15:28:57.0983 12820 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:28:57.0983 12820 NdisCap - ok
15:28:58.0014 12820 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:28:58.0014 12820 NdisTapi - ok
15:28:58.0030 12820 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:28:58.0030 12820 Ndisuio - ok
15:28:58.0046 12820 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:28:58.0046 12820 NdisWan - ok
15:28:58.0046 12820 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:28:58.0046 12820 NDProxy - ok
15:28:58.0077 12820 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:28:58.0077 12820 NetBIOS - ok
15:28:58.0092 12820 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:28:58.0092 12820 NetBT - ok
15:28:58.0108 12820 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:28:58.0108 12820 Netlogon - ok
15:28:58.0155 12820 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:28:58.0155 12820 Netman - ok
15:28:58.0170 12820 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:28:58.0170 12820 netprofm - ok
15:28:58.0186 12820 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:28:58.0186 12820 NetTcpPortSharing - ok
15:28:58.0233 12820 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:28:58.0233 12820 nfrd960 - ok
15:28:58.0248 12820 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:28:58.0264 12820 NlaSvc - ok
15:28:58.0264 12820 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:28:58.0264 12820 Npfs - ok
15:28:58.0311 12820 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:28:58.0311 12820 nsi - ok
15:28:58.0311 12820 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:28:58.0311 12820 nsiproxy - ok
15:28:58.0404 12820 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:28:58.0420 12820 Ntfs - ok
15:28:58.0420 12820 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:28:58.0436 12820 Null - ok
15:28:58.0670 12820 [ 7328528DAF9B8A486E16595A35043DB0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:28:58.0732 12820 nvlddmkm - ok
15:28:58.0779 12820 [ 8AE5A124F3B65C3EC531D251A3E9C87F ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
15:28:58.0779 12820 nvpciflt - ok
15:28:58.0794 12820 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:28:58.0794 12820 nvraid - ok
15:28:58.0826 12820 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:28:58.0826 12820 nvstor - ok
15:28:58.0857 12820 [ CEA3416907C17BB6623D9CB1E015B3C4 ] NVSvc C:\Windows\system32\nvvsvc.exe
15:28:58.0872 12820 NVSvc - ok
15:28:58.0935 12820 [ 741688E5A65CC43567BCC329AE130075 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:28:58.0935 12820 nvUpdatusService - ok
15:28:58.0966 12820 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:28:58.0966 12820 nv_agp - ok
15:28:58.0982 12820 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:28:58.0982 12820 ohci1394 - ok
15:28:58.0997 12820 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:28:59.0013 12820 p2pimsvc - ok
15:28:59.0060 12820 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:28:59.0075 12820 p2psvc - ok
15:28:59.0091 12820 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:28:59.0091 12820 Parport - ok
15:28:59.0122 12820 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:28:59.0122 12820 partmgr - ok
15:28:59.0122 12820 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:28:59.0122 12820 PcaSvc - ok
15:28:59.0138 12820 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:28:59.0138 12820 pci - ok
15:28:59.0169 12820 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:28:59.0169 12820 pciide - ok
15:28:59.0184 12820 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:28:59.0184 12820 pcmcia - ok
15:28:59.0200 12820 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:28:59.0200 12820 pcw - ok
15:28:59.0216 12820 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:28:59.0216 12820 PEAUTH - ok
15:28:59.0247 12820 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:28:59.0247 12820 PerfHost - ok
15:28:59.0309 12820 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:28:59.0309 12820 pla - ok
15:28:59.0356 12820 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:28:59.0356 12820 PlugPlay - ok
15:28:59.0372 12820 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:28:59.0372 12820 PNRPAutoReg - ok
15:28:59.0387 12820 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:28:59.0387 12820 PNRPsvc - ok
15:28:59.0434 12820 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:28:59.0434 12820 PolicyAgent - ok
15:28:59.0450 12820 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:28:59.0465 12820 Power - ok
15:28:59.0481 12820 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:28:59.0481 12820 PptpMiniport - ok
15:28:59.0496 12820 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:28:59.0496 12820 Processor - ok
15:28:59.0528 12820 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:28:59.0528 12820 ProfSvc - ok
15:28:59.0543 12820 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:28:59.0543 12820 ProtectedStorage - ok
15:28:59.0574 12820 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:28:59.0574 12820 Psched - ok
15:28:59.0606 12820 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:28:59.0621 12820 ql2300 - ok
15:28:59.0652 12820 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:28:59.0652 12820 ql40xx - ok
15:28:59.0699 12820 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:28:59.0699 12820 QWAVE - ok
15:28:59.0699 12820 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:28:59.0699 12820 QWAVEdrv - ok
15:28:59.0715 12820 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:28:59.0715 12820 RasAcd - ok
15:28:59.0762 12820 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:28:59.0762 12820 RasAgileVpn - ok
15:28:59.0762 12820 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:28:59.0762 12820 RasAuto - ok
15:28:59.0793 12820 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:28:59.0793 12820 Rasl2tp - ok
15:28:59.0808 12820 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:28:59.0808 12820 RasMan - ok
15:28:59.0824 12820 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:28:59.0824 12820 RasPppoe - ok
15:28:59.0840 12820 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:28:59.0840 12820 RasSstp - ok
15:28:59.0855 12820 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:28:59.0855 12820 rdbss - ok
15:28:59.0871 12820 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:28:59.0871 12820 rdpbus - ok
15:28:59.0886 12820 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:28:59.0886 12820 RDPCDD - ok
15:28:59.0902 12820 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:28:59.0902 12820 RDPENCDD - ok
15:28:59.0918 12820 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:28:59.0918 12820 RDPREFMP - ok
15:28:59.0949 12820 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:28:59.0949 12820 RDPWD - ok
15:28:59.0964 12820 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:28:59.0980 12820 rdyboost - ok
15:29:00.0011 12820 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:29:00.0011 12820 RemoteAccess - ok
15:29:00.0042 12820 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:29:00.0042 12820 RemoteRegistry - ok
15:29:00.0074 12820 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:29:00.0074 12820 RFCOMM - ok
15:29:00.0136 12820 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
15:29:00.0136 12820 RichVideo - ok
15:29:00.0167 12820 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:29:00.0167 12820 RpcEptMapper - ok
15:29:00.0198 12820 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:29:00.0198 12820 RpcLocator - ok
15:29:00.0214 12820 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:29:00.0214 12820 RpcSs - ok
15:29:00.0245 12820 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:29:00.0245 12820 rspndr - ok
15:29:00.0276 12820 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:29:00.0276 12820 RTL8167 - ok
15:29:00.0292 12820 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:29:00.0292 12820 SamSs - ok
15:29:00.0370 12820 [ CDB954C736D51DC5FA712C039AF4F683 ] SbFw C:\Windows\system32\drivers\SbFw.sys
15:29:00.0370 12820 SbFw - ok
15:29:00.0386 12820 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys
15:29:00.0386 12820 SBFWIMCL - ok
15:29:00.0401 12820 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys
15:29:00.0401 12820 SBFWIMCLMP - ok
15:29:00.0432 12820 [ A5BC45F8C2F30350E7566799C86B2F5D ] sbhips C:\Windows\system32\drivers\sbhips.sys
15:29:00.0432 12820 sbhips - ok
15:29:00.0464 12820 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:29:00.0464 12820 sbp2port - ok
15:29:00.0495 12820 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:29:00.0495 12820 SCardSvr - ok
15:29:00.0510 12820 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:29:00.0510 12820 scfilter - ok
15:29:00.0542 12820 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:29:00.0542 12820 Schedule - ok
15:29:00.0573 12820 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:29:00.0573 12820 SCPolicySvc - ok
15:29:00.0588 12820 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:29:00.0588 12820 SDRSVC - ok
15:29:00.0620 12820 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:29:00.0620 12820 secdrv - ok
15:29:00.0635 12820 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:29:00.0635 12820 seclogon - ok
15:29:00.0651 12820 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:29:00.0651 12820 SENS - ok
15:29:00.0666 12820 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:29:00.0666 12820 SensrSvc - ok
15:29:00.0698 12820 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:29:00.0698 12820 Serenum - ok
15:29:00.0713 12820 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:29:00.0713 12820 Serial - ok
15:29:00.0729 12820 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:29:00.0729 12820 sermouse - ok
15:29:00.0760 12820 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:29:00.0760 12820 SessionEnv - ok
15:29:00.0791 12820 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:29:00.0791 12820 sffdisk - ok
15:29:00.0791 12820 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:29:00.0791 12820 sffp_mmc - ok
15:29:00.0807 12820 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:29:00.0807 12820 sffp_sd - ok
15:29:00.0822 12820 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:29:00.0822 12820 sfloppy - ok
15:29:00.0854 12820 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:29:00.0854 12820 SharedAccess - ok
15:29:00.0869 12820 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:29:00.0869 12820 ShellHWDetection - ok
15:29:00.0900 12820 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
15:29:00.0900 12820 SiSGbeLH - ok
15:29:00.0932 12820 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:29:00.0932 12820 SiSRaid2 - ok
15:29:00.0947 12820 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:29:00.0947 12820 SiSRaid4 - ok
15:29:00.0994 12820 [ 17EAB7852FF9F15FBAAB4E95EFC0B812 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:29:00.0994 12820 SkypeUpdate - ok
15:29:01.0010 12820 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:29:01.0010 12820 Smb - ok
15:29:01.0056 12820 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:29:01.0056 12820 SNMPTRAP - ok
15:29:01.0072 12820 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:29:01.0072 12820 spldr - ok
15:29:01.0119 12820 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:29:01.0119 12820 Spooler - ok
15:29:01.0197 12820 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:29:01.0212 12820 sppsvc - ok
15:29:01.0228 12820 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:29:01.0228 12820 sppuinotify - ok
15:29:01.0275 12820 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:29:01.0275 12820 srv - ok
15:29:01.0353 12820 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:29:01.0353 12820 srv2 - ok
15:29:01.0384 12820 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:29:01.0384 12820 srvnet - ok
15:29:01.0415 12820 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:29:01.0415 12820 SSDPSRV - ok
15:29:01.0431 12820 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:29:01.0431 12820 SstpSvc - ok
15:29:01.0446 12820 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:29:01.0446 12820 stexstor - ok
15:29:01.0493 12820 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:29:01.0493 12820 stisvc - ok
15:29:01.0509 12820 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:29:01.0509 12820 swenum - ok
15:29:01.0556 12820 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:29:01.0556 12820 swprv - ok
15:29:01.0618 12820 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:29:01.0634 12820 SysMain - ok
15:29:01.0649 12820 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:29:01.0649 12820 TabletInputService - ok
15:29:01.0680 12820 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:29:01.0680 12820 TapiSrv - ok
15:29:01.0696 12820 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:29:01.0696 12820 TBS - ok
15:29:01.0743 12820 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:29:01.0758 12820 Tcpip - ok
15:29:01.0821 12820 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:29:01.0821 12820 TCPIP6 - ok
15:29:01.0836 12820 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:29:01.0836 12820 tcpipreg - ok
15:29:01.0868 12820 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:29:01.0868 12820 TDPIPE - ok
15:29:01.0883 12820 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:29:01.0883 12820 TDTCP - ok
15:29:01.0899 12820 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:29:01.0899 12820 tdx - ok
15:29:01.0930 12820 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:29:01.0930 12820 TermDD - ok
15:29:01.0961 12820 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:29:01.0961 12820 TermService - ok
15:29:01.0977 12820 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:29:01.0977 12820 Themes - ok
15:29:01.0992 12820 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:29:01.0992 12820 THREADORDER - ok
15:29:02.0008 12820 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:29:02.0008 12820 TrkWks - ok
15:29:02.0039 12820 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:29:02.0039 12820 TrustedInstaller - ok
15:29:02.0055 12820 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:29:02.0055 12820 tssecsrv - ok
15:29:02.0086 12820 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:29:02.0086 12820 TsUsbFlt - ok
15:29:02.0117 12820 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:29:02.0117 12820 TsUsbGD - ok
15:29:02.0133 12820 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:29:02.0133 12820 tunnel - ok
15:29:02.0164 12820 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
15:29:02.0164 12820 TurboB - ok
15:29:02.0211 12820 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:29:02.0226 12820 TurboBoost - ok
15:29:02.0242 12820 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:29:02.0242 12820 uagp35 - ok
15:29:02.0289 12820 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:29:02.0289 12820 udfs - ok
15:29:02.0320 12820 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:29:02.0320 12820 UI0Detect - ok
15:29:02.0336 12820 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:29:02.0336 12820 uliagpkx - ok
15:29:02.0367 12820 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:29:02.0367 12820 umbus - ok
15:29:02.0382 12820 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:29:02.0382 12820 UmPass - ok
15:29:02.0445 12820 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:29:02.0460 12820 UNS - ok
15:29:02.0492 12820 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:29:02.0507 12820 upnphost - ok
15:29:02.0554 12820 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:29:02.0554 12820 usbccgp - ok
15:29:02.0570 12820 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:29:02.0570 12820 usbcir - ok
15:29:02.0585 12820 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:29:02.0585 12820 usbehci - ok
15:29:02.0616 12820 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:29:02.0616 12820 usbhub - ok
15:29:02.0632 12820 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:29:02.0632 12820 usbohci - ok
15:29:02.0648 12820 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:29:02.0648 12820 usbprint - ok
15:29:02.0663 12820 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:29:02.0663 12820 USBSTOR - ok
15:29:02.0679 12820 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:29:02.0679 12820 usbuhci - ok
15:29:02.0710 12820 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:29:02.0710 12820 usbvideo - ok
15:29:02.0726 12820 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:29:02.0726 12820 UxSms - ok
15:29:02.0726 12820 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:29:02.0741 12820 VaultSvc - ok
15:29:02.0772 12820 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
15:29:02.0772 12820 VClone - ok
15:29:02.0804 12820 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:29:02.0804 12820 vdrvroot - ok
15:29:02.0819 12820 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:29:02.0819 12820 vds - ok
15:29:02.0850 12820 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:29:02.0850 12820 vga - ok
15:29:02.0866 12820 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:29:02.0866 12820 VgaSave - ok
15:29:02.0866 12820 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:29:02.0866 12820 vhdmp - ok
15:29:02.0897 12820 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:29:02.0897 12820 viaide - ok
15:29:02.0913 12820 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:29:02.0913 12820 volmgr - ok
15:29:02.0928 12820 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:29:02.0928 12820 volmgrx - ok
15:29:02.0928 12820 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:29:02.0944 12820 volsnap - ok
15:29:02.0960 12820 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:29:02.0960 12820 vsmraid - ok
15:29:03.0006 12820 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:29:03.0006 12820 VSS - ok
15:29:03.0038 12820 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:29:03.0038 12820 vwifibus - ok
15:29:03.0053 12820 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:29:03.0053 12820 vwififlt - ok
15:29:03.0084 12820 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:29:03.0084 12820 W32Time - ok
15:29:03.0100 12820 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:29:03.0100 12820 WacomPen - ok
15:29:03.0116 12820 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:29:03.0116 12820 WANARP - ok
15:29:03.0131 12820 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:29:03.0131 12820 Wanarpv6 - ok
15:29:03.0240 12820 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:29:03.0240 12820 WatAdminSvc - ok
15:29:03.0318 12820 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:29:03.0318 12820 wbengine - ok
15:29:03.0350 12820 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:29:03.0350 12820 WbioSrvc - ok
15:29:03.0381 12820 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:29:03.0381 12820 wcncsvc - ok
15:29:03.0396 12820 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:29:03.0396 12820 WcsPlugInService - ok
15:29:03.0412 12820 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:29:03.0428 12820 Wd - ok
15:29:03.0443 12820 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:29:03.0443 12820 Wdf01000 - ok
15:29:03.0459 12820 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:29:03.0459 12820 WdiServiceHost - ok
15:29:03.0459 12820 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:29:03.0459 12820 WdiSystemHost - ok
15:29:03.0490 12820 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:29:03.0490 12820 WebClient - ok
15:29:03.0506 12820 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:29:03.0506 12820 Wecsvc - ok
15:29:03.0521 12820 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:29:03.0521 12820 wercplsupport - ok
15:29:03.0537 12820 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:29:03.0537 12820 WerSvc - ok
15:29:03.0584 12820 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:29:03.0584 12820 WfpLwf - ok
15:29:03.0599 12820 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:29:03.0599 12820 WimFltr - ok
15:29:03.0615 12820 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:29:03.0615 12820 WIMMount - ok
15:29:03.0630 12820 WinDefend - ok
15:29:03.0630 12820 WinHttpAutoProxySvc - ok
15:29:03.0677 12820 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:29:03.0677 12820 Winmgmt - ok
15:29:03.0740 12820 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:29:03.0755 12820 WinRM - ok
15:29:03.0802 12820 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:29:03.0802 12820 WinUsb - ok
15:29:03.0833 12820 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:29:03.0833 12820 Wlansvc - ok
15:29:03.0880 12820 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:29:03.0880 12820 wlcrasvc - ok
15:29:03.0974 12820 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:29:03.0989 12820 wlidsvc - ok
15:29:04.0020 12820 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:29:04.0020 12820 WmiAcpi - ok
15:29:04.0036 12820 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:29:04.0052 12820 wmiApSrv - ok
15:29:04.0067 12820 WMPNetworkSvc - ok
15:29:04.0130 12820 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:29:04.0130 12820 WPCSvc - ok
15:29:04.0130 12820 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:29:04.0145 12820 WPDBusEnum - ok
15:29:04.0161 12820 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:29:04.0161 12820 ws2ifsl - ok
15:29:04.0176 12820 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:29:04.0192 12820 wscsvc - ok
15:29:04.0192 12820 WSearch - ok
15:29:04.0270 12820 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:29:04.0286 12820 wuauserv - ok
15:29:04.0317 12820 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:29:04.0317 12820 WudfPf - ok
15:29:04.0379 12820 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:29:04.0379 12820 WUDFRd - ok
15:29:04.0395 12820 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:29:04.0395 12820 wudfsvc - ok
15:29:04.0442 12820 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:29:04.0442 12820 WwanSvc - ok
15:29:04.0488 12820 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:29:04.0488 12820 xusb21 - ok
15:29:04.0504 12820 ================ Scan global ===============================
15:29:04.0520 12820 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:29:04.0551 12820 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:29:04.0551 12820 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:29:04.0582 12820 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:29:04.0598 12820 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:29:04.0613 12820 [Global] - ok
15:29:04.0613 12820 ================ Scan MBR ==================================
15:29:04.0644 12820 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:29:04.0878 12820 \Device\Harddisk0\DR0 - ok
15:29:04.0878 12820 ================ Scan VBR ==================================
15:29:04.0878 12820 [ B64A48BFD40272B21C9532B283E55DD8 ] \Device\Harddisk0\DR0\Partition1
15:29:04.0878 12820 \Device\Harddisk0\DR0\Partition1 - ok
15:29:04.0910 12820 [ F4AA77D0E00062DED55CC302208E5D13 ] \Device\Harddisk0\DR0\Partition2
15:29:04.0910 12820 \Device\Harddisk0\DR0\Partition2 - ok
15:29:04.0910 12820 ============================================================
15:29:04.0910 12820 Scan finished
15:29:04.0910 12820 ============================================================
15:29:04.0910 14264 Detected object count: 0
15:29:04.0910 14264 Actual detected object count: 0

#6 RealTalk

RealTalk
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 01 September 2012 - 02:35 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-01 15:30:24
-----------------------------
15:30:24.808 OS Version: Windows x64 6.1.7601 Service Pack 1
15:30:24.808 Number of processors: 8 586 0x2A07
15:30:24.808 ComputerName: BRIANASUS UserName: Brian
15:30:25.962 Initialize success
15:30:26.056 AVAST engine defs: 12090100
15:30:44.854 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:30:44.854 Disk 0 Vendor: ST950042 0003 Size: 476940MB BusType: 3
15:30:44.870 Disk 0 MBR read successfully
15:30:44.870 Disk 0 MBR scan
15:30:44.870 Disk 0 Windows 7 default MBR code
15:30:44.885 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
15:30:44.901 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 190776 MB offset 52430848
15:30:44.901 Disk 0 Partition - 00 0F Extended LBA 260562 MB offset 443140096
15:30:44.932 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 260561 MB offset 443142144
15:30:44.948 Disk 0 scanning C:\Windows\system32\drivers
15:30:53.106 Service scanning
15:30:54.620 Service ASUSProcObsrv E:\I386\AsPrOb64.sys **LOCKED** 21
15:31:05.852 Modules scanning
15:31:05.852 Disk 0 trace - called modules:
15:31:06.195 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
15:31:06.195 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800b0fa790]
15:31:06.195 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> [0xfffffa800ab1eb20]
15:31:06.195 5 ACPI.sys[fffff88000f387a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800ab25050]
15:31:06.741 AVAST engine scan C:\Windows
15:31:09.564 AVAST engine scan C:\Windows\system32
15:33:01.214 AVAST engine scan C:\Windows\system32\drivers
15:33:11.962 AVAST engine scan C:\Users\Brian
15:34:16.203 Disk 0 MBR has been saved successfully to "C:\Users\Brian\Desktop\MBR.dat"
15:34:16.203 The log file has been saved successfully to "C:\Users\Brian\Desktop\aswMBR.txt"

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:09 PM

Posted 01 September 2012 - 03:22 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 RealTalk

RealTalk
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 01 September 2012 - 03:56 PM

No issues atm, computer running well. See anything?

ComboFix 12-08-31.08 - Brian 09/01/2012 16:47:37.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12193.10388 [GMT -4:00]
Running from: c:\users\Brian\Desktop\ComboFix.exe
Command switches used :: c:\users\Brian\Desktop\CFScript.txt
AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-08-01 to 2012-09-01 )))))))))))))))))))))))))))))))
.
.
2012-09-01 20:53 . 2012-09-01 20:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-09-01 20:53 . 2012-09-01 20:53 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-09-01 20:53 . 2012-09-01 20:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-01 20:38 . 2012-09-01 20:38 -------- d-----w- c:\users\Brian\AppData\Local\ElevatedDiagnostics
2012-09-01 19:01 . 2012-09-01 19:01 -------- d-----w- c:\programdata\McAfee
2012-09-01 17:32 . 2012-09-01 17:32 -------- d-----w- c:\program files\AVAST Software
2012-09-01 17:17 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D5EBC632-11C8-483B-992D-8C552D5DCD02}\mpengine.dll
2012-08-29 22:28 . 2012-08-29 22:28 -------- d-----w- C:\found.000
2012-08-21 21:10 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-21 21:10 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-21 21:10 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-21 21:10 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-21 21:10 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-21 21:10 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 22:23 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-15 22:20 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 22:20 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 22:20 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 22:20 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 22:20 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 22:20 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-01 20:45 . 2011-10-12 22:42 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-08-29 00:24 . 2012-06-03 18:32 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-08-29 00:24 . 2011-12-06 22:31 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-22 12:39 . 2012-04-04 12:41 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-22 12:39 . 2011-10-23 12:19 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-21 09:12 . 2011-10-13 00:55 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-15 22:21 . 2011-10-18 21:18 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-06-09 05:43 . 2012-07-10 21:37 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-10 21:37 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-10 21:37 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-10 21:37 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-10 21:37 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-10 21:37 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-10 21:37 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-09-01_17.09.31 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-08-29 21:51 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-09-01 20:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-09-01 20:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-29 21:51 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-09-01 20:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-29 21:51 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-18 20:13 . 2012-09-01 20:47 44640 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-01 20:47 40814 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-10-13 00:48 . 2012-09-01 20:47 13890 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2814915296-174591460-2764255659-1001_UserData.bin
- 2011-10-12 22:10 . 2012-08-29 21:25 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-12 22:10 . 2012-09-01 20:41 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-12 22:10 . 2012-09-01 20:41 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-10-12 22:10 . 2012-08-29 21:25 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-09-01 20:41 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-29 21:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-09-01 16:55 . 2012-09-01 16:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-01 20:45 . 2012-09-01 20:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-01 20:45 . 2012-09-01 20:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-09-01 16:55 . 2012-09-01 16:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-09-01 19:02 . 2012-08-29 00:10 157680 c:\windows\SysWOW64\javaws.exe
+ 2012-09-01 19:02 . 2012-08-29 00:10 149488 c:\windows\SysWOW64\javaw.exe
+ 2012-09-01 19:02 . 2012-08-29 00:09 149488 c:\windows\SysWOW64\java.exe
- 2009-07-14 05:01 . 2012-08-29 21:26 260732 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-09-01 20:44 260732 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-10-13 00:45 . 2012-08-22 12:44 2971364 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2814915296-174591460-2764255659-1001-12288.dat
+ 2011-10-13 00:45 . 2012-09-01 20:44 2971364 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2814915296-174591460-2764255659-1001-12288.dat
+ 2011-10-13 00:45 . 2012-09-01 20:44 36911144 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2814915296-174591460-2764255659-1001-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7aeb3efd-e564-43f1-b658-5058a7c5743b}"= "c:\program files (x86)\vshare.tv_Bar\prxtbvsha.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7aeb3efd-e564-43f1-b658-5058a7c5743b}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7aeb3efd-e564-43f1-b658-5058a7c5743b}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\vshare.tv_Bar\prxtbvsha.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7aeb3efd-e564-43f1-b658-5058a7c5743b}"= "c:\program files (x86)\vshare.tv_Bar\prxtbvsha.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7aeb3efd-e564-43f1-b658-5058a7c5743b}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-16 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-02 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-02-25 40448]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"VirtualCloneDrive"="c:\program files (x86)\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-2 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2012-1-7 12862]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIService]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-22 250568]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;e:\i386\AsPrOb64.sys [x]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 135664]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-04-05 60504]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-16 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-03-08 25960]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\Brian\Desktop\Emisoft\Run\a2ddax64.sys [2012-08-30 23208]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-04-05 253528]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-14 2009704]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 12:39]
.
2012-08-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2814915296-174591460-2764255659-1001Core.job
- c:\users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-13 16:09]
.
2012-09-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2814915296-174591460-2764255659-1001UA.job
- c:\users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-13 16:09]
.
2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 04:36]
.
2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 04:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 207.22.166.2 207.22.166.61
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{7AEB3EFD-E564-43F1-B658-5058A7C5743B} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-01 16:55:35
ComboFix-quarantined-files.txt 2012-09-01 20:55
ComboFix2.txt 2012-09-01 17:11
ComboFix3.txt 2012-04-19 00:50
.
Pre-Run: 1,305,403,392 bytes free
Post-Run: 1,312,813,056 bytes free
.
- - End Of File - - B163D5E2B55223DB85238F550FB6EA52

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:09 PM

Posted 01 September 2012 - 05:44 PM

Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
USAToday
infoworld


These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (it does allot better of a job

Programs to remove

BitTorrent
Java™ 6 Update 32
[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.


Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.


NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 RealTalk

RealTalk
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 02 September 2012 - 11:00 AM

Ran into no problems, computer running well. Was sad to part with bit torrent.

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.02.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Brian :: BRIANASUS [administrator]

9/2/2012 11:47:55 AM
mbam-log-2012-09-02 (11-47-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220922
Time elapsed: 1 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:47 AM, on 9/2/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Brian\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: vshare.tv Bar Toolbar - {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsha.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (file missing)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: vshare.tv Bar - {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsha.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: vshare.tv Bar Toolbar - {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsha.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\Run: [Facebook Update] "C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (file missing)
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13110 bytes

Edited by RealTalk, 02 September 2012 - 11:00 AM.


#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:09 PM

Posted 02 September 2012 - 06:10 PM

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
      O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
      O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
      O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
      O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser')
      O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\Run: [Facebook Update] "C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'UpdatusUser')
      O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US (User 'UpdatusUser')
      O4 - HKUS\S-1-5-21-2814915296-174591460-2764255659-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
      O4 - Global Startup: FancyStart daemon.lnk = ?
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

    NOTE**You can research each of those lines >here< and see if you want to keep them or not
    just copy the name between the brackets and paste into the search space
    O4 - HKLM\..\Run: [IntelliPoint]


NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

  • If threats were found
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish
  • close program
  • copy and paste the report here


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 RealTalk

RealTalk
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 02 September 2012 - 08:46 PM

Damn so close! I thought we were all done, lol

C:\Program Files (x86)\The Witcher 2\bin\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan
C:\Qoobox\Quarantine\C\Users\Brian\AppData\Roaming\ovcroe.dll.vir a variant of Win32/Medfos.CY trojan
C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Default\aalbpohdnhjdnknfhambigckobpfmepc\background.html Win32/BHO.OEI trojan

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:09 PM

Posted 02 September 2012 - 09:21 PM

Hello

There are some minor things in your online scan that should be removed.


delete files

  • Copy all text in the quote box (below)...to Notepad.

    @echo off
    del /f /s /q "C:\Program Files (x86)\The Witcher 2\bin\paul.dll"
    rd /s /q "C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Default\aalbpohdnhjdnknfhambigckobpfmepc\"
    del %0

  • Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"
    It should look like this: Posted Image<--XPPosted Image<--vista
  • Double click on delfile.bat to execute it.
    A black CMD window will flash, then disappear...this is normal.
  • The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted.


The rest of the Online scan is only reporting backups created during the course of this fix C:\Qoobox\Quarantine\, and/or items located in System Restore's cache C:\System Volume Information\, Whatever is in these folders can't harm you unless you choose to perform a manual restore. the following steps will remove these backups.




Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.


:Why we need to remove some of our tools:

Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wronge time can make the computer an expensive paper weight.
They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.

The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.
:DeFogger:

Note** Defogger only needs to be run if it was run when we first started. If you have not already run it then skip this.

  • To re-enable your Emulation drivers, double click DeFogger to run the tool.
  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK.
Your Emulation drivers are now re-enabled.

:Uninstall ComboFix:

  • turn off all active protection software
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.
  • Posted Image

:Remove the rest of our tools:

Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.
  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.
  • If asked to restart the computer, please do so
Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

:The programs you can keep:

Some of the programs that we have used would be a good idea to keep and used often in helping to keep the computer clean. I use these programs on my computer.

Revo Uninstaller Free - this is the uninstaller that I had you download and works allot better than add/remove in windows and has saved me more than once from corrupted installs and uninstalls

CCleaner - This is a good program to clean out temp files, I would use this once a week or before any malware scan to remove unwanted temp files - It has a built in registry cleaner but I would leave that alone and not use any registry cleaner

Malwarebytes' Anti-Malware The Gold standerd today in antimalware scanners

:Security programs:

One of the questions I am asked all the time is "What programs do you use" I have at this time 4 computers in my home and I have this setup on all 4 of them.

  • Microsoft Security Essentials - provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
  • WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  • Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
    totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often. (I have upgraded to the paid version of MBAM and I am glad I did)


    Note** If you decide to install MSE you will need to uninstall your present Antivirus

:Security awareness:

The other question I am asked all the time is "How can I prevent this from happening again." and the short answer to that is to be aware of what is out there and how to start spotting dangers.

Here are some articles that are must reads and should be read by everybody in your household that uses the internet

internetsafety

Internet Safety for Kids

Here is some more reading for you from some of my colleges

PC Safety and Security - What Do I Need? from my friends at Tech Support Forum

COMPUTER SECURITY - a short guide to staying safer online from my friends at Malware Removal

quoted from Tech Support Forum

Conclusion

There is no such thing as ‘perfect security’. This applies to many things, not just computer systems. Using the above guide you should be able to take all the reasonable steps you can to prevent infection. However, the most important part of all this is you, the user. Surf sensibly and think before you download a file or click on a link. Take a few moments to assess the possible risks and you should be able to enjoy all the internet has to offer.


I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 RealTalk

RealTalk
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 03 September 2012 - 03:48 PM

All set i believe. I really appreciate it man. Thank you very much for the help. You guys are great here.

When that OTCCleanIt file restarted my comp, i got an alert that says recycle bin is corrupted, empty now? and i hit yes, then restarted again and didnt get the alert. Is that normal?

Besides that everything went smoothly.

Is it ok to have Avast anti virus along with mbam? If not, what anti virus should i use?

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:09 PM

Posted 03 September 2012 - 04:22 PM

the recycle bin should be ok

avast and MBAM will work fine together


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users