Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus of unknown origin [Closed]

Started by catttreanor , Mar 18 2012 04:44 AM

  • This topic is locked This topic is locked

#1
catttreanor
Posted 18 March 2012 - 04:44 AM

catttreanor

    Member

  • Member
  • PipPip
  • 67 posts
I seem to have a virus on my computer. I get an error message saying Windows system error anytime I try to run my computer in the normal mode. I can only boot on safe mode right now and it will not let me open task manager to see what processes are running. When I first restart it, it tells me there is an error in catalyst control center. Can someone help please?
  • 0

Advertisements

#2
catttreanor
Posted 18 March 2012 - 03:45 PM

catttreanor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
It has also started telling me that I have no more RAM on my computer when I'm in normal mode
  • 0

#3
Essexboy
Posted 19 March 2012 - 02:43 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi these programmes may be run from safe mode if needed

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#4
catttreanor
Posted 19 March 2012 - 03:47 PM

catttreanor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
OTL logfile created on: 1/27/2012 9:01:19 AM - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\catt\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 35.42% Memory free
3.50 Gb Paging File | 2.33 Gb Available in Paging File | 66.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 272.92 Gb Total Space | 23.57 Gb Free Space | 8.64% Space Free | Partition Type: NTFS
Drive G: | 3.72 Gb Total Space | 3.61 Gb Free Space | 97.13% Space Free | Partition Type: FAT32

Computer Name: BETSY | User Name: catt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/27 08:54:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\catt\Downloads\OTL(2).exe
PRC - [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/11/03 12:06:56 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/07/15 22:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/28 11:28:42 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/27 02:25:58 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/11/07 02:20:39 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/07/23 08:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\DIBS\DDNIService.exe
PRC - [2010/07/20 10:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/28 12:09:06 | 000,827,392 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\HealthCare\HealthCare.exe
PRC - [2009/08/24 07:15:32 | 000,221,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
PRC - [2009/07/29 16:01:10 | 000,049,152 | ---- | M] (Lenovo (Shenzhen) Electronic Co., Ltd.) -- C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe
PRC - [2009/07/13 19:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/10 10:04:58 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/10 10:04:28 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/06/03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/08 17:04:12 | 000,849,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/09/01 17:31:25 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2009/09/09 10:25:06 | 000,057,344 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\en-us\en-us.dll
MOD - [2009/06/03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMLSvcPS.dll
MOD - [2009/06/03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMediaLibrary.dll
MOD - [2008/09/27 09:39:26 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\HOOK.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/28 11:28:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/27 02:25:58 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/04 02:00:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/23 08:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\DIBS\DDNIService.exe -- (DDNIService)
SRV - [2010/07/20 10:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe -- (DDNIMSGService)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 19:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 10:04:28 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/11/03 12:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/11/03 12:06:56 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/06/28 11:28:43 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 11:28:43 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/07/21 22:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009/07/13 17:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 16:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/10 10:40:00 | 004,994,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/06/05 18:18:08 | 000,011,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\spio.sys -- (SuperIO)
DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/04 22:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009/03/02 12:00:32 | 000,016,200 | ---- | M] (Nicomsoft Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ddcdrv.sys -- (WinI2C-DDC)
DRV - [2008/08/06 13:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=723823"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://leftaction.co...en-US:official"
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:4.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {652853ad-5592-4231-88c6-706613a52e61}:1.0.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.7
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.95
FF - prefs.js..keyword.URL: "http://search.yahoo....type=723823&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/08 17:04:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/08 17:04:14 | 000,000,000 | ---D | M]

[2010/11/01 08:45:04 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Extensions
[2012/01/27 08:38:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions
[2012/01/26 13:09:31 | 000,000,000 | ---D | M] (Somoto Toolbar) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{652853ad-5592-4231-88c6-706613a52e61}
[2012/01/26 13:09:31 | 000,000,000 | ---D | M] (WOT) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/01/26 13:09:32 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2012/01/26 13:09:31 | 000,000,000 | ---D | M] (Add to Amazon Wish List Button) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\[email protected]
[2011/10/27 23:50:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/20 17:33:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/08/12 14:25:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/27 23:50:32 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011/06/27 00:56:16 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/03/18 12:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 12:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2009/07/02 11:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll

O1 HOSTS File: ([2011/11/18 16:59:02 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Somoto Toolbar) - {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Healthcare] C:\Program Files\Lenovo\HealthCare\HealthCare.exe (Lenovo)
O4 - HKLM..\Run: [IdeaNotesUser] C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
O4 - HKLM..\Run: [LenovoFSC] C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe (Lenovo (Shenzhen) Electronic Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [winupd] C:\Users\catt\AppData\Local\Temp [2012/01/27 08:54:07 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC3054F0-C6F0-4F36-8132-BBDB287D3BA5}: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/27 08:49:40 | 000,000,000 | ---D | C] -- C:\Users\catt\Desktop\RK_Quarantine
[2012/01/26 11:03:36 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012/01/06 20:42:18 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2012/01/06 20:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2012/01/06 20:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2010/04/29 05:40:04 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe

========== Files - Modified Within 30 Days ==========

[2012/01/27 08:47:44 | 000,014,240 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 08:47:44 | 000,014,240 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 08:43:00 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/27 08:40:18 | 000,000,878 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/27 08:40:08 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/01/27 08:40:04 | 1407,746,048 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/26 23:56:58 | 000,000,064 | ---- | M] () -- C:\windows\System32\rp_stats.dat
[2012/01/26 23:56:58 | 000,000,044 | ---- | M] () -- C:\windows\System32\rp_rules.dat
[2012/01/26 11:03:37 | 000,000,280 | ---- | M] () -- C:\ProgramData\~JKMWI5hQeKOR42
[2012/01/26 11:03:37 | 000,000,192 | ---- | M] () -- C:\ProgramData\~JKMWI5hQeKOR42r
[2012/01/26 11:03:31 | 000,000,344 | ---- | M] () -- C:\ProgramData\JKMWI5hQeKOR42
[2012/01/20 11:03:14 | 000,002,054 | ---- | M] () -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2012/01/20 11:03:03 | 000,002,150 | ---- | M] () -- C:\Users\catt\Desktop\Xilisoft AVI to DVD Converter.lnk
[2012/01/06 20:42:18 | 000,001,264 | ---- | M] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft AVI to DVD Converter.lnk

========== Files Created - No Company Name ==========

[2012/01/26 11:03:37 | 000,000,280 | ---- | C] () -- C:\ProgramData\~JKMWI5hQeKOR42
[2012/01/26 11:03:37 | 000,000,192 | ---- | C] () -- C:\ProgramData\~JKMWI5hQeKOR42r
[2012/01/26 11:03:31 | 000,000,344 | ---- | C] () -- C:\ProgramData\JKMWI5hQeKOR42
[2012/01/10 09:50:13 | 014,999,886 | ---- | C] () -- C:\Users\catt\teen.mom.s03e08.hdtv.xvid-crimson.avi
[2012/01/10 09:49:15 | 014,999,886 | -H-- | C] () -- C:\Users\catt\Desktop\teen.mom.s03e08.hdtv.xvid-crimson.avi
[2012/01/06 20:42:18 | 000,002,150 | ---- | C] () -- C:\Users\catt\Desktop\Xilisoft AVI to DVD Converter.lnk
[2012/01/06 20:42:18 | 000,001,264 | ---- | C] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft AVI to DVD Converter.lnk
[2011/08/26 14:01:38 | 000,139,264 | ---- | C] () -- C:\windows\System32\gswin32c.exe
[2011/08/10 16:16:08 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/08/10 16:16:08 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011/08/10 16:16:08 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/08/10 16:16:08 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/08/10 16:16:08 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/08/10 16:03:00 | 000,023,624 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/07/31 22:58:10 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat
[2011/07/31 22:58:10 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat
[2011/07/29 01:48:32 | 000,016,432 | ---- | C] () -- C:\windows\System32\lsdelete.exe
[2010/11/03 20:53:06 | 000,136,489 | ---- | C] () -- C:\windows\hphins33.dat
[2010/11/03 20:53:06 | 000,000,512 | ---- | C] () -- C:\windows\hphmdl33.dat
[2010/04/29 06:20:41 | 000,201,728 | ---- | C] () -- C:\windows\SetDrive.exe
[2010/04/29 06:20:41 | 000,036,864 | ---- | C] () -- C:\windows\WinWait.exe
[2010/04/29 05:29:18 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2009/08/19 01:04:16 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe
[2009/08/19 01:04:16 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2009/08/19 01:04:16 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe
[2009/07/26 19:24:14 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/07/13 22:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 22:33:53 | 000,450,824 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/13 20:05:48 | 000,661,830 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/13 20:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/13 20:05:48 | 000,121,018 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/13 20:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/13 20:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/13 20:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/13 17:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 17:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009/06/05 18:18:08 | 000,011,720 | ---- | C] () -- C:\windows\System32\drivers\spio.sys

========== LOP Check ==========

[2012/01/27 03:15:58 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\BitTorrent
[2012/01/26 13:09:30 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\Catalina Marketing Corp
[2012/01/26 13:08:59 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\OpenOffice.org
[2009/07/13 22:53:46 | 000,021,882 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2009/07/13 19:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010/11/20 06:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009/08/02 23:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/02 23:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 00:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 06:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/27 23:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 06:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 19:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = NetBT
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys -- [2009/07/13 17:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
"Tag" = 10
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{BC3054F0-C6F0-4F36-8132-BBDB287D3BA5}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys -- [2009/07/13 17:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 00 01 01 01 03 01 04 01 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2009/07/13 19:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< End of report >
  • 0

#5
catttreanor
Posted 19 March 2012 - 03:48 PM

catttreanor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
OTL logfile created on: 1/27/2012 9:01:19 AM - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\catt\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 35.42% Memory free
3.50 Gb Paging File | 2.33 Gb Available in Paging File | 66.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 272.92 Gb Total Space | 23.57 Gb Free Space | 8.64% Space Free | Partition Type: NTFS
Drive G: | 3.72 Gb Total Space | 3.61 Gb Free Space | 97.13% Space Free | Partition Type: FAT32

Computer Name: BETSY | User Name: catt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/27 08:54:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\catt\Downloads\OTL(2).exe
PRC - [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/11/03 12:06:56 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/07/15 22:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/28 11:28:42 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/27 02:25:58 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/11/07 02:20:39 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/07/23 08:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\DIBS\DDNIService.exe
PRC - [2010/07/20 10:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/28 12:09:06 | 000,827,392 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\HealthCare\HealthCare.exe
PRC - [2009/08/24 07:15:32 | 000,221,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
PRC - [2009/07/29 16:01:10 | 000,049,152 | ---- | M] (Lenovo (Shenzhen) Electronic Co., Ltd.) -- C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe
PRC - [2009/07/13 19:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/10 10:04:58 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/10 10:04:28 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/06/03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/08 17:04:12 | 000,849,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/09/01 17:31:25 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2009/09/09 10:25:06 | 000,057,344 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\en-us\en-us.dll
MOD - [2009/06/03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMLSvcPS.dll
MOD - [2009/06/03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMediaLibrary.dll
MOD - [2008/09/27 09:39:26 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\HOOK.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/28 11:28:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/27 02:25:58 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/04 02:00:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/23 08:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\DIBS\DDNIService.exe -- (DDNIService)
SRV - [2010/07/20 10:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe -- (DDNIMSGService)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 19:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 10:04:28 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/11/03 12:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/11/03 12:06:56 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/06/28 11:28:43 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 11:28:43 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/07/21 22:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009/07/13 17:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 16:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/10 10:40:00 | 004,994,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/06/05 18:18:08 | 000,011,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\spio.sys -- (SuperIO)
DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/04 22:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009/03/02 12:00:32 | 000,016,200 | ---- | M] (Nicomsoft Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ddcdrv.sys -- (WinI2C-DDC)
DRV - [2008/08/06 13:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=723823"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://leftaction.co...en-US:official"
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:4.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {652853ad-5592-4231-88c6-706613a52e61}:1.0.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.7
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.95
FF - prefs.js..keyword.URL: "http://search.yahoo....type=723823&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/08 17:04:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/08 17:04:14 | 000,000,000 | ---D | M]

[2010/11/01 08:45:04 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Extensions
[2012/01/27 08:38:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions
[2012/01/26 13:09:31 | 000,000,000 | ---D | M] (Somoto Toolbar) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{652853ad-5592-4231-88c6-706613a52e61}
[2012/01/26 13:09:31 | 000,000,000 | ---D | M] (WOT) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/01/26 13:09:32 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2012/01/26 13:09:31 | 000,000,000 | ---D | M] (Add to Amazon Wish List Button) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\[email protected]
[2011/10/27 23:50:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/20 17:33:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/08/12 14:25:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/27 23:50:32 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011/06/27 00:56:16 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/03/18 12:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 12:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2009/07/02 11:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll

O1 HOSTS File: ([2011/11/18 16:59:02 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Somoto Toolbar) - {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Healthcare] C:\Program Files\Lenovo\HealthCare\HealthCare.exe (Lenovo)
O4 - HKLM..\Run: [IdeaNotesUser] C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
O4 - HKLM..\Run: [LenovoFSC] C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe (Lenovo (Shenzhen) Electronic Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [winupd] C:\Users\catt\AppData\Local\Temp [2012/01/27 08:54:07 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC3054F0-C6F0-4F36-8132-BBDB287D3BA5}: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/27 08:49:40 | 000,000,000 | ---D | C] -- C:\Users\catt\Desktop\RK_Quarantine
[2012/01/26 11:03:36 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012/01/06 20:42:18 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2012/01/06 20:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2012/01/06 20:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2010/04/29 05:40:04 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe

========== Files - Modified Within 30 Days ==========

[2012/01/27 08:47:44 | 000,014,240 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 08:47:44 | 000,014,240 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 08:43:00 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/27 08:40:18 | 000,000,878 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/27 08:40:08 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/01/27 08:40:04 | 1407,746,048 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/26 23:56:58 | 000,000,064 | ---- | M] () -- C:\windows\System32\rp_stats.dat
[2012/01/26 23:56:58 | 000,000,044 | ---- | M] () -- C:\windows\System32\rp_rules.dat
[2012/01/26 11:03:37 | 000,000,280 | ---- | M] () -- C:\ProgramData\~JKMWI5hQeKOR42
[2012/01/26 11:03:37 | 000,000,192 | ---- | M] () -- C:\ProgramData\~JKMWI5hQeKOR42r
[2012/01/26 11:03:31 | 000,000,344 | ---- | M] () -- C:\ProgramData\JKMWI5hQeKOR42
[2012/01/20 11:03:14 | 000,002,054 | ---- | M] () -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2012/01/20 11:03:03 | 000,002,150 | ---- | M] () -- C:\Users\catt\Desktop\Xilisoft AVI to DVD Converter.lnk
[2012/01/06 20:42:18 | 000,001,264 | ---- | M] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft AVI to DVD Converter.lnk

========== Files Created - No Company Name ==========

[2012/01/26 11:03:37 | 000,000,280 | ---- | C] () -- C:\ProgramData\~JKMWI5hQeKOR42
[2012/01/26 11:03:37 | 000,000,192 | ---- | C] () -- C:\ProgramData\~JKMWI5hQeKOR42r
[2012/01/26 11:03:31 | 000,000,344 | ---- | C] () -- C:\ProgramData\JKMWI5hQeKOR42
[2012/01/10 09:50:13 | 014,999,886 | ---- | C] () -- C:\Users\catt\teen.mom.s03e08.hdtv.xvid-crimson.avi
[2012/01/10 09:49:15 | 014,999,886 | -H-- | C] () -- C:\Users\catt\Desktop\teen.mom.s03e08.hdtv.xvid-crimson.avi
[2012/01/06 20:42:18 | 000,002,150 | ---- | C] () -- C:\Users\catt\Desktop\Xilisoft AVI to DVD Converter.lnk
[2012/01/06 20:42:18 | 000,001,264 | ---- | C] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft AVI to DVD Converter.lnk
[2011/08/26 14:01:38 | 000,139,264 | ---- | C] () -- C:\windows\System32\gswin32c.exe
[2011/08/10 16:16:08 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/08/10 16:16:08 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011/08/10 16:16:08 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/08/10 16:16:08 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/08/10 16:16:08 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/08/10 16:03:00 | 000,023,624 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/07/31 22:58:10 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat
[2011/07/31 22:58:10 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat
[2011/07/29 01:48:32 | 000,016,432 | ---- | C] () -- C:\windows\System32\lsdelete.exe
[2010/11/03 20:53:06 | 000,136,489 | ---- | C] () -- C:\windows\hphins33.dat
[2010/11/03 20:53:06 | 000,000,512 | ---- | C] () -- C:\windows\hphmdl33.dat
[2010/04/29 06:20:41 | 000,201,728 | ---- | C] () -- C:\windows\SetDrive.exe
[2010/04/29 06:20:41 | 000,036,864 | ---- | C] () -- C:\windows\WinWait.exe
[2010/04/29 05:29:18 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2009/08/19 01:04:16 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe
[2009/08/19 01:04:16 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2009/08/19 01:04:16 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe
[2009/07/26 19:24:14 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/07/13 22:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 22:33:53 | 000,450,824 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/13 20:05:48 | 000,661,830 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/13 20:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/13 20:05:48 | 000,121,018 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/13 20:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/13 20:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/13 20:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/13 17:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 17:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009/06/05 18:18:08 | 000,011,720 | ---- | C] () -- C:\windows\System32\drivers\spio.sys

========== LOP Check ==========

[2012/01/27 03:15:58 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\BitTorrent
[2012/01/26 13:09:30 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\Catalina Marketing Corp
[2012/01/26 13:08:59 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\OpenOffice.org
[2009/07/13 22:53:46 | 000,021,882 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2009/07/13 19:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010/11/20 06:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009/08/02 23:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/02 23:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 00:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 06:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/27 23:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 06:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 19:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = NetBT
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys -- [2009/07/13 17:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
"Tag" = 10
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{BC3054F0-C6F0-4F36-8132-BBDB287D3BA5}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys -- [2009/07/13 17:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 00 01 01 01 03 01 04 01 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2009/07/13 19:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< End of report >
  • 0

#6
Essexboy
Posted 19 March 2012 - 03:53 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you post the aswMBR log please
  • 0

#7
catttreanor
Posted 19 March 2012 - 04:07 PM

catttreanor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-19 16:48:48
-----------------------------
16:48:48.934 OS Version: Windows 6.1.7600
16:48:48.934 Number of processors: 2 586 0x602
16:48:48.935 ComputerName: BETSY UserName: catt
16:48:50.197 Initialize success
16:49:20.873 AVAST engine defs: 12031700
16:49:31.118 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:49:31.120 Disk 0 Vendor: WDC_WD3200AAJS-08L7A0 03.03E03 Size: 305245MB BusType: 11
16:49:31.164 Disk 0 MBR read successfully
16:49:31.167 Disk 0 MBR scan
16:49:31.171 Disk 0 Windows 7 default MBR code
16:49:31.182 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:49:31.192 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 279469 MB offset 206848
16:49:31.221 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 572559360
16:49:31.240 Disk 0 scanning sectors +625142448
16:49:31.986 Disk 0 scanning C:\windows\system32\drivers
16:49:41.057 Service scanning
16:49:58.235 Modules scanning
16:50:00.682 Disk 0 trace - called modules:
16:50:00.705 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
16:50:00.742 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84657030]
16:50:00.748 3 CLASSPNP.SYS[8740459e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84611908]
16:50:01.754 AVAST engine scan C:\windows
16:50:04.758 AVAST engine scan C:\windows\system32
16:52:09.048 AVAST engine scan C:\windows\system32\drivers
16:52:17.956 AVAST engine scan C:\Users\catt
17:02:51.334 AVAST engine scan C:\ProgramData
17:05:36.687 Scan finished successfully
17:06:19.196 The log file has been saved successfully to "C:\Users\catt\Desktop\aswMBR.txt"
17:06:56.612 Disk 0 MBR has been saved successfully to "C:\Users\catt\MBR.dat"
17:06:56.617 The log file has been saved successfully to "C:\Users\catt\aswMBR.txt"
  • 0

#8
Essexboy
Posted 19 March 2012 - 04:12 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
After this run can you let me know how the computer is behaving

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O4 - HKCU..\Run: [winupd] C:\Users\catt\AppData\Local\Temp [2012/01/27 08:54:07 | 000,000,000 | -HSD | M]
    [2012/01/26 11:03:37 | 000,000,280 | ---- | C] () -- C:\ProgramData\~JKMWI5hQeKOR42
    [2012/01/26 11:03:37 | 000,000,192 | ---- | C] () -- C:\ProgramData\~JKMWI5hQeKOR42r
    [2012/01/26 11:03:31 | 000,000,344 | ---- | C] () -- C:\ProgramData\JKMWI5hQeKOR42
    [2012/01/26 11:03:36 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#9
catttreanor
Posted 19 March 2012 - 04:21 PM

catttreanor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
OTL logfile created on: 1/27/2012 9:01:19 AM - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\catt\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 35.42% Memory free
3.50 Gb Paging File | 2.33 Gb Available in Paging File | 66.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 272.92 Gb Total Space | 23.57 Gb Free Space | 8.64% Space Free | Partition Type: NTFS
Drive G: | 3.72 Gb Total Space | 3.61 Gb Free Space | 97.13% Space Free | Partition Type: FAT32

Computer Name: BETSY | User Name: catt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/27 08:54:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\catt\Downloads\OTL(2).exe
PRC - [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/11/03 12:06:56 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/07/15 22:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/28 11:28:42 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/27 02:25:58 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/11/07 02:20:39 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/07/23 08:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\DIBS\DDNIService.exe
PRC - [2010/07/20 10:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/28 12:09:06 | 000,827,392 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\HealthCare\HealthCare.exe
PRC - [2009/08/24 07:15:32 | 000,221,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
PRC - [2009/07/29 16:01:10 | 000,049,152 | ---- | M] (Lenovo (Shenzhen) Electronic Co., Ltd.) -- C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe
PRC - [2009/07/13 19:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/10 10:04:58 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/10 10:04:28 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/06/03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/08 17:04:12 | 000,849,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/09/01 17:31:25 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2009/09/09 10:25:06 | 000,057,344 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\en-us\en-us.dll
MOD - [2009/06/03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMLSvcPS.dll
MOD - [2009/06/03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMediaLibrary.dll
MOD - [2008/09/27 09:39:26 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\HOOK.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/28 11:28:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/27 02:25:58 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/04 02:00:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/23 08:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\DIBS\DDNIService.exe -- (DDNIService)
SRV - [2010/07/20 10:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe -- (DDNIMSGService)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 19:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 10:04:28 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/11/03 12:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/11/03 12:06:56 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/06/28 11:28:43 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 11:28:43 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/07/21 22:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009/07/13 17:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 16:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/10 10:40:00 | 004,994,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/06/05 18:18:08 | 000,011,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\spio.sys -- (SuperIO)
DRV - [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/04 22:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009/03/02 12:00:32 | 000,016,200 | ---- | M] (Nicomsoft Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ddcdrv.sys -- (WinI2C-DDC)
DRV - [2008/08/06 13:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=723823"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://leftaction.co...en-US:official"
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:4.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {652853ad-5592-4231-88c6-706613a52e61}:1.0.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.7
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.95
FF - prefs.js..keyword.URL: "http://search.yahoo....type=723823&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/08 17:04:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/08 17:04:14 | 000,000,000 | ---D | M]

[2010/11/01 08:45:04 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Extensions
[2012/01/27 08:38:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions
[2012/01/26 13:09:31 | 000,000,000 | ---D | M] (Somoto Toolbar) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{652853ad-5592-4231-88c6-706613a52e61}
[2012/01/26 13:09:31 | 000,000,000 | ---D | M] (WOT) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/01/26 13:09:32 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2012/01/26 13:09:31 | 000,000,000 | ---D | M] (Add to Amazon Wish List Button) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\[email protected]
[2011/10/27 23:50:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/20 17:33:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/08/12 14:25:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/27 23:50:32 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011/06/27 00:56:16 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/03/18 12:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 12:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2009/07/02 11:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll

O1 HOSTS File: ([2011/11/18 16:59:02 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Somoto Toolbar) - {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Healthcare] C:\Program Files\Lenovo\HealthCare\HealthCare.exe (Lenovo)
O4 - HKLM..\Run: [IdeaNotesUser] C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
O4 - HKLM..\Run: [LenovoFSC] C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe (Lenovo (Shenzhen) Electronic Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [winupd] C:\Users\catt\AppData\Local\Temp [2012/01/27 08:54:07 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC3054F0-C6F0-4F36-8132-BBDB287D3BA5}: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/27 08:49:40 | 000,000,000 | ---D | C] -- C:\Users\catt\Desktop\RK_Quarantine
[2012/01/26 11:03:36 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012/01/06 20:42:18 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2012/01/06 20:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2012/01/06 20:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2010/04/29 05:40:04 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe

========== Files - Modified Within 30 Days ==========

[2012/01/27 08:47:44 | 000,014,240 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 08:47:44 | 000,014,240 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 08:43:00 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/27 08:40:18 | 000,000,878 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/27 08:40:08 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/01/27 08:40:04 | 1407,746,048 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/26 23:56:58 | 000,000,064 | ---- | M] () -- C:\windows\System32\rp_stats.dat
[2012/01/26 23:56:58 | 000,000,044 | ---- | M] () -- C:\windows\System32\rp_rules.dat
[2012/01/26 11:03:37 | 000,000,280 | ---- | M] () -- C:\ProgramData\~JKMWI5hQeKOR42
[2012/01/26 11:03:37 | 000,000,192 | ---- | M] () -- C:\ProgramData\~JKMWI5hQeKOR42r
[2012/01/26 11:03:31 | 000,000,344 | ---- | M] () -- C:\ProgramData\JKMWI5hQeKOR42
[2012/01/20 11:03:14 | 000,002,054 | ---- | M] () -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2012/01/20 11:03:03 | 000,002,150 | ---- | M] () -- C:\Users\catt\Desktop\Xilisoft AVI to DVD Converter.lnk
[2012/01/06 20:42:18 | 000,001,264 | ---- | M] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft AVI to DVD Converter.lnk

========== Files Created - No Company Name ==========

[2012/01/26 11:03:37 | 000,000,280 | ---- | C] () -- C:\ProgramData\~JKMWI5hQeKOR42
[2012/01/26 11:03:37 | 000,000,192 | ---- | C] () -- C:\ProgramData\~JKMWI5hQeKOR42r
[2012/01/26 11:03:31 | 000,000,344 | ---- | C] () -- C:\ProgramData\JKMWI5hQeKOR42
[2012/01/10 09:50:13 | 014,999,886 | ---- | C] () -- C:\Users\catt\teen.mom.s03e08.hdtv.xvid-crimson.avi
[2012/01/10 09:49:15 | 014,999,886 | -H-- | C] () -- C:\Users\catt\Desktop\teen.mom.s03e08.hdtv.xvid-crimson.avi
[2012/01/06 20:42:18 | 000,002,150 | ---- | C] () -- C:\Users\catt\Desktop\Xilisoft AVI to DVD Converter.lnk
[2012/01/06 20:42:18 | 000,001,264 | ---- | C] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft AVI to DVD Converter.lnk
[2011/08/26 14:01:38 | 000,139,264 | ---- | C] () -- C:\windows\System32\gswin32c.exe
[2011/08/10 16:16:08 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/08/10 16:16:08 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011/08/10 16:16:08 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/08/10 16:16:08 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/08/10 16:16:08 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/08/10 16:03:00 | 000,023,624 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/07/31 22:58:10 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat
[2011/07/31 22:58:10 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat
[2011/07/29 01:48:32 | 000,016,432 | ---- | C] () -- C:\windows\System32\lsdelete.exe
[2010/11/03 20:53:06 | 000,136,489 | ---- | C] () -- C:\windows\hphins33.dat
[2010/11/03 20:53:06 | 000,000,512 | ---- | C] () -- C:\windows\hphmdl33.dat
[2010/04/29 06:20:41 | 000,201,728 | ---- | C] () -- C:\windows\SetDrive.exe
[2010/04/29 06:20:41 | 000,036,864 | ---- | C] () -- C:\windows\WinWait.exe
[2010/04/29 05:29:18 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2009/08/19 01:04:16 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe
[2009/08/19 01:04:16 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2009/08/19 01:04:16 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe
[2009/07/26 19:24:14 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2009/07/13 22:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 22:33:53 | 000,450,824 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/13 20:05:48 | 000,661,830 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/13 20:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/13 20:05:48 | 000,121,018 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/13 20:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/13 20:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/13 20:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/13 17:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 17:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009/06/05 18:18:08 | 000,011,720 | ---- | C] () -- C:\windows\System32\drivers\spio.sys

========== LOP Check ==========

[2012/01/27 03:15:58 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\BitTorrent
[2012/01/26 13:09:30 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\Catalina Marketing Corp
[2012/01/26 13:08:59 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\OpenOffice.org
[2009/07/13 22:53:46 | 000,021,882 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2009/07/13 19:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010/11/20 06:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009/08/02 23:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/02 23:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 00:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 06:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/13 19:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/27 23:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 06:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 19:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = NetBT
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys -- [2009/07/13 17:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
"Tag" = 10
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{BC3054F0-C6F0-4F36-8132-BBDB287D3BA5}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys -- [2009/07/13 17:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 00 01 01 01 03 01 04 01 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2009/07/13 19:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/01/08 17:04:14 | 000,552,464 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/01/08 17:04:12 | 000,912,856 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/19 23:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 19:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/11/04 22:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< End of report >
  • 0

#10
Essexboy
Posted 19 March 2012 - 04:29 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You have posted the run 6 log again I will need the run 7 one (just completed)
  • 0

Advertisements

#11
catttreanor
Posted 19 March 2012 - 04:36 PM

catttreanor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
OTL logfile created on: 3/19/2012 5:35:08 PM - Run 9
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\catt\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 56.80% Memory free
3.50 Gb Paging File | 2.90 Gb Available in Paging File | 83.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 272.92 Gb Total Space | 43.57 Gb Free Space | 15.96% Space Free | Partition Type: NTFS
Drive G: | 3.72 Gb Total Space | 3.69 Gb Free Space | 99.37% Space Free | Partition Type: FAT32

Computer Name: BETSY | User Name: catt | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/19 16:40:21 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\catt\Downloads\OTL(3).exe
PRC - [2012/03/14 08:40:59 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/03 13:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/11/03 13:06:56 | 001,744,312 | ---- | M] (Lavasoft Limited ) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
PRC - [2011/11/03 13:06:56 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/11/03 13:06:56 | 001,101,960 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe
PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/14 08:40:59 | 001,014,744 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/09/01 18:31:25 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2011/11/03 13:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/28 12:28:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/27 03:25:58 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/04 03:00:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/23 09:31:54 | 000,163,680 | -H-- | M] (Digital Delivery Networks, Inc.) [Auto | Stopped] -- C:\Program Files\DDNI\DIBS\DDNIService.exe -- (DDNIService)
SRV - [2010/07/20 11:04:24 | 000,171,872 | -H-- | M] (Digital Delivery Networks, Inc.) [Auto | Stopped] -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe -- (DDNIMSGService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 11:04:28 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\catt\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011/11/03 13:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2011/11/03 13:06:56 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/06/28 12:28:43 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 12:28:43 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/07/21 23:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 17:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/10 11:40:00 | 004,994,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/06/05 19:18:08 | 000,011,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\spio.sys -- (SuperIO)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/04 23:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009/03/02 13:00:32 | 000,016,200 | ---- | M] (Nicomsoft Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\ddcdrv.sys -- (WinI2C-DDC)
DRV - [2008/08/06 14:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{B37A3E90-AEDB-4334-A12D-210C842EF19C}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=723823"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://leftaction.co...en-US:official"
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:4.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: [email protected]:1.7
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.95
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/14 08:41:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/14 08:41:00 | 000,000,000 | ---D | M]

[2010/11/01 09:45:04 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Extensions
[2012/03/18 22:45:46 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions
[2012/01/26 14:09:31 | 000,000,000 | -H-D | M] (WOT) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/01/26 14:09:32 | 000,000,000 | -H-D | M] ("StumbleUpon") -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2012/01/26 14:09:31 | 000,000,000 | -H-D | M] (Add to Amazon Wish List Button) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\[email protected]
[2012/03/18 22:45:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/20 18:33:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/08/12 15:25:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/28 00:50:32 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011/06/27 01:56:16 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2009/07/02 12:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll

O1 HOSTS File: ([2012/03/19 17:13:32 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Healthcare] C:\Program Files\Lenovo\HealthCare\HealthCare.exe (Lenovo)
O4 - HKLM..\Run: [IdeaNotesUser] C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
O4 - HKLM..\Run: [LenovoFSC] C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe (Lenovo (Shenzhen) Electronic Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ycVEDYkOmkxvLr.exe] C:\ProgramData\ycVEDYkOmkxvLr.exe ( )
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\windows\System32\Macromed\Flash\FlashUtil10w_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC3054F0-C6F0-4F36-8132-BBDB287D3BA5}: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/19 17:14:24 | 000,000,000 | ---D | C] -- C:\Users\catt\AppData\Local\Temp
[2012/03/18 05:43:32 | 000,000,000 | -H-D | C] -- C:\Users\catt\Desktop\New folder
[2012/03/05 19:50:14 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Roaming\vlc
[2012/03/05 19:49:39 | 000,000,000 | -H-D | C] -- C:\Users\catt\Documents\Graboid
[2012/03/05 19:46:06 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Local\Graboid_Inc
[2012/03/05 19:46:06 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Local\Graboid Inc
[2012/03/05 19:46:05 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Local\Graboid
[2012/03/05 19:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Graboid Inc
[2012/03/05 19:46:01 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Local\Geckofx
[2012/03/05 19:45:33 | 000,000,000 | -H-D | C] -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graboid Video
[2012/03/05 19:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graboid Video
[2012/03/05 19:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/03/05 19:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\Graboid
[2012/02/21 20:33:53 | 000,000,000 | -H-D | C] -- C:\Users\catt\Documents\recipes for my blog
[2010/04/29 06:40:04 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe

========== Files - Modified Within 30 Days ==========

[2012/03/19 17:18:48 | 000,000,384 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
[2012/03/19 17:18:39 | 000,000,064 | ---- | M] () -- C:\windows\System32\rp_stats.dat
[2012/03/19 17:18:39 | 000,000,044 | ---- | M] () -- C:\windows\System32\rp_rules.dat
[2012/03/19 17:17:00 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/03/19 17:16:53 | 1407,746,048 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/19 17:14:39 | 000,000,878 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/19 17:13:32 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2012/03/19 17:06:56 | 000,000,512 | ---- | M] () -- C:\Users\catt\MBR.dat
[2012/03/18 16:22:06 | 000,661,830 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/03/18 16:22:06 | 000,121,018 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/03/18 16:16:33 | 000,000,264 | ---- | M] () -- C:\ProgramData\~1jv4PjOjeywkjD
[2012/03/18 16:16:33 | 000,000,176 | ---- | M] () -- C:\ProgramData\~1jv4PjOjeywkjDr
[2012/03/18 16:16:31 | 000,000,677 | ---- | M] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/03/18 16:16:31 | 000,000,653 | ---- | M] () -- C:\Users\catt\Desktop\System Check.lnk
[2012/03/18 16:16:26 | 000,000,328 | ---- | M] () -- C:\ProgramData\1jv4PjOjeywkjD
[2012/03/18 16:16:14 | 000,356,352 | ---- | M] ( ) -- C:\ProgramData\1jv4PjOjeywkjD.exe
[2012/03/18 05:31:17 | 000,447,488 | ---- | M] ( ) -- C:\ProgramData\ycVEDYkOmkxvLr.exe
[2012/03/18 04:48:00 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/14 03:26:47 | 000,014,240 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/14 03:26:47 | 000,014,240 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/14 03:19:18 | 000,450,824 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/03/05 19:45:33 | 000,001,252 | -H-- | M] () -- C:\Users\catt\Desktop\Graboid Video.lnk
[2012/02/29 04:20:47 | 000,001,407 | -H-- | M] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/29 04:02:14 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf

========== Files Created - No Company Name ==========

[2012/03/19 17:06:56 | 000,000,512 | ---- | C] () -- C:\Users\catt\MBR.dat
[2012/03/18 16:18:09 | 000,000,384 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
[2012/03/18 16:16:33 | 000,000,264 | ---- | C] () -- C:\ProgramData\~1jv4PjOjeywkjD
[2012/03/18 16:16:33 | 000,000,176 | ---- | C] () -- C:\ProgramData\~1jv4PjOjeywkjDr
[2012/03/18 16:16:31 | 000,000,677 | ---- | C] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/03/18 16:16:31 | 000,000,653 | ---- | C] () -- C:\Users\catt\Desktop\System Check.lnk
[2012/03/18 16:16:26 | 000,000,328 | ---- | C] () -- C:\ProgramData\1jv4PjOjeywkjD
[2012/03/18 16:16:14 | 000,356,352 | ---- | C] ( ) -- C:\ProgramData\1jv4PjOjeywkjD.exe
[2012/03/18 05:31:24 | 000,447,488 | ---- | C] ( ) -- C:\ProgramData\ycVEDYkOmkxvLr.exe
[2012/03/05 19:45:33 | 000,001,252 | -H-- | C] () -- C:\Users\catt\Desktop\Graboid Video.lnk
[2012/02/29 04:20:47 | 000,001,413 | -H-- | C] () -- C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/02/29 04:02:13 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/08/26 15:01:38 | 000,139,264 | ---- | C] () -- C:\windows\System32\gswin32c.exe
[2011/08/10 17:16:08 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/08/10 17:16:08 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011/08/10 17:16:08 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/08/10 17:16:08 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/08/10 17:16:08 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/08/10 17:03:00 | 000,023,624 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/07/31 23:58:10 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat
[2011/07/31 23:58:10 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat
[2011/07/29 02:48:32 | 000,016,432 | ---- | C] () -- C:\windows\System32\lsdelete.exe
[2010/11/03 21:53:06 | 000,136,489 | ---- | C] () -- C:\windows\hphins33.dat
[2010/11/03 21:53:06 | 000,000,512 | ---- | C] () -- C:\windows\hphmdl33.dat
[2010/04/29 07:20:41 | 000,201,728 | ---- | C] () -- C:\windows\SetDrive.exe
[2010/04/29 07:20:41 | 000,036,864 | ---- | C] () -- C:\windows\WinWait.exe
[2010/04/29 06:29:18 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll

========== LOP Check ==========

[2012/03/18 05:31:49 | 000,000,000 | -H-D | M] -- C:\Users\catt\AppData\Roaming\BitTorrent
[2012/01/26 14:09:30 | 000,000,000 | -H-D | M] -- C:\Users\catt\AppData\Roaming\Catalina Marketing Corp
[2012/01/26 14:08:59 | 000,000,000 | -H-D | M] -- C:\Users\catt\AppData\Roaming\OpenOffice.org
[2012/03/19 17:18:48 | 000,000,384 | ---- | M] () -- C:\windows\Tasks\Ad-Aware Update (Weekly).job
[2009/07/13 23:53:46 | 000,025,132 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#12
catttreanor
Posted 19 March 2012 - 09:32 PM

catttreanor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
When I start it in normal mode about 30 windows pop up and say Delayed write failed-Failed to save all the components to the file\\system32\\0000323e. The file is corrupted or unreadable. This error may be caused by a hardware problem. Then a window pops up that says a potential disk failure may cause loss of files, applications, and documents. It is highly recommended that you scan the HDD before continuing to use the PC. There is also a window that says Catalyst Control Center host has stopped working.
  • 0

#13
Essexboy
Posted 20 March 2012 - 02:02 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
There is a re-infection since the last OTL run that I saw - so bigger hammer time

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#14
catttreanor
Posted 20 March 2012 - 02:39 PM

catttreanor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
ComboFix 12-03-20.01 - catt 03/20/2012 15:22:37.3.2 - x86 NETWORK
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1790.1275 [GMT -5:00]
Running from: c:\users\catt\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\~1jv4PjOjeywkjD
c:\programdata\~1jv4PjOjeywkjDr
c:\programdata\1jv4PjOjeywkjD
c:\users\catt\Desktop\System Check.lnk
.
.
((((((((((((((((((((((((( Files Created from 2012-02-20 to 2012-03-20 )))))))))))))))))))))))))))))))
.
.
2012-03-20 20:26 . 2012-03-20 20:26 -------- d-----w- c:\users\catt\AppData\Local\temp
2012-03-20 20:26 . 2012-03-20 20:26 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-03-20 20:26 . 2012-03-20 20:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-20 09:18 . 2012-03-20 09:18 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69B08104-A390-4490-A666-9BAE0EB4EFF4}\offreg.dll
2012-03-18 21:16 . 2012-03-18 21:16 356352 ----a-w- c:\programdata\1jv4PjOjeywkjD.exe
2012-03-18 10:31 . 2012-03-18 10:31 447488 ----a-w- c:\programdata\ycVEDYkOmkxvLr.exe
2012-03-16 17:02 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69B08104-A390-4490-A666-9BAE0EB4EFF4}\mpengine.dll
2012-03-14 05:24 . 2012-02-03 04:01 2341376 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 05:24 . 2012-02-10 05:41 1074176 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 05:24 . 2012-02-10 05:41 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-14 05:24 . 2012-02-10 05:41 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-14 05:24 . 2012-02-10 05:41 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-14 05:24 . 2012-02-10 05:41 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-03-14 05:23 . 2012-01-25 05:44 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 05:23 . 2012-01-25 05:44 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 05:23 . 2012-01-25 05:40 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 05:23 . 2012-02-15 05:44 826368 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 05:23 . 2012-02-15 04:22 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 05:23 . 2012-02-15 04:22 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-06 00:50 . 2012-03-06 00:50 -------- d--h--w- c:\users\catt\AppData\Roaming\vlc
2012-03-06 00:46 . 2012-03-06 00:46 -------- d--h--w- c:\users\catt\AppData\Local\Graboid Inc
2012-03-06 00:46 . 2012-03-06 00:49 -------- d--h--w- c:\users\catt\AppData\Local\Graboid
2012-03-06 00:46 . 2012-03-06 00:46 -------- d-----w- c:\programdata\Graboid Inc
2012-03-06 00:46 . 2012-03-06 00:46 -------- d--h--w- c:\users\catt\AppData\Local\Geckofx
2012-03-06 00:44 . 2012-03-06 00:45 -------- d-----w- c:\program files\Graboid
2012-02-29 09:01 . 2012-02-29 09:01 801792 ----a-w- c:\windows\system32\FntCache.dll
2012-02-29 09:01 . 2012-02-29 09:01 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-02-29 09:01 . 2012-02-29 09:01 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2012-02-29 09:01 . 2012-02-29 09:01 3181568 ----a-w- c:\windows\system32\mf.dll
2012-02-29 09:01 . 2012-02-29 09:01 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-02-29 09:01 . 2012-02-29 09:01 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-02-29 09:01 . 2012-02-29 09:01 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-02-29 09:01 . 2012-02-29 09:01 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-02-29 09:01 . 2012-02-29 09:01 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-02-29 09:01 . 2012-02-29 09:01 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-02-29 09:01 . 2012-02-29 09:01 107520 ----a-w- c:\windows\system32\cdd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 15:18 . 2010-11-04 17:35 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-13_16.05.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-10 03:58 . 2011-12-26 19:08 31504 c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.1.7600.21114_none_829b95996242d8eb\aspnet_wp.exe
+ 2012-01-10 03:58 . 2011-12-26 19:13 31504 c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.1.7600.16936_none_996b0c334899e487\aspnet_wp.exe
+ 2009-07-13 23:42 . 2009-07-14 01:16 41984 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7601.21830_none_579ad6f7c13ca999\wabimp.dll
+ 2009-07-13 23:42 . 2009-07-14 01:16 41984 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7601.17699_none_56d95b58a847985d\wabimp.dll
+ 2009-07-13 23:42 . 2009-07-14 01:16 41984 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7600.21062_none_5595e0fdc42cfa49\wabimp.dll
+ 2009-07-13 23:42 . 2009-07-14 01:16 41984 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7600.16891_none_54eafc02ab2861b9\wabimp.dll
+ 2012-03-14 05:23 . 2012-01-25 05:38 57856 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7600.21136_none_a43e129f5a30a1d5\rdpwsx.dll
+ 2012-03-14 05:23 . 2012-01-25 05:44 57856 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7600.16952_none_a39afcb24126a14f\rdpwsx.dll
+ 2012-03-14 05:23 . 2012-02-17 04:09 24576 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdtcp.sys
+ 2012-03-14 05:23 . 2010-11-20 10:21 18432 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.21924_none_de3273e8bc1f0f12\tdpipe.sys
+ 2012-03-14 05:23 . 2012-02-17 04:13 24576 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdtcp.sys
+ 2012-03-14 05:23 . 2010-11-20 10:21 18432 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17779_none_dd77c70da3257c89\tdpipe.sys
+ 2012-03-14 05:23 . 2012-02-17 04:16 24064 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdtcp.sys
+ 2009-07-14 00:01 . 2009-07-14 00:01 17920 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.21151_none_dc287c7cbf13e10f\tdpipe.sys
+ 2012-03-14 05:23 . 2012-02-15 04:22 24064 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdtcp.sys
+ 2009-07-14 00:01 . 2009-07-14 00:01 17920 c:\windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16963_none_db963837a5fc5ca2\tdpipe.sys
+ 2012-03-14 05:23 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.21924_none_321467207f36f8cc\rdpvideominiport.sys
+ 2012-03-14 05:23 . 2010-11-20 10:21 15872 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17779_none_3159ba45663d6643\rdpvideominiport.sys
+ 2012-01-11 01:35 . 2011-11-19 11:07 67072 c:\windows\winsxs\x86_microsoft-windows-packager_31bf3856ad364e35_6.1.7601.21863_none_f06a092048474399\packager.dll
+ 2012-01-11 01:35 . 2011-11-19 14:01 67072 c:\windows\winsxs\x86_microsoft-windows-packager_31bf3856ad364e35_6.1.7601.17727_none_f00fad2d2f059967\packager.dll
+ 2012-01-11 01:35 . 2011-11-19 11:19 67072 c:\windows\winsxs\x86_microsoft-windows-packager_31bf3856ad364e35_6.1.7600.21094_none_ee6412dc4b387af2\packager.dll
+ 2012-01-11 01:35 . 2011-11-19 14:06 67072 c:\windows\winsxs\x86_microsoft-windows-packager_31bf3856ad364e35_6.1.7600.16917_none_ee34201331d7118a\packager.dll
+ 2009-07-14 00:04 . 2009-07-14 01:14 50176 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.20717_none_9d0cd7e486f8464a\rrinstaller.exe
+ 2009-07-14 00:03 . 2009-07-14 01:14 23040 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.20717_none_9d0cd7e486f8464a\mfpmp.exe
+ 2009-07-14 00:04 . 2009-07-14 01:14 50176 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.16597_none_9c2cb9d36e1b88e1\rrinstaller.exe
+ 2009-07-14 00:03 . 2009-07-14 01:14 23040 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.16597_none_9c2cb9d36e1b88e1\mfpmp.exe
+ 2012-01-26 17:16 . 2011-11-17 05:29 15872 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\sspisrv.dll
+ 2012-01-26 17:16 . 2011-11-17 05:29 22016 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\secur32.dll
+ 2012-01-26 17:16 . 2011-11-17 05:24 22528 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
+ 2012-01-26 17:16 . 2011-11-17 05:35 67440 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\ksecdd.sys
+ 2012-01-26 17:16 . 2011-11-17 05:34 15872 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\sspisrv.dll
+ 2012-01-26 17:16 . 2011-11-17 05:34 22016 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\secur32.dll
+ 2012-01-26 17:16 . 2011-11-17 05:29 22528 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
+ 2012-01-26 17:16 . 2011-11-17 05:41 67440 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\ksecdd.sys
+ 2012-01-26 17:16 . 2011-11-17 07:15 15360 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\sspisrv.dll
+ 2012-01-26 17:16 . 2011-11-17 07:15 22016 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\secur32.dll
+ 2012-01-26 17:16 . 2011-11-17 07:09 22528 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
+ 2012-01-26 17:16 . 2011-11-17 07:20 67440 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\ksecdd.sys
+ 2012-01-26 17:16 . 2011-11-17 05:39 15360 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\sspisrv.dll
+ 2012-01-26 17:16 . 2011-11-17 05:39 99840 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\sspicli.dll
+ 2012-01-26 17:16 . 2011-11-17 05:39 22016 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\secur32.dll
+ 2012-01-26 17:16 . 2011-11-17 05:36 22528 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
+ 2012-01-26 17:16 . 2011-11-17 05:48 67440 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\ksecdd.sys
+ 2012-02-29 09:02 . 2012-02-29 09:02 86528 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_9.4.8112.16421_none_3411bc8ed442d7a8\iesysprep.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 78848 c:\windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_9.4.8112.16421_none_b1befe64620e9eb3\inseng.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 74752 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_9.4.8112.16421_none_de5057e278bf9ae3\iesetup.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 31744 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_9.4.8112.16421_none_de5057e278bf9ae3\iernonce.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 74240 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_9.4.8112.16421_none_de5057e278bf9ae3\ie4uinit.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 83456 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_9.4.8112.16421_none_05f58d6b02d23b61\PDMSetup.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 49664 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilercore_31bf3856ad364e35_9.4.8112.16421_none_23273f2d4ba58c6b\JSProfilerCore.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 66048 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_9.4.8112.16421_none_731b22247e84589a\icardie.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 22016 c:\windows\winsxs\x86_microsoft-windows-ie-impexp-extexport_31bf3856ad364e35_9.4.8112.16421_none_467d635eddcbe7c3\ExtExport.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 35840 c:\windows\winsxs\x86_microsoft-windows-ie-imagesupport_31bf3856ad364e35_9.4.8112.16421_none_56746b920d54cd22\imgutil.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 48640 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_9.4.8112.16421_none_0bed293ed46cedb6\mshtmler.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 72704 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_9.4.8112.16441_none_6092ec4d5dbb4e4b\mshtmled.dll
+ 2012-02-15 14:02 . 2011-12-16 08:58 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.21878_none_65375cc131f37d96\mshtmled.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.21855_none_6549fbbb31e5f9af\mshtmled.dll
+ 2011-10-13 03:07 . 2011-08-20 05:50 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.21795_none_651eba2532066c4c\mshtmled.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.17744_none_64ca2e9218c1249d\mshtmled.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.17720_none_64dbcd4218b4875f\mshtmled.dll
+ 2011-10-13 03:07 . 2011-08-20 04:27 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7601.17671_none_64a6bc0a18dc2f44\mshtmled.dll
+ 2012-02-15 14:02 . 2011-12-16 07:49 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.21108_none_639c875134948155\mshtmled.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.21085_none_6343052d34d817b1\mshtmled.dll
+ 2011-10-13 03:07 . 2011-08-20 04:32 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.21033_none_6377143534b1594e\mshtmled.dll
+ 2012-02-15 14:02 . 2011-12-16 07:59 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.16930_none_62eaa0501b963764\mshtmled.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.16912_none_630240bc1b843230\mshtmled.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 67072 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.7600.16869_none_62d331401ba6721f\mshtmled.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 11776 c:\windows\winsxs\x86_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_9.4.8112.16421_none_71d991ff23a3e055\mshta.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 74752 c:\windows\winsxs\x86_microsoft-windows-ie-gc-registeriepkeys_31bf3856ad364e35_9.4.8112.16421_none_406878db3e15ac14\RegisterIEPKEYs.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 10752 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_9.4.8112.16421_none_14cd91c7f508553a\msfeedssync.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 41472 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_9.4.8112.16421_none_14cd91c7f508553a\msfeedsbs.dll
+ 2012-02-15 14:02 . 2011-12-16 07:46 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21108_none_17c18cf3cbf1c026\msfeedssync.exe
+ 2012-02-15 14:02 . 2011-12-16 07:49 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21108_none_17c18cf3cbf1c026\msfeedsbs.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21085_none_17680acfcc355682\msfeedssync.exe
+ 2011-12-14 11:52 . 2011-11-05 04:34 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21085_none_17680acfcc355682\msfeedsbs.dll
+ 2011-10-13 03:07 . 2011-08-20 04:28 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21033_none_179c19d7cc0e981f\msfeedssync.exe
+ 2011-10-13 03:07 . 2011-08-20 04:32 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.21033_none_179c19d7cc0e981f\msfeedsbs.dll
+ 2012-02-15 14:02 . 2011-12-16 07:56 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16930_none_170fa5f2b2f37635\msfeedssync.exe
+ 2012-02-15 14:02 . 2011-12-16 07:59 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16930_none_170fa5f2b2f37635\msfeedsbs.dll
+ 2011-12-14 11:52 . 2011-11-05 04:32 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16912_none_1727465eb2e17101\msfeedssync.exe
+ 2011-12-14 11:52 . 2011-11-05 04:34 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16912_none_1727465eb2e17101\msfeedsbs.dll
+ 2011-10-13 03:07 . 2011-08-20 04:32 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16869_none_16f836e2b303b0f0\msfeedssync.exe
+ 2011-10-13 03:07 . 2011-08-20 04:35 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16869_none_16f836e2b303b0f0\msfeedsbs.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 23552 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_9.4.8112.16421_none_e260faa86a390a42\licmgr10.dll
+ 2012-02-15 14:02 . 2011-12-16 07:48 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.21108_none_e554f5d44122752e\licmgr10.dll
+ 2011-12-14 11:52 . 2011-11-05 04:33 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.21085_none_e4fb73b041660b8a\licmgr10.dll
+ 2011-10-13 03:07 . 2011-08-20 04:31 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.21033_none_e52f82b8413f4d27\licmgr10.dll
+ 2012-02-15 14:02 . 2011-12-16 07:58 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.16930_none_e4a30ed328242b3d\licmgr10.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.16912_none_e4baaf3f28122609\licmgr10.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 44544 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.7600.16869_none_e48b9fc3283465f8\licmgr10.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 66048 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\WininetPlugin.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 65024 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\jsproxy.dll
+ 2012-02-15 14:02 . 2011-12-16 09:00 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_1ef766d79061ca88\WininetPlugin.dll
+ 2012-02-15 14:02 . 2011-12-16 08:57 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_1ef766d79061ca88\jsproxy.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21855_none_1f0a05d1905446a1\WininetPlugin.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21855_none_1f0a05d1905446a1\jsproxy.dll
+ 2011-10-13 03:07 . 2011-08-20 05:53 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_1edec43b9074b93e\WininetPlugin.dll
+ 2011-10-13 03:07 . 2011-08-20 05:49 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_1edec43b9074b93e\jsproxy.dll
+ 2012-02-15 14:02 . 2011-12-16 07:54 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_1e8a38a8772f718f\WininetPlugin.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_1e8a38a8772f718f\jsproxy.dll
+ 2011-12-14 11:52 . 2011-11-05 04:35 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17720_none_1e9bd7587722d451\WininetPlugin.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17720_none_1e9bd7587722d451\jsproxy.dll
+ 2011-10-13 03:07 . 2011-08-20 04:31 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_1e66c620774a7c36\WininetPlugin.dll
+ 2011-10-13 03:07 . 2011-08-20 04:27 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_1e66c620774a7c36\jsproxy.dll
+ 2012-02-15 14:02 . 2011-12-16 07:51 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_1d5c91679302ce47\WininetPlugin.dll
+ 2012-02-15 14:02 . 2011-12-16 07:48 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_1d5c91679302ce47\jsproxy.dll
+ 2011-12-14 11:52 . 2011-11-05 04:37 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21085_none_1d030f43934664a3\WininetPlugin.dll
+ 2011-12-14 11:52 . 2011-11-05 04:33 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21085_none_1d030f43934664a3\jsproxy.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_1d371e4b931fa640\WininetPlugin.dll
+ 2011-10-13 03:07 . 2011-08-20 04:31 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_1d371e4b931fa640\jsproxy.dll
+ 2012-02-15 14:02 . 2011-12-16 08:02 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_1caaaa667a048456\WininetPlugin.dll
+ 2012-02-15 14:02 . 2011-12-16 07:58 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_1caaaa667a048456\jsproxy.dll
+ 2011-12-14 11:52 . 2011-11-05 04:35 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16912_none_1cc24ad279f27f22\WininetPlugin.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16912_none_1cc24ad279f27f22\jsproxy.dll
+ 2011-10-13 03:07 . 2011-08-20 04:38 68608 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_1c933b567a14bf11\WininetPlugin.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 48128 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_1c933b567a14bf11\jsproxy.dll
+ 2011-12-14 11:52 . 2010-11-20 12:17 40448 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7601.21855_none_17ae219281114d21\tzupd.exe
+ 2011-08-24 05:53 . 2011-07-09 05:50 40448 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7601.21767_none_17a5505481179e99\tzupd.exe
+ 2011-08-24 05:53 . 2011-07-09 04:32 40448 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7601.17720_none_173ff31967dfdad1\tzupd.exe
+ 2011-08-24 05:53 . 2011-07-09 04:32 40448 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7601.17647_none_1731536167e9c6ed\tzupd.exe
+ 2011-12-14 11:52 . 2011-11-05 04:31 40448 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7600.21085_none_15a72b0484036b23\tzupd.exe
+ 2011-08-24 05:53 . 2011-07-09 04:24 40448 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7600.21005_none_15fdaa6483c28b9b\tzupd.exe
+ 2011-08-24 05:53 . 2011-07-09 04:33 40448 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7600.16912_none_156666936aaf85a2\tzupd.exe
+ 2011-08-24 05:53 . 2011-07-09 04:33 40448 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7600.16847_none_154af65b6ac35b01\tzupd.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 97280 c:\windows\winsxs\x86_microsoft-windows-i..eoptionalcomponents_31bf3856ad364e35_9.4.8112.16421_none_1a39851f718708ff\ConfigureIEOptionalComponents.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 54272 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_9.4.8112.16421_none_064611e72dafc564\pngfilt.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 76800 c:\windows\winsxs\x86_microsoft-windows-i..-setieinstalleddate_31bf3856ad364e35_9.4.8112.16421_none_20f6a468db4fac99\SetIEInstalledDate.exe
+ 2011-12-14 11:52 . 2011-10-26 06:13 38912 c:\windows\winsxs\x86_microsoft-windows-csrsrv_31bf3856ad364e35_6.1.7601.21847_none_cbfad2a21cd2f4c4\csrsrv.dll
+ 2011-12-14 11:52 . 2011-10-26 04:28 38912 c:\windows\winsxs\x86_microsoft-windows-csrsrv_31bf3856ad364e35_6.1.7601.17713_none_cb8da47303a09bcb\csrsrv.dll
+ 2011-12-14 11:52 . 2011-10-26 04:29 38912 c:\windows\winsxs\x86_microsoft-windows-csrsrv_31bf3856ad364e35_6.1.7600.21077_none_c9f3dc141fc512c6\csrsrv.dll
+ 2011-12-14 11:52 . 2011-10-26 04:25 38912 c:\windows\winsxs\x86_microsoft-windows-csrsrv_31bf3856ad364e35_6.1.7600.16905_none_c9b417ed0670469c\csrsrv.dll
+ 2009-07-27 02:02 . 2012-03-20 03:21 42582 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2012-03-20 03:21 44080 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-01-26 17:16 . 2011-11-17 05:39 15360 c:\windows\System32\sspisrv.dll
- 2009-07-13 23:11 . 2009-07-14 01:16 15360 c:\windows\System32\sspisrv.dll
- 2009-07-13 23:12 . 2009-07-14 01:16 99840 c:\windows\System32\sspicli.dll
+ 2012-01-26 17:16 . 2011-11-17 05:39 99840 c:\windows\System32\sspicli.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 76800 c:\windows\System32\SetIEInstalledDate.exe
+ 2012-01-26 17:16 . 2011-11-17 05:39 22016 c:\windows\System32\secur32.dll
- 2009-07-13 23:33 . 2009-07-14 01:16 22016 c:\windows\System32\secur32.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 74752 c:\windows\System32\RegisterIEPKEYs.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 54272 c:\windows\System32\pngfilt.dll
+ 2012-01-11 01:35 . 2011-11-19 14:06 67072 c:\windows\System32\packager.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 48640 c:\windows\System32\mshtmler.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 72704 c:\windows\System32\mshtmled.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 11776 c:\windows\System32\mshta.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 10752 c:\windows\System32\msfeedssync.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 41472 c:\windows\System32\msfeedsbs.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 66048 c:\windows\System32\migration\WininetPlugin.dll
+ 2011-07-29 07:48 . 2011-11-18 22:50 16432 c:\windows\System32\lsdelete.exe
- 2011-07-29 07:48 . 2011-07-29 05:23 16432 c:\windows\System32\lsdelete.exe
+ 2012-01-26 17:16 . 2011-11-17 05:36 22528 c:\windows\System32\lsass.exe
- 2009-07-13 23:11 . 2009-07-14 01:14 22528 c:\windows\System32\lsass.exe
- 2010-11-01 14:48 . 2010-11-01 11:37 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
+ 2010-11-01 14:48 . 2012-01-26 09:17 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
+ 2012-02-29 09:02 . 2012-02-29 09:02 23552 c:\windows\System32\licmgr10.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 65024 c:\windows\System32\jsproxy.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 78848 c:\windows\System32\inseng.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 35840 c:\windows\System32\imgutil.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 86528 c:\windows\System32\iesysprep.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 74752 c:\windows\System32\iesetup.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 31744 c:\windows\System32\iernonce.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 74240 c:\windows\System32\ie4uinit.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 66048 c:\windows\System32\icardie.dll
- 2011-07-29 04:56 . 2011-07-21 19:59 64512 c:\windows\System32\DRVSTORE\lbd_69523D0F7F903BDB477CD80CFD35086362532B23\Lbd.sys
+ 2011-07-29 04:56 . 2011-11-03 18:06 64512 c:\windows\System32\DRVSTORE\lbd_69523D0F7F903BDB477CD80CFD35086362532B23\Lbd.sys
+ 2010-12-10 00:31 . 2011-12-10 21:24 20464 c:\windows\System32\drivers\mbam.sys
+ 2011-07-29 04:56 . 2011-11-03 18:06 64512 c:\windows\System32\drivers\Lbd.sys
- 2011-07-29 04:56 . 2011-07-21 19:59 64512 c:\windows\System32\drivers\Lbd.sys
+ 2012-01-26 17:16 . 2011-11-17 05:48 67440 c:\windows\System32\drivers\ksecdd.sys
- 2009-07-13 23:11 . 2009-07-14 01:15 38912 c:\windows\System32\csrsrv.dll
+ 2011-12-14 11:52 . 2011-10-26 04:25 38912 c:\windows\System32\csrsrv.dll
+ 2010-11-02 10:59 . 2012-03-20 15:37 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-02 10:59 . 2011-08-12 22:36 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-02 10:59 . 2011-08-12 22:36 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-11-02 10:59 . 2012-03-20 15:37 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:41 . 2011-08-12 22:36 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:41 . 2012-03-20 15:37 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-02 02:57 . 2011-10-17 06:12 27796 c:\windows\System32\config\systemprofile\AppData\Local\ATI\ACE\Manifest.Bin
- 2010-11-02 02:57 . 2011-07-23 20:43 27796 c:\windows\System32\config\systemprofile\AppData\Local\ATI\ACE\Manifest.Bin
+ 2011-08-11 08:03 . 2012-03-14 13:40 16384 c:\windows\System32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
- 2011-08-11 08:03 . 2011-08-11 08:29 16384 c:\windows\System32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2011-08-24 05:53 . 2011-07-09 04:33 40448 c:\windows\servicing\GC32\tzupd.exe
- 2010-04-29 11:34 . 2010-02-02 07:47 40448 c:\windows\servicing\GC32\tzupd.exe
+ 2010-11-01 14:40 . 2012-02-24 22:27 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-01 14:40 . 2011-08-12 22:34 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:34 . 2011-08-12 16:48 78720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:34 . 2012-03-20 03:22 78720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-11-01 14:40 . 2012-02-24 22:27 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-11-01 14:40 . 2011-08-12 22:34 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-11-01 14:40 . 2011-08-12 22:34 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-01 14:40 . 2012-02-24 22:27 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-11-01 11:52 . 2011-08-12 22:34 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-01 11:52 . 2012-02-24 22:27 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-01 11:52 . 2011-08-12 22:34 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-01 11:52 . 2012-02-24 22:27 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-01-10 03:58 . 2011-12-26 19:13 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2012-01-31 07:43 . 2012-01-31 07:43 25600 c:\windows\Installer\11707e64.msi
+ 2010-04-29 11:45 . 2012-03-14 08:01 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-04-29 11:45 . 2012-03-14 08:01 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-04-29 11:45 . 2012-03-14 08:01 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-22 09:08 . 2012-02-16 09:03 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2011-01-22 09:08 . 2011-06-16 08:02 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-10-28 05:50 . 2011-10-28 05:50 53248 c:\windows\Installer\{7B093237-EDA8-4CF9-90A4-2E9DA6150423}\ARPPRODUCTICON.exe
+ 2011-11-17 21:45 . 2011-11-17 21:45 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2011-11-17 21:45 . 2011-11-17 21:45 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2011-11-17 21:45 . 2011-11-17 21:45 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2011-11-17 21:45 . 2011-11-17 21:45 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2011-11-17 21:45 . 2011-11-17 21:45 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2011-11-17 21:45 . 2011-11-17 21:45 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2011-11-17 21:45 . 2011-11-17 21:45 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ARPPRODUCTICON.exe
+ 2009-02-27 00:45 . 2009-02-27 00:45 20808 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.6612\WRD12EXE.EXE
+ 2006-07-24 17:50 . 2006-07-24 17:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.6612\VBAME.DLL
+ 2006-07-24 17:50 . 2006-07-24 17:50 92976 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.6612\MSADDNDR.DLL
+ 2010-04-29 11:45 . 2010-04-29 11:45 35648 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.4518\OLCTLPIA.DLL
+ 2009-04-02 19:01 . 2009-04-02 19:01 56680 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.4518\EXP_XPS.DLL
+ 2009-04-04 01:46 . 2009-04-04 01:46 97640 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.4518\EXP_PDF.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 56192 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.4518\ACECNFLT.EXE
+ 2010-04-29 11:45 . 2010-04-29 11:45 35648 c:\windows\Installer\$PatchCache$\Managed\00002105501100000000000000F01FEC\12.0.4518\OLCTLPIA.DLL
+ 2012-02-16 09:26 . 2012-02-16 09:26 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\eb7b71398321047e40646406b1a86741\WindowsLiveWriter.ni.exe
+ 2012-02-16 09:27 . 2012-02-16 09:27 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\40ce7736522d0cc5511756cc1b5b30e6\WindowsLive.Writer.Api.ni.dll
+ 2011-10-13 08:25 . 2011-10-13 08:25 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\fccf285ecdd9091a3f8d5e73d79c3300\UIAutomationProvider.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1cd4052146cc9bb01abadc777c7f44b2\System.Windows.Presentation.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\cc9cbb64a4d1dce2bd2074ea9d352d6e\System.Web.DynamicData.Design.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\60d88a8af5cdd8999b44bb7a05a411ee\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-13 08:30 . 2011-10-13 08:30 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\49c0850ff20d17128d372aec3efddba2\System.AddIn.Contract.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\a1884b052daaffbf1e67b525fa089cdc\stdole.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 14848 c:\windows\assembly\NativeImages_v2.0.50727_32\SBAIUI\b3e28b71321893b6c99d1f2f5bf08843\SBAIUI.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\b9becc8d608b41214c1e302bf83b70ce\PresentationFontCache.ni.exe
+ 2012-02-16 09:23 . 2012-02-16 09:23 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\b669ed26c27a26dbe32110e21034faa7\PresentationCFFRasterizer.ni.dll
+ 2011-10-13 08:30 . 2011-10-13 08:30 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\4564de62ceb9621599e5518edde9136d\napcrypt.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\40746255e5ed5b6d9fee97cb92a47365\Microsoft.WSMan.Runtime.ni.dll
+ 2011-10-13 08:30 . 2011-10-13 08:30 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\b39a7302b1422ace86306c75e8f887ea\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\96a8df699026350272acac1a8ebbc4a9\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-10-13 08:30 . 2011-10-13 08:30 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\8c3ddb5ca305c2e2fc17de42e43099f6\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\81591b12334fde27ffe2d11adcbbdc28\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\70899eabff59b9163844e6ade176f986\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 86016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\42678ba63e02063ca2dc3633a39a7902\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\0b054e94050fa74a91ec78396fc98074\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\7966d0ae949f0d97d94970256b9bf455\Microsoft.Vsa.ni.dll
+ 2011-10-13 08:23 . 2011-10-13 08:23 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\6e7774cf6c789f580f403693a07a919f\Microsoft.VisualC.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 95232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\e087dcb6bdccc1517ab3608e1b5b8c1f\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\3c5966522b6d07720785ff832b1d4bdc\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.e#\9bc5341c3eb4110b18a70e61511956b6\Microsoft.Interop.eCRM.NetFw.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 62976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.e#\09259002bfdf6d84a2e8d10d44ca804a\Microsoft.Interop.eCRM.Ole.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c60683cf7fbf944620b248a5b3fb2847\Microsoft.Build.Framework.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\36d1bfcdc1632fa8fdc0a1e72e763a0f\Microsoft.Build.Framework.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft-Windows-H#\84402f94c22f9a6ba43192acafe79665\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 23552 c:\windows\assembly\NativeImages_v2.0.50727_32\LoadMxf\0bfc7427b3604ed0a90ee5fa149eeac1\LoadMxf.ni.exe
+ 2011-10-13 08:27 . 2011-10-13 08:27 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\ILoader\bda186b22cd55439819dc78c9a7731e3\ILoader.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\Extensibility\dd393ee2515a7c374a9dd8214ea8a258\Extensibility.ni.dll
+ 2011-10-13 08:23 . 2011-10-13 08:23 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\00c50dd89debd099ed76d2be3c461967\ehiUserXp.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUPnP\4559ee202f0e6e3ed1e6fbe3eefcc317\ehiUPnP.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiTVMSMusic\99869318c811e0809ef93127c709305d\ehiTVMSMusic.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 82432 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiiTv\30ad8034370ce16fba4ccd90d20bf7be\ehiiTv.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 33792 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiBmlDataCarousel\afa0fb4319b2233e8a1860b2cdeabcb8\ehiBmlDataCarousel.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiActivScp\dfbebbad055a598e0a52b9b35de6e620\ehiActivScp.ni.dll
+ 2011-10-13 08:28 . 2011-10-13 08:28 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\07b33a62990232f9df1cbe7078430571\dfsvc.ni.exe
+ 2011-10-13 08:24 . 2011-10-13 08:24 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d71769228ebe7732ae31ac194fe00ff0\Accessibility.ni.dll
+ 2011-08-26 20:13 . 2011-08-26 20:13 11264 c:\windows\assembly\GAC_MSIL\cli_basetypes\1.0.18.0__ce2cb7e279207b9e\cli_basetypes.dll
+ 2011-08-26 20:13 . 2011-08-26 20:13 64000 c:\windows\assembly\GAC_32\cli_cppuhelper\1.0.21.0__ce2cb7e279207b9e\cli_cppuhelper.dll
+ 2012-02-22 09:04 . 2012-02-22 09:04 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2012-02-22 09:04 . 2012-02-22 09:04 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2010-04-29 11:46 . 2010-04-29 11:46 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2012-02-22 09:04 . 2012-02-22 09:04 34696 c:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2012-03-14 05:23 . 2012-01-25 13:42 8192 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7601.21907_none_9cb016ace2622726\rdrmemptylst.exe
+ 2012-03-14 05:23 . 2012-01-25 05:27 8192 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7601.17767_none_9be59873c97531db\rdrmemptylst.exe
+ 2012-03-14 05:23 . 2012-01-25 05:33 8192 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7600.21136_none_9aa81fd4e5552bd1\rdrmemptylst.exe
+ 2012-03-14 05:23 . 2012-01-25 05:40 8192 c:\windows\winsxs\x86_microsoft-windows-t..instationextensions_31bf3856ad364e35_6.1.7600.16952_none_9a0509e7cc4b2b4b\rdrmemptylst.exe
+ 2009-07-13 23:25 . 2009-07-14 01:16 9216 c:\windows\winsxs\x86_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7601.21802_none_6d1e97a899bd2007\oleacchooks.dll
+ 2009-07-13 23:25 . 2009-07-14 01:16 9216 c:\windows\winsxs\x86_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7601.17676_none_6c4d4aab80d4ac09\oleacchooks.dll
+ 2009-07-13 23:25 . 2009-07-14 01:16 9216 c:\windows\winsxs\x86_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7600.21036_none_6b1ba2429caba365\oleacchooks.dll
+ 2009-07-13 23:25 . 2009-07-14 01:16 9216 c:\windows\winsxs\x86_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7600.16872_none_6a62ec7d83b1dac1\oleacchooks.dll
+ 2009-07-14 00:03 . 2009-07-14 01:06 2048 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.20717_none_9d0cd7e486f8464a\mferror.dll
+ 2009-07-14 00:03 . 2009-07-14 01:06 2048 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.16597_none_9c2cb9d36e1b88e1\mferror.dll
+ 2011-12-14 11:52 . 2011-11-05 04:26 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7601.21855_none_17ae219281114d21\tzres.dll
+ 2011-08-24 05:53 . 2011-07-09 05:46 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7601.21767_none_17a5505481179e99\tzres.dll
+ 2011-12-14 11:52 . 2011-11-05 04:26 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7601.17720_none_173ff31967dfdad1\tzres.dll
+ 2011-08-24 05:53 . 2011-07-09 04:29 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7601.17647_none_1731536167e9c6ed\tzres.dll
+ 2011-12-14 11:52 . 2011-11-05 04:29 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7600.21085_none_15a72b0484036b23\tzres.dll
+ 2011-08-24 05:53 . 2011-07-09 04:22 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7600.21005_none_15fdaa6483c28b9b\tzres.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7600.16912_none_156666936aaf85a2\tzres.dll
+ 2011-08-24 05:53 . 2011-07-09 04:30 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.1.7600.16847_none_154af65b6ac35b01\tzres.dll
+ 2010-11-01 11:51 . 2012-03-20 03:21 9950 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2768097390-484889731-359739942-1004_UserData.bin
+ 2011-12-14 11:52 . 2011-11-05 04:30 2048 c:\windows\System32\tzres.dll
- 2010-12-16 05:11 . 2010-10-27 04:32 2048 c:\windows\System32\tzres.dll
+ 2011-08-26 20:01 . 2011-06-07 22:46 2463 c:\windows\System32\gs\gs8.71\lib\wmakebat.bat
- 2011-08-13 15:58 . 2011-08-13 15:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-20 03:25 . 2012-03-20 15:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-13 15:58 . 2011-08-13 15:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-20 03:25 . 2012-03-20 15:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-26 20:13 . 2011-08-26 20:13 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_uretypes\7.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_uretypes.dll
+ 2011-08-26 20:13 . 2011-08-26 20:13 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_ure\21.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
+ 2011-08-26 20:13 . 2011-08-26 20:13 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_oootypes\7.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_oootypes.dll
+ 2011-08-26 20:13 . 2011-08-26 20:13 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_basetypes\18.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
+ 2011-08-26 20:13 . 2011-08-26 20:13 7680 c:\windows\assembly\GAC_MSIL\cli_ure\1.0.21.0__ce2cb7e279207b9e\cli_ure.dll
+ 2011-08-26 20:13 . 2011-08-26 20:13 3072 c:\windows\assembly\GAC_32\policy.1.0.cli_cppuhelper\21.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
+ 2012-01-10 03:58 . 2011-12-26 19:08 437520 c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.1.7600.21114_none_f45200140de55f71\webengine.dll
+ 2012-01-10 03:58 . 2011-12-26 19:13 437008 c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.1.7600.16936_none_0b2176adf43c6b0d\webengine.dll
+ 2011-10-13 03:09 . 2011-07-08 22:33 388936 c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.1.7600.21005_none_d1a166c6d0d361e0\SOS.dll
+ 2011-10-13 03:09 . 2011-07-08 22:35 388936 c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.1.7600.16847_none_e872ddf4b728a02a\SOS.dll
+ 2011-10-13 03:09 . 2011-07-08 22:32 989528 c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.1.7600.21005_none_e8d31f05dcde85cb\mscordacwks.dll
+ 2011-10-13 03:09 . 2011-07-08 22:35 995160 c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.1.7600.16847_none_ffa49633c333c415\mscordacwks.dll
+ 2011-10-13 03:08 . 2011-08-17 06:09 280576 c:\windows\winsxs\x86_microsoft.mediacenter.interop_31bf3856ad364e35_6.1.7601.21792_none_e25a6bd1f22bbe3d\Microsoft.MediaCenter.Interop.dll
+ 2011-10-13 03:08 . 2011-08-17 04:28 280576 c:\windows\winsxs\x86_microsoft.mediacenter.interop_31bf3856ad364e35_6.1.7601.17669_none_e1f840d0d8ef7c01\Microsoft.MediaCenter.Interop.dll
+ 2011-10-13 03:08 . 2011-08-17 04:31 280576 c:\windows\winsxs\x86_microsoft.mediacenter.interop_31bf3856ad364e35_6.1.7600.21030_none_e0b2c5e1f4d6ab3f\Microsoft.MediaCenter.Interop.dll
+ 2011-10-13 03:08 . 2011-08-17 04:30 280576 c:\windows\winsxs\x86_microsoft.mediacenter.interop_31bf3856ad364e35_6.1.7600.16867_none_e00fe336dbcadd67\Microsoft.MediaCenter.Interop.dll
+ 2012-01-26 17:16 . 2011-11-17 05:29 314880 c:\windows\winsxs\x86_microsoft-windows-webio_31bf3856ad364e35_6.1.7601.21861_none_5f423426563e2d4f\webio.dll
+ 2012-01-26 17:16 . 2011-11-17 05:35 314880 c:\windows\winsxs\x86_microsoft-windows-webio_31bf3856ad364e35_6.1.7601.17725_none_5ee7d8333cfc831d\webio.dll
+ 2012-01-26 17:16 . 2011-11-17 07:15 314368 c:\windows\winsxs\x86_microsoft-windows-webio_31bf3856ad364e35_6.1.7600.21092_none_5d3c3de2592f64a8\webio.dll
+ 2012-01-26 17:16 . 2011-11-17 05:39 314368 c:\windows\winsxs\x86_microsoft-windows-webio_31bf3856ad364e35_6.1.7600.16915_none_5d0c4b193fcdfb40\webio.dll
+ 2011-11-08 18:46 . 2011-10-01 06:09 708608 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7601.21830_none_579ad6f7c13ca999\wab32.dll
+ 2011-11-08 18:46 . 2011-10-01 04:37 708608 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7601.17699_none_56d95b58a847985d\wab32.dll
+ 2011-11-08 18:46 . 2011-10-01 04:39 708608 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7600.21062_none_5595e0fdc42cfa49\wab32.dll
+ 2011-11-08 18:46 . 2011-10-01 04:43 708608 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7600.16891_none_54eafc02ab2861b9\wab32.dll
+ 2011-10-13 03:08 . 2011-08-17 06:03 465408 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.1.7601.21792_none_de35c0d2ceb20753\psisdecd.dll
+ 2011-10-13 03:08 . 2011-08-17 04:24 465408 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.1.7601.17669_none_ddd395d1b575c517\psisdecd.dll
+ 2011-10-13 03:08 . 2011-08-17 04:28 465408 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.1.7600.21030_none_dc8e1ae2d15cf455\psisdecd.dll
+ 2011-10-13 03:08 . 2011-08-17 04:26 465408 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.1.7600.16867_none_dbeb3837b851267d\psisdecd.dll
+ 2011-12-14 11:52 . 2011-10-15 07:17 534528 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.1.7601.21840_none_e2e4b00705e2426c\EncDec.dll
+ 2011-12-14 11:52 . 2011-10-15 05:38 534528 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.1.7601.17708_none_e28e553bec9cfd96\EncDec.dll
+ 2011-12-14 11:52 . 2011-10-15 05:33 534528 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.1.7600.21070_none_e0ddb97908d4606e\EncDec.dll
+ 2011-12-14 11:52 . 2011-10-15 05:48 534528 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.1.7600.16899_none_e047a74defbea953\EncDec.dll
+ 2011-11-08 18:46 . 2011-09-29 16:17 187760 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\FWPKCLNT.SYS
+ 2011-06-15 22:06 . 2010-11-20 12:29 187776 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\FWPKCLNT.SYS
+ 2011-11-08 18:46 . 2011-09-29 16:02 187248 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\FWPKCLNT.SYS
+ 2009-07-13 23:12 . 2009-07-14 01:20 187472 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\FWPKCLNT.SYS
+ 2012-03-14 05:23 . 2012-02-17 04:16 152064 c:\windows\winsxs\x86_microsoft-windows-t..s-rdp-displaydriver_31bf3856ad364e35_6.1.7600.21151_none_e5081a03cf558ee4\rdpdd.dll
+ 2012-03-14 05:23 . 2012-01-25 05:38 129536 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7600.21136_none_a43e129f5a30a1d5\rdpcorekmts.dll
+ 2012-03-14 05:23 . 2012-01-25 05:44 129536 c:\windows\winsxs\x86_microsoft-windows-t..extensions-binaries_31bf3856ad364e35_6.1.7600.16952_none_a39afcb24126a14f\rdpcorekmts.dll
+ 2012-03-14 05:23 . 2012-02-17 04:09 183808 c:\windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.21924_none_4dfbc4c44c6a5495\rdpwd.sys
+ 2012-03-14 05:23 . 2012-02-17 04:14 183808 c:\windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17779_none_4d4117e93370c20c\rdpwd.sys
+ 2012-03-14 05:23 . 2012-02-17 04:16 178176 c:\windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.21151_none_4bf1cd584f5f2692\rdpwd.sys
+ 2012-03-14 05:23 . 2012-02-15 04:22 177152 c:\windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16963_none_4b5f89133647a225\rdpwd.sys
+ 2012-03-14 05:23 . 2012-02-17 05:30 826880 c:\windows\winsxs\x86_microsoft-windows-t..-collaboration-core_31bf3856ad364e35_6.1.7601.21924_none_bd9532d96d928465\rdpcore.dll
+ 2012-03-14 05:23 . 2012-02-17 05:34 826880 c:\windows\winsxs\x86_microsoft-windows-t..-collaboration-core_31bf3856ad364e35_6.1.7601.17779_none_bcda85fe5498f1dc\rdpcore.dll
+ 2012-03-14 05:23 . 2012-02-17 05:43 827904 c:\windows\winsxs\x86_microsoft-windows-t..-collaboration-core_31bf3856ad364e35_6.1.7600.21151_none_bb8b3b6d70875662\rdpcore.dll
+ 2012-03-14 05:23 . 2012-02-15 05:44 826368 c:\windows\winsxs\x86_microsoft-windows-t..-collaboration-core_31bf3856ad364e35_6.1.7600.16963_none_baf8f728576fd1f5\rdpcore.dll
+ 2012-01-26 17:16 . 2011-11-17 05:29 224768 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.21861_none_246e4516cccdc994\schannel.dll
+ 2012-01-26 17:16 . 2011-11-17 05:34 224768 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7601.17725_none_2413e923b38c1f62\schannel.dll
+ 2012-01-26 17:16 . 2011-11-17 07:15 224768 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.21092_none_22684ed2cfbf00ed\schannel.dll
+ 2012-01-26 17:16 . 2011-11-17 05:39 224768 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.1.7600.16915_none_22385c09b65d9785\schannel.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 420864 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_9.4.8112.16421_none_60d9a60d482d54be\vbscript.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 716800 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_9.4.8112.16441_none_9b49eb7d117ae064\jscript.dll
+ 2012-03-14 05:23 . 2010-11-20 10:24 134656 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.21924_none_321467207f36f8cc\rdpudd.dll
+ 2012-03-14 05:23 . 2012-02-17 05:30 919040 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.21924_none_321467207f36f8cc\rdpcorets.dll
+ 2012-03-14 05:23 . 2010-11-20 10:24 134656 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17779_none_3159ba45663d6643\rdpudd.dll
+ 2012-03-14 05:23 . 2012-02-17 05:34 919040 c:\windows\winsxs\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17779_none_3159ba45663d6643\rdpcorets.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 442880 c:\windows\winsxs\x86_microsoft-windows-printing-xpsprint_31bf3856ad364e35_6.1.7600.20830_none_ac342bda8b986ebf\XpsPrint.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 442880 c:\windows\winsxs\x86_microsoft-windows-printing-xpsprint_31bf3856ad364e35_6.1.7600.16699_none_ab72b03b72a35d83\XpsPrint.dll
+ 2011-10-13 03:07 . 2011-08-27 05:41 233472 c:\windows\winsxs\x86_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7601.21802_none_6d1e97a899bd2007\oleacc.dll
+ 2011-10-13 03:07 . 2011-08-27 04:26 233472 c:\windows\winsxs\x86_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7601.17676_none_6c4d4aab80d4ac09\oleacc.dll
+ 2011-10-13 03:07 . 2011-08-27 04:41 233472 c:\windows\winsxs\x86_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7600.21036_none_6b1ba2429caba365\oleacc.dll
+ 2011-10-13 03:07 . 2011-08-27 04:43 233472 c:\windows\winsxs\x86_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7600.16872_none_6a62ec7d83b1dac1\oleacc.dll
+ 2011-10-13 03:07 . 2011-08-27 05:41 571904 c:\windows\winsxs\x86_microsoft-windows-ole-automation_31bf3856ad364e35_6.1.7601.21802_none_bf9a046872d397ac\oleaut32.dll
+ 2011-10-13 03:07 . 2011-08-27 04:26 571904 c:\windows\winsxs\x86_microsoft-windows-ole-automation_31bf3856ad364e35_6.1.7601.17676_none_bec8b76b59eb23ae\oleaut32.dll
+ 2011-10-13 03:07 . 2011-08-27 04:41 571904 c:\windows\winsxs\x86_microsoft-windows-ole-automation_31bf3856ad364e35_6.1.7600.21036_none_bd970f0275c21b0a\oleaut32.dll
+ 2011-10-13 03:07 . 2011-08-27 04:43 571904 c:\windows\winsxs\x86_microsoft-windows-ole-automation_31bf3856ad364e35_6.1.7600.16872_none_bcde593d5cc85266\oleaut32.dll
+ 2012-02-15 14:02 . 2011-12-16 08:58 690688 c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 690688 c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll
+ 2012-02-15 14:02 . 2011-12-16 07:49 690688 c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_d20e8cd31913e191\msvcrt.dll
+ 2012-02-15 14:02 . 2011-12-16 07:59 690688 c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_d15ca5d2001597a0\msvcrt.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 161792 c:\windows\winsxs\x86_microsoft-windows-msls31_31bf3856ad364e35_9.4.8112.16421_none_e47f7674bcba0f60\msls31.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 196608 c:\windows\winsxs\x86_microsoft-windows-mfreadwrite_31bf3856ad364e35_6.1.7600.20717_none_ba0390ac923b09e5\mfreadwrite.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 196608 c:\windows\winsxs\x86_microsoft-windows-mfreadwrite_31bf3856ad364e35_6.1.7600.16597_none_b923729b795e4c7c\mfreadwrite.dll
+ 2009-07-14 00:03 . 2009-07-14 01:15 103424 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.20717_none_9d0cd7e486f8464a\mfps.dll
+ 2009-07-14 00:03 . 2009-07-14 01:15 103424 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.16597_none_9c2cb9d36e1b88e1\mfps.dll
+ 2012-01-26 17:16 . 2011-11-17 05:29 100352 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\sspicli.dll
+ 2012-01-26 17:16 . 2011-11-17 05:35 134000 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\ksecpkg.sys
+ 2012-01-26 17:16 . 2011-11-17 05:31 369352 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\cng.sys
+ 2012-01-26 17:16 . 2011-11-17 05:34 100352 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\sspicli.dll
+ 2012-01-26 17:16 . 2011-11-17 05:41 134000 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\ksecpkg.sys
+ 2012-01-26 17:16 . 2011-11-17 05:39 369352 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\cng.sys
+ 2012-01-26 17:16 . 2011-11-17 07:15 100352 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\sspicli.dll
+ 2012-01-26 17:16 . 2011-11-17 07:20 134000 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\ksecpkg.sys
+ 2012-01-26 17:16 . 2011-11-17 07:17 369352 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\cng.sys
+ 2012-01-26 17:16 . 2011-11-17 05:48 134000 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\ksecpkg.sys
+ 2012-01-26 17:16 . 2011-11-17 05:42 369352 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\cng.sys
+ 2012-02-29 09:01 . 2012-02-29 09:01 219008 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.1.7600.20888_none_ac2b94035dfb3b58\dxgmms1.sys
+ 2012-02-29 09:01 . 2012-02-29 09:01 728448 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.1.7600.20888_none_ac2b94035dfb3b58\dxgkrnl.sys
+ 2012-02-29 09:01 . 2012-02-29 09:01 107520 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.1.7600.20888_none_ac2b94035dfb3b58\cdd.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 219008 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.1.7600.16748_none_abcd36e844bd2bca\dxgmms1.sys
+ 2012-02-29 09:01 . 2012-02-29 09:01 728448 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.1.7600.16748_none_abcd36e844bd2bca\dxgkrnl.sys
+ 2012-02-29 09:01 . 2012-02-29 09:01 107520 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.1.7600.16748_none_abcd36e844bd2bca\cdd.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 104448 c:\windows\winsxs\x86_microsoft-windows-js-debuggeride_31bf3856ad364e35_9.4.8112.16421_none_5377da1a18fb28e4\jsdebuggeride.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 466432 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_9.4.8112.16421_none_011b7bdcabe8aef6\ieinstal.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_9.4.8112.16441_none_7d0c6f85c87592a0\ieui.dll
+ 2012-02-15 14:02 . 2011-12-16 08:57 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.21878_none_81b0dff99cadc1eb\ieui.dll
+ 2011-12-14 11:52 . 2011-11-11 05:36 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.21858_none_81c67fd19c9d8a09\ieui.dll
+ 2011-10-13 03:07 . 2011-08-20 05:49 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.21795_none_81983d5d9cc0b0a1\ieui.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.17744_none_8143b1ca837b68f2\ieui.dll
+ 2011-12-14 11:52 . 2011-11-11 05:40 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.17723_none_81585158836c17b9\ieui.dll
+ 2011-10-13 03:07 . 2011-08-20 04:26 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.17671_none_81203f4283967399\ieui.dll
+ 2012-02-15 14:02 . 2011-12-16 07:48 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.21108_none_80160a899f4ec5aa\ieui.dll
+ 2011-12-14 11:52 . 2011-11-11 05:50 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.21088_none_7fbf89439f8fa80b\ieui.dll
+ 2011-10-13 03:07 . 2011-08-20 04:31 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.21033_none_7ff0976d9f6b9da3\ieui.dll
+ 2012-02-15 14:02 . 2011-12-16 07:58 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.16930_none_7f64238886507bb9\ieui.dll
+ 2011-12-14 11:52 . 2011-11-11 05:50 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.16913_none_7f7cc43e863d8fdc\ieui.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 176640 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.16869_none_7f4cb4788660b674\ieui.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 231936 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_9.4.8112.16441_none_0894d42c7820e9e7\url.dll
+ 2012-02-15 14:02 . 2011-12-16 09:00 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7601.21878_none_0d3944a04c591932\url.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7601.21855_none_0d4be39a4c4b954b\url.dll
+ 2011-10-13 03:07 . 2011-08-20 05:52 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7601.21795_none_0d20a2044c6c07e8\url.dll
+ 2012-02-15 14:02 . 2011-12-16 07:54 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7601.17744_none_0ccc16713326c039\url.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7601.17720_none_0cddb521331a22fb\url.dll
+ 2011-10-13 03:07 . 2011-08-20 04:30 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7601.17671_none_0ca8a3e93341cae0\url.dll
+ 2012-02-15 14:02 . 2011-12-16 07:51 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7600.21108_none_0b9e6f304efa1cf1\url.dll
+ 2011-12-14 11:52 . 2011-11-05 04:37 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7600.21085_none_0b44ed0c4f3db34d\url.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7600.21033_none_0b78fc144f16f4ea\url.dll
+ 2012-02-15 14:02 . 2011-12-16 08:02 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7600.16930_none_0aec882f35fbd300\url.dll
+ 2011-12-14 11:52 . 2011-11-05 04:35 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7600.16912_none_0b04289b35e9cdcc\url.dll
+ 2011-10-13 03:07 . 2011-08-20 04:38 132096 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.7600.16869_none_0ad5191f360c0dbb\url.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 766976 c:\windows\winsxs\x86_microsoft-windows-ie-vgx_31bf3856ad364e35_9.4.8112.16421_none_05b6b429030148f7\VGX.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 141112 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16441_none_600dad3fa6dab99a\sqmapi.dll
+ 2011-08-10 22:37 . 2010-11-20 12:21 189952 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21878_none_64b21db37b12e8e5\sqmapi.dll
+ 2011-08-10 22:37 . 2010-11-20 12:21 189952 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21855_none_64c4bcad7b0564fe\sqmapi.dll
+ 2011-08-10 22:37 . 2010-11-20 12:21 189952 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21795_none_64997b177b25d79b\sqmapi.dll
+ 2011-06-15 22:05 . 2011-04-29 04:57 189952 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17744_none_6444ef8461e08fec\sqmapi.dll
+ 2011-06-15 22:05 . 2011-04-29 04:57 189952 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17720_none_64568e3461d3f2ae\sqmapi.dll
+ 2011-06-15 22:05 . 2011-04-29 04:57 189952 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17671_none_64217cfc61fb9a93\sqmapi.dll
+ 2009-07-13 23:27 . 2009-07-14 01:16 189440 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.21108_none_631748437db3eca4\sqmapi.dll
+ 2009-07-13 23:27 . 2009-07-14 01:16 189440 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.21085_none_62bdc61f7df78300\sqmapi.dll
+ 2009-07-13 23:27 . 2009-07-14 01:16 189440 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.21033_none_62f1d5277dd0c49d\sqmapi.dll
+ 2009-07-13 23:27 . 2009-07-14 01:16 189440 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16930_none_6265614264b5a2b3\sqmapi.dll
+ 2009-07-13 23:27 . 2009-07-14 01:16 189440 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16912_none_627d01ae64a39d7f\sqmapi.dll
+ 2009-07-13 23:27 . 2009-07-14 01:16 189440 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16869_none_624df23264c5dd6e\sqmapi.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 162304 c:\windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_9.4.8112.16421_none_e011e11277018c3c\msrating.dll
+ 2009-06-10 21:14 . 2009-06-10 21:14 355832 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_9.4.8112.16421_none_05f58d6b02d23b61\pdm.dll
+ 2009-07-13 21:59 . 2009-06-10 21:14 265720 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_9.4.8112.16421_none_05f58d6b02d23b61\msdbg2.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 203776 c:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_9.4.8112.16421_none_79ab85b66bffe20a\webcheck.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 123392 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_9.4.8112.16421_none_4fa60aea2e696726\occache.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 301056 c:\windows\winsxs\x86_microsoft-windows-ie-networkinspection_31bf3856ad364e35_9.4.8112.16421_none_8d7c2d276e46f322\networkinspection.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 149504 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilerui_31bf3856ad364e35_9.4.8112.16421_none_0b7e9c65e8794902\jsprofilerui.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 386560 c:\windows\winsxs\x86_microsoft-windows-ie-jscriptdebugui_31bf3856ad364e35_9.4.8112.16421_none_d2ebf19be7eb8e44\jsdbgui.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 142848 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_9.4.8112.16421_none_47e1a2c73444d23e\ieUnatt.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 152064 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_9.4.8112.16421_none_7cfb7f9f58f84355\wextract.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 150528 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_9.4.8112.16421_none_7cfb7f9f58f84355\iexpress.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 194048 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_9.4.8112.16441_none_5ff732dbb48f8c2a\IEShims.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 193536 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_9.4.8112.16421_none_a8ae871d64d6edda\ieproxy.dll
+ 2012-02-15 14:02 . 2011-12-16 08:57 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7601.21878_none_ad3d57b9391f5507\ieproxy.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7601.21855_none_ad4ff6b33911d120\ieproxy.dll
+ 2011-10-13 03:07 . 2011-08-20 05:49 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7601.21795_none_ad24b51d393243bd\ieproxy.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7601.17744_none_acd0298a1fecfc0e\ieproxy.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7601.17720_none_ace1c83a1fe05ed0\ieproxy.dll
+ 2011-10-13 03:07 . 2011-08-20 04:26 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7601.17671_none_acacb702200806b5\ieproxy.dll
+ 2012-02-15 14:02 . 2011-12-16 07:48 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7600.21108_none_aba282493bc058c6\ieproxy.dll
+ 2011-12-14 11:52 . 2011-11-05 04:33 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7600.21085_none_ab4900253c03ef22\ieproxy.dll
+ 2011-10-13 03:07 . 2011-08-20 04:31 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7600.21033_none_ab7d0f2d3bdd30bf\ieproxy.dll
+ 2012-02-15 14:02 . 2011-12-16 07:58 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7600.16930_none_aaf09b4822c20ed5\ieproxy.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7600.16912_none_ab083bb422b009a1\ieproxy.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 163328 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.7600.16869_none_aad92c3822d24990\ieproxy.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 222720 c:\windows\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_9.4.8112.16421_none_1ef5aee48b810ba0\ielowutil.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 307200 c:\windows\winsxs\x86_microsoft-windows-ie-iediag_31bf3856ad364e35_9.4.8112.16421_none_2f5fcfbaab97b79b\iediagcmd.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 107008 c:\windows\winsxs\x86_microsoft-windows-ie-iecleanup_31bf3856ad364e35_9.4.8112.16421_none_d665f7f6aed43c56\iecleanup.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 110592 c:\windows\winsxs\x86_microsoft-windows-ie-ieadvpack_31bf3856ad364e35_9.4.8112.16421_none_e771ed32e8d4ec48\IEAdvpack.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 580608 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_9.4.8112.16421_none_78662d0a54bcb613\msfeeds.dll
+ 2012-02-15 14:02 . 2011-12-16 08:58 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7601.21878_none_7cf4fda629051d40\msfeeds.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7601.21855_none_7d079ca028f79959\msfeeds.dll
+ 2011-10-13 03:07 . 2011-08-20 05:50 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7601.21795_none_7cdc5b0a29180bf6\msfeeds.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7601.17744_none_7c87cf770fd2c447\msfeeds.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7601.17720_none_7c996e270fc62709\msfeeds.dll
+ 2011-10-13 03:07 . 2011-08-20 04:27 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7601.17671_none_7c645cef0fedceee\msfeeds.dll
+ 2012-02-15 14:02 . 2011-12-16 07:49 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7600.21108_none_7b5a28362ba620ff\msfeeds.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7600.21085_none_7b00a6122be9b75b\msfeeds.dll
+ 2011-10-13 03:07 . 2011-08-20 04:32 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7600.21033_none_7b34b51a2bc2f8f8\msfeeds.dll
+ 2012-02-15 14:02 . 2011-12-16 07:59 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7600.16930_none_7aa8413512a7d70e\msfeeds.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7600.16912_none_7abfe1a11295d1da\msfeeds.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 599552 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.7600.16869_none_7a90d22512b811c9\msfeeds.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 223232 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_9.4.8112.16421_none_b045f1cd9bea63dc\dxtrans.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 353792 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_9.4.8112.16421_none_b045f1cd9bea63dc\dxtmsft.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 678912 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_9.4.8112.16441_none_540f0fb65a2ce77e\iedvtool.dll
+ 2012-02-15 14:02 . 2011-12-16 08:57 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7601.21878_none_58b3802a2e6516c9\iedvtool.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7601.21855_none_58c61f242e5792e2\iedvtool.dll
+ 2011-10-13 03:07 . 2011-08-20 05:49 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7601.21795_none_589add8e2e78057f\iedvtool.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7601.17744_none_584651fb1532bdd0\iedvtool.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7601.17720_none_5857f0ab15262092\iedvtool.dll
+ 2011-10-13 03:07 . 2011-08-20 04:26 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7601.17671_none_5822df73154dc877\iedvtool.dll
+ 2012-02-15 14:02 . 2011-12-16 07:48 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7600.21108_none_5718aaba31061a88\iedvtool.dll
+ 2011-12-14 11:52 . 2011-11-05 04:33 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7600.21085_none_56bf28963149b0e4\iedvtool.dll
+ 2011-10-13 03:07 . 2011-08-20 04:30 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7600.21033_none_56f3379e3122f281\iedvtool.dll
+ 2012-02-15 14:02 . 2011-12-16 07:58 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7600.16930_none_5666c3b91807d097\iedvtool.dll
+ 2011-12-14 11:52 . 2011-11-05 04:33 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7600.16912_none_567e642517f5cb63\iedvtool.dll
+ 2011-10-13 03:07 . 2011-08-20 04:34 860672 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.7600.16869_none_564f54a918180b52\iedvtool.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 118784 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_9.4.8112.16421_none_5543276d0c542bbd\iepeers.dll
+ 2012-02-15 14:02 . 2011-12-16 07:48 186368 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.7600.21108_none_58372298e33d96a9\iepeers.dll
+ 2011-12-14 11:52 . 2011-11-05 04:33 186368 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.7600.21085_none_57dda074e3812d05\iepeers.dll
+ 2011-10-13 03:07 . 2011-08-20 04:31 186368 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.7600.21033_none_5811af7ce35a6ea2\iepeers.dll
+ 2012-02-15 14:02 . 2011-12-16 07:58 185856 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.7600.16930_none_57853b97ca3f4cb8\iepeers.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 185856 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.7600.16912_none_579cdc03ca2d4784\iepeers.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 185856 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.7600.16869_none_576dcc87ca4f8773\iepeers.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 434176 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_9.4.8112.16421_none_1411b9158604ddae\ieapfltr.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 163840 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_9.4.8112.16421_none_c6b1c48b210c3b01\ieakui.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 227840 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_9.4.8112.16421_none_c6b1c48b210c3b01\ieaksie.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 101888 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_9.4.8112.16421_none_c6b1c48b210c3b01\admparse.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 130560 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitengine_31bf3856ad364e35_9.4.8112.16421_none_bc95d8ede279e757\ieakeng.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 353584 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_9.4.8112.16421_none_8cd00f3771c38422\iedkcs32.dll
+ 2012-02-15 14:02 . 2011-12-16 07:48 381440 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.7600.21108_none_8fc40a6348acef0e\iedkcs32.dll
+ 2011-12-14 11:52 . 2011-11-05 04:33 381440 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.7600.21085_none_8f6a883f48f0856a\iedkcs32.dll
+ 2011-10-13 03:07 . 2011-08-20 04:30 381440 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.7600.21033_none_8f9e974748c9c707\iedkcs32.dll
+ 2012-02-15 14:02 . 2011-12-16 07:58 381440 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.7600.16930_none_8f1223622faea51d\iedkcs32.dll
+ 2011-12-14 11:52 . 2011-11-05 04:33 381440 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.7600.16912_none_8f29c3ce2f9c9fe9\iedkcs32.dll
+ 2011-10-13 03:07 . 2011-08-20 04:34 381440 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.7600.16869_none_8efab4522fbedfd8\iedkcs32.dll
+ 2012-02-15 14:02 . 2011-12-16 09:00 982016 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_1ef766d79061ca88\wininet.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 982016 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21855_none_1f0a05d1905446a1\wininet.dll
+ 2011-10-13 03:07 . 2011-08-20 05:53 981504 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_1edec43b9074b93e\wininet.dll
+ 2012-02-15 14:02 . 2011-12-16 07:54 981504 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_1e8a38a8772f718f\wininet.dll
+ 2011-12-14 11:52 . 2011-11-05 04:35 981504 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17720_none_1e9bd7587722d451\wininet.dll
+ 2011-10-13 03:07 . 2011-08-20 04:31 981504 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_1e66c620774a7c36\wininet.dll
+ 2012-02-15 14:02 . 2011-12-16 07:51 982016 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_1d5c91679302ce47\wininet.dll
+ 2011-12-14 11:52 . 2011-11-05 04:37 982016 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21085_none_1d030f43934664a3\wininet.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 982016 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_1d371e4b931fa640\wininet.dll
+ 2012-02-15 14:02 . 2011-12-16 08:02 981504 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_1caaaa667a048456\wininet.dll
+ 2011-12-14 11:52 . 2011-11-05 04:35 981504 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16912_none_1cc24ad279f27f22\wininet.dll
+ 2011-10-13 03:07 . 2011-08-20 04:38 981504 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_1c933b567a14bf11\wininet.dll
+ 2012-02-15 14:02 . 2011-12-16 07:49 606208 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.7600.21108_none_fc39448e6da26723\mstime.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 606208 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.7600.21085_none_fbdfc26a6de5fd7f\mstime.dll
+ 2011-10-13 03:07 . 2011-08-20 04:32 606208 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.7600.21033_none_fc13d1726dbf3f1c\mstime.dll
+ 2012-02-15 14:02 . 2011-12-16 07:59 606208 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.7600.16930_none_fb875d8d54a41d32\mstime.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 606208 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.7600.16912_none_fb9efdf9549217fe\mstime.dll
+ 2011-10-13 03:07 . 2011-08-20 04:36 606208 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.7600.16869_none_fb6fee7d54b457ed\mstime.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 748336 c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_b135ff17c80c1949\iexplore.exe
+ 2012-02-15 14:02 . 2011-12-16 09:19 673048 c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21108_none_b429fa439ef58435\iexplore.exe
+ 2011-12-14 11:52 . 2011-11-05 04:39 673048 c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21085_none_b3d0781f9f391a91\iexplore.exe
+ 2011-10-13 03:07 . 2011-08-20 04:32 673024 c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21033_none_b40487279f125c2e\iexplore.exe
+ 2012-02-15 14:02 . 2011-12-16 08:03 673048 c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16930_none_b378134285f73a44\iexplore.exe
+ 2011-12-14 11:52 . 2011-11-05 04:38 673048 c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16912_none_b38fb3ae85e53510\iexplore.exe
+ 2011-10-13 03:07 . 2011-08-20 04:35 673024 c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16869_none_b360a432860774ff\iexplore.exe
+ 2012-01-11 01:35 . 2011-10-29 06:20 332800 c:\windows\winsxs\x86_microsoft-windows-ehome-mstvcapn_31bf3856ad364e35_6.1.7601.21849_none_5cc6688071f6f544\mstvcapn.dll
+ 2012-01-11 01:35 . 2011-10-29 04:26 332800 c:\windows\winsxs\x86_microsoft-windows-ehome-mstvcapn_31bf3856ad364e35_6.1.7601.17715_none_5c593a5158c49c4b\mstvcapn.dll
+ 2012-01-11 01:35 . 2011-10-31 04:33 332800 c:\windows\winsxs\x86_microsoft-windows-ehome-mstvcapn_31bf3856ad364e35_6.1.7600.21080_none_5aab9f6c74f94b28\mstvcapn.dll
+ 2012-01-11 01:35 . 2011-10-29 04:30 332800 c:\windows\winsxs\x86_microsoft-windows-ehome-mstvcapn_31bf3856ad364e35_6.1.7600.16907_none_5a7fadcb5b94471c\mstvcapn.dll
+ 2012-03-14 05:24 . 2012-02-10 05:35 218624 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_6.1.7600.21148_none_50b7946823e04aa2\d3d10_1core.dll
+ 2012-03-14 05:24 . 2012-02-10 05:35 161792 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_6.1.7600.21148_none_50b7946823e04aa2\d3d10_1.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 218624 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_6.1.7600.20830_none_50ba861623df3669\d3d10_1core.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 161792 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_6.1.7600.20830_none_50ba861623df3669\d3d10_1.dll
+ 2012-03-14 05:24 . 2012-02-10 05:41 218624 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_6.1.7600.16961_none_50117d9d0ad8fe17\d3d10_1core.dll
+ 2012-03-14 05:24 . 2012-02-10 05:41 161792 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_6.1.7600.16961_none_50117d9d0ad8fe17\d3d10_1.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 218624 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_6.1.7600.16699_none_4ff90a770aea252d\d3d10_1core.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 161792 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_6.1.7600.16699_none_4ff90a770aea252d\d3d10_1.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 804864 c:\windows\winsxs\x86_microsoft-windows-directwrite-fontcache_31bf3856ad364e35_6.1.7600.20830_none_053b16fc8b9c548b\FntCache.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 801792 c:\windows\winsxs\x86_microsoft-windows-directwrite-fontcache_31bf3856ad364e35_6.1.7600.16699_none_04799b5d72a7434f\FntCache.dll
+ 2012-01-11 01:35 . 2011-10-26 06:18 514560 c:\windows\winsxs\x86_microsoft-windows-directshow-dvdsupport_31bf3856ad364e35_6.1.7601.21847_none_5695c66e4b4de657\qdvd.dll
+ 2012-01-11 01:35 . 2011-10-26 04:32 514560 c:\windows\winsxs\x86_microsoft-windows-directshow-dvdsupport_31bf3856ad364e35_6.1.7601.17713_none_5628983f321b8d5e\qdvd.dll
+ 2012-01-11 01:35 . 2011-10-26 04:33 514560 c:\windows\winsxs\x86_microsoft-windows-directshow-dvdsupport_31bf3856ad364e35_6.1.7600.21077_none_548ecfe04e400459\qdvd.dll
+ 2012-01-11 01:35 . 2011-10-26 04:28 514560 c:\windows\winsxs\x86_microsoft-windows-directshow-dvdsupport_31bf3856ad364e35_6.1.7600.16905_none_544f0bb934eb382f\qdvd.dll
+ 2012-03-14 05:24 . 2012-02-10 05:35 739840 c:\windows\winsxs\x86_microsoft-windows-d2d_31bf3856ad364e35_6.1.7600.21148_none_a82afdc6d63f2cda\d2d1.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 739840 c:\windows\winsxs\x86_microsoft-windows-d2d_31bf3856ad364e35_6.1.7600.20830_none_a82def74d63e18a1\d2d1.dll
+ 2012-03-14 05:24 . 2012-02-10 05:41 739840 c:\windows\winsxs\x86_microsoft-windows-d2d_31bf3856ad364e35_6.1.7600.16961_none_a784e6fbbd37e04f\d2d1.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 739840 c:\windows\winsxs\x86_microsoft-windows-d2d_31bf3856ad364e35_6.1.7600.16699_none_a76c73d5bd490765\d2d1.dll
+ 2011-09-16 03:59 . 2011-07-27 05:47 361472 c:\windows\winsxs\x86_microsoft-windows-d..nese-eacommonapijpn_31bf3856ad364e35_6.1.7601.21779_none_9448d5bb47afabae\IMJPAPI.DLL
+ 2011-09-16 03:59 . 2011-07-27 04:27 361472 c:\windows\winsxs\x86_microsoft-windows-d..nese-eacommonapijpn_31bf3856ad364e35_6.1.7601.17658_none_93d3d87e2e82baab\IMJPAPI.DLL
+ 2011-09-16 03:59 . 2011-07-27 04:27 361472 c:\windows\winsxs\x86_microsoft-windows-d..nese-eacommonapijpn_31bf3856ad364e35_6.1.7600.21016_none_92a02f814a5b7f59\IMJPAPI.DLL
+ 2011-09-16 03:59 . 2011-07-27 04:30 361472 c:\windows\winsxs\x86_microsoft-windows-d..nese-eacommonapijpn_31bf3856ad364e35_6.1.7600.16856_none_91eb7ae4315e1c11\IMJPAPI.DLL
+ 2012-02-29 09:01 . 2012-02-29 09:01 135168 c:\windows\winsxs\x86_microsoft-windows-c..nt-xpsrasterservice_31bf3856ad364e35_6.1.7600.20830_none_1b2e65b1a64e1e58\XpsRasterService.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 135168 c:\windows\winsxs\x86_microsoft-windows-c..nt-xpsrasterservice_31bf3856ad364e35_6.1.7600.16699_none_1a6cea128d590d1c\XpsRasterService.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 283648 c:\windows\winsxs\x86_microsoft-windows-c..ent-xpsgdiconverter_31bf3856ad364e35_6.1.7600.20830_none_137d7e3a659de6f8\XpsGdiConverter.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 283648 c:\windows\winsxs\x86_microsoft-windows-c..ent-xpsgdiconverter_31bf3856ad364e35_6.1.7600.16699_none_12bc029b4ca8d5bc\XpsGdiConverter.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 309760 c:\windows\winsxs\x86_microsoft-windows-activexproxy_31bf3856ad364e35_6.1.7600.20743_none_12976b2c649ce0d4\actxprxy.dll
+ 2011-08-26 20:00 . 2011-06-07 22:46 348160 c:\windows\SysWOW64\MSVCR71.DLL
+ 2011-08-26 20:00 . 2011-06-07 22:46 499712 c:\windows\SysWOW64\MSVCP71.DLL
+ 2012-02-29 09:02 . 2012-02-29 09:02 152064 c:\windows\System32\wextract.exe
- 2010-12-16 05:10 . 2010-10-16 04:36 314368 c:\windows\System32\webio.dll
+ 2012-01-26 17:16 . 2011-11-17 05:39 314368 c:\windows\System32\webio.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 203776 c:\windows\System32\webcheck.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 420864 c:\windows\System32\vbscript.dll
+ 2011-08-26 20:01 . 1998-04-24 05:00 368912 c:\windows\System32\vbar332.dll
+ 2011-08-26 20:01 . 2011-06-07 22:46 196608 c:\windows\System32\Utility.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 231936 c:\windows\System32\url.dll
+ 2012-01-26 17:16 . 2011-11-17 05:39 224768 c:\windows\System32\schannel.dll
- 2009-07-14 00:03 . 2009-07-14 01:16 514560 c:\windows\System32\qdvd.dll
+ 2012-01-11 01:35 . 2011-10-26 04:28 514560 c:\windows\System32\qdvd.dll
- 2010-04-29 11:34 . 2009-12-13 09:30 465408 c:\windows\System32\psisdecd.dll
+ 2011-10-13 03:08 . 2011-08-17 04:26 465408 c:\windows\System32\psisdecd.dll
+ 2009-07-14 02:05 . 2012-03-18 21:22 661830 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2011-08-13 16:02 661830 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2012-03-18 21:22 121018 c:\windows\System32\perfc009.dat
- 2009-07-14 02:05 . 2011-08-13 16:02 121018 c:\windows\System32\perfc009.dat
- 2011-06-15 22:05 . 2010-12-18 05:31 571904 c:\windows\System32\oleaut32.dll
+ 2011-10-13 03:07 . 2011-08-27 04:43 571904 c:\windows\System32\oleaut32.dll
+ 2011-10-13 03:07 . 2011-08-27 04:43 233472 c:\windows\System32\oleacc.dll
- 2009-07-13 23:26 . 2009-07-14 01:16 233472 c:\windows\System32\oleacc.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 123392 c:\windows\System32\occache.dll
- 2009-07-13 23:12 . 2009-07-14 01:15 690688 c:\windows\System32\msvcrt.dll
+ 2012-02-15 14:02 . 2011-12-16 07:59 690688 c:\windows\System32\msvcrt.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 162304 c:\windows\System32\msrating.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 161792 c:\windows\System32\msls31.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 580608 c:\windows\System32\msfeeds.dll
+ 2011-09-01 23:31 . 2011-09-01 23:31 243360 c:\windows\System32\Macromed\Flash\FlashUtil10w_Plugin.exe
- 2011-04-15 00:23 . 2011-02-18 05:35 716800 c:\windows\System32\jscript.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 716800 c:\windows\System32\jscript.dll
+ 2011-08-26 20:11 . 2011-05-04 09:52 157472 c:\windows\System32\javaws.exe
- 2011-08-12 20:25 . 2011-05-04 09:52 157472 c:\windows\System32\javaws.exe
- 2011-08-12 20:25 . 2011-05-04 09:52 145184 c:\windows\System32\javaw.exe
+ 2011-08-26 20:11 . 2011-05-04 09:52 145184 c:\windows\System32\javaw.exe
- 2011-08-12 20:25 . 2011-05-04 09:52 145184 c:\windows\System32\java.exe
+ 2011-08-26 20:11 . 2011-05-04 09:52 145184 c:\windows\System32\java.exe
- 2009-07-13 23:26 . 2009-07-14 01:15 361472 c:\windows\System32\IME\IMEJP10\IMJPAPI.DLL
+ 2011-09-16 03:59 . 2011-07-27 04:30 361472 c:\windows\System32\IME\IMEJP10\IMJPAPI.DLL
+ 2012-02-29 09:02 . 2012-02-29 09:02 150528 c:\windows\System32\iexpress.exe
+ 2012-02-29 09:02 . 2012-02-29 09:02 142848 c:\windows\System32\ieUnatt.exe
- 2011-08-10 22:37 . 2011-06-21 05:34 176640 c:\windows\System32\ieui.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 176640 c:\windows\System32\ieui.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 118784 c:\windows\System32\iepeers.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 353584 c:\windows\System32\iedkcs32.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 434176 c:\windows\System32\ieapfltr.dll
- 2009-07-13 23:42 . 2009-07-14 01:05 163840 c:\windows\System32\ieakui.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 163840 c:\windows\System32\ieakui.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 227840 c:\windows\System32\ieaksie.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 130560 c:\windows\System32\ieakeng.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 110592 c:\windows\System32\IEAdvpack.dll
+ 2011-08-26 20:01 . 2011-06-07 22:46 139264 c:\windows\System32\gswin32c.exe
+ 2011-08-26 20:01 . 2011-06-07 22:46 139264 c:\windows\System32\gs\gs8.71\bin\gswin32c.exe
+ 2011-08-26 20:01 . 2011-06-07 22:46 147456 c:\windows\System32\gs\gs8.71\bin\gswin32.exe
+ 2009-07-14 04:33 . 2012-03-14 08:19 450824 c:\windows\System32\FNTCACHE.DAT
+ 2011-12-14 11:52 . 2011-10-15 05:48 534528 c:\windows\System32\EncDec.dll
- 2011-03-10 16:41 . 2010-12-23 05:28 534528 c:\windows\System32\EncDec.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 223232 c:\windows\System32\dxtrans.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 353792 c:\windows\System32\dxtmsft.dll
+ 2012-01-26 17:16 . 2011-11-17 05:48 134000 c:\windows\System32\drivers\ksecpkg.sys
+ 2012-01-26 17:16 . 2011-11-17 05:42 369352 c:\windows\System32\drivers\cng.sys
- 2010-04-29 11:29 . 2011-08-12 22:34 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-04-29 11:29 . 2012-03-20 15:37 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-11-01 08:02 . 2011-10-17 06:12 117840 c:\windows\System32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
+ 2012-02-29 09:02 . 2012-02-29 09:02 101888 c:\windows\System32\admparse.dll
- 2010-11-01 14:40 . 2011-07-29 20:37 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-11-01 14:40 . 2012-02-16 09:22 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:47 . 2012-03-20 03:22 449488 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-14 08:17 . 2012-03-20 03:22 670612 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2768097390-484889731-359739942-1004-8192.dat
+ 2012-01-10 03:58 . 2011-12-26 19:13 437008 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2011-10-13 03:09 . 2011-07-08 22:35 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-06-15 22:06 . 2011-03-29 22:31 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-06-15 22:06 . 2011-03-29 22:31 995160 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-10-13 03:09 . 2011-07-08 22:35 995160 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-08-26 20:10 . 2011-08-26 20:10 681984 c:\windows\Installer\231bd4.msi
+ 2010-04-29 11:45 . 2012-03-14 08:01 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-04-29 11:45 . 2012-03-14 08:01 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-04-29 11:45 . 2012-03-14 08:01 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-04-29 11:45 . 2012-03-14 08:01 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
+ 2010-04-29 11:45 . 2012-03-14 08:01 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
+ 2012-02-22 09:02 . 2012-02-22 09:02 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2011-01-22 09:05 . 2011-01-22 09:05 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2011-05-11 08:01 . 2011-05-11 08:01 217864 c:\windows\Installer\{50120000-1105-0000-0000-0000000FF1CE}\misc.exe
+ 2011-12-15 09:03 . 2011-12-15 09:03 217864 c:\windows\Installer\{50120000-1105-0000-0000-0000000FF1CE}\misc.exe
+ 2007-06-08 02:51 . 2007-06-08 02:51 125320 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.6612\SSGEN.DLL
+ 2007-06-08 02:51 . 2007-06-08 02:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.6612\OUTLFLTR.DLL
+ 2008-03-19 13:27 . 2008-03-19 13:27 661536 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.6612\OGALEGIT.DLL
+ 2006-07-24 17:50 . 2006-07-24 17:50 125744 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.6612\MSSTDFMT.DLL
+ 2008-10-25 13:18 . 2008-10-25 13:18 172880 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.6612\IEAWSDC.DLL
+ 2006-10-27 22:35 . 2006-10-27 22:35 436512 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.4518\UMOUTLOOKADDIN.DLL
+ 2006-10-27 03:13 . 2006-10-27 03:13 764800 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.4518\ACECNF.DLL
+ 2012-01-11 01:35 . 2011-10-29 04:30 332800 c:\windows\ehome\mstvcapn.dll
- 2009-07-14 00:07 . 2009-07-14 01:15 332800 c:\windows\ehome\mstvcapn.dll
- 2009-07-14 00:09 . 2009-07-14 01:22 280576 c:\windows\ehome\Microsoft.MediaCenter.Interop.dll
+ 2011-10-13 03:08 . 2011-08-17 04:30 280576 c:\windows\ehome\Microsoft.MediaCenter.Interop.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\Xceed.Zip\9aa51442eb4f7084ed6d511dfa0869b7\Xceed.Zip.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 661504 c:\windows\assembly\NativeImages_v2.0.50727_32\Xceed.Grid.UIStyle\c3614162ba12c52b2409bd48139c5010\Xceed.Grid.UIStyle.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 311808 c:\windows\assembly\NativeImages_v2.0.50727_32\Xceed.FileSystem\de3a3e2fba3020b158634bd49eec75e4\Xceed.FileSystem.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 267776 c:\windows\assembly\NativeImages_v2.0.50727_32\Xceed.Compression\a7baa0b9df291f1b3040f1fc9699104b\Xceed.Compression.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ebacd33f47bf395f66af1ca53c2a1c8a\WsatConfig.ni.exe
+ 2012-02-16 09:27 . 2012-02-16 09:27 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\6821dd32ab5af443894ece849ddfde3e\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c6e5b906b55c14320c5ed0579e753bb0\WindowsLive.Writer.Interop.ni.dll
+ 2011-10-13 08:28 . 2011-10-13 08:28 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9cb75a37472b1b49cc82fddb7ab73313\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 258560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\928dd94a23dbf34868a3d54b0b672457\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8ff4541ba7e879b2770ba46b8e95992d\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7c7dd299d92ea1ffb58622418703ad4f\WindowsLive.Writer.Controls.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5b7154846cba46868d0f1f0af477504f\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\50602fee3b3dea48c423e796f2e98601\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4fa3a96522ac00391c8fe9890f80b546\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-10-13 08:28 . 2011-10-13 08:28 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4b40a21037f8de7f9324e34a4f4fa710\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\49b4852ecf295de8f73c6eade1c595c7\WindowsLive.Writer.Localization.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\34c3f8e1e31dede829d7cbfcb9a05b3d\WindowsLive.Writer.Passport.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\30a275a018c813e4d91967cd0c84d44d\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\15724aa17ffae89dc775a4c1299c1057\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\148ffbdbaf8c8671ccd0488158e9a439\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\05f6da74dcbfb6b9445cd74e532bafef\WindowsLive.Writer.Instrumentation.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\174f99f3feda0165422af287ca9826a4\WindowsLive.Client.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a0cec0099a537e10af5be76457a27db1\WindowsFormsIntegration.ni.dll
+ 2011-10-13 08:25 . 2011-10-13 08:25 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a3f989a61ab0468876629134c49514b2\UIAutomationTypes.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\ba4e07d92829d993edf510cc0930b005\UIAutomationClient.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\fd21cc9e7282991a5b315da08555a533\TaskScheduler.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\37d2f9198ad4e605f216bee3d1f58691\System.Xml.Linq.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\abc5f2bd15f0a4a8a957c296e62e6d5d\System.Web.Routing.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\3235b159c025406d8b626db1aa09fad3\System.Web.RegularExpressions.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\9be3d9596ac08d280da3d7a978e802bd\System.Web.Extensions.Design.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\3c34f6f1ac7f04f832d1964692020fb4\System.Web.Entity.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\df3587fb6492bbcc91d28d5eac3d0515\System.Web.Entity.Design.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2c47055ec299deef83c2c93680ed3aef\System.Web.DynamicData.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\cbb814a6e75310a62c6bf57d0220fa0b\System.Web.Abstractions.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f08bed8a99fdeed5f4ec538947851e29\System.Transactions.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5ca17001998a75ca774d2b80eead5579\System.ServiceProcess.ni.dll
+ 2012-02-16 09:22 . 2012-02-16 09:22 680960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\2726e2ab6218f17a1bef5fe81130078c\System.Security.ni.dll
+ 2012-02-16 09:23 . 2012-02-16 09:23 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c9ba9c9f4251a1978433fb8a5b8b0e01\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\e62d625a59508410f047266f3377a447\System.Net.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\184feff3d7c15c27ec0345d27c954cab\System.Messaging.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 997888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\5487c4ce39dfd1712c6acbe72d74da8f\System.Management.Instrumentation.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\603780605b24668dfd6e85d01b301459\System.IO.Log.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\e5a4bc827a371428406fbc0a743bdbfe\System.IdentityModel.Selectors.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\d32385362373fc2e4a60e0c1df1d313c\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\d32385362373fc2e4a60e0c1df1d313c\System.EnterpriseServices.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\1585bd27d37caf0c4becb2a94107c5e9\System.Drawing.Design.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 887808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a3ae72a9ded7bcee59d30e816554f410\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\798a88768617a3dc4436b1194a05c694\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 946176 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\d2629270057a355635f4c31c00aaf07a\System.Data.Services.Client.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 356864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1beb76511b6a67e342d65f42ff0815bd\System.Data.Services.Design.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 762880 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\ec27ef869e1af9a4352594708b7cd7fb\System.Data.Entity.Design.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\5c88e22009cc6ffa451cb1ccd4a4b47e\System.Data.DataSetExtensions.ni.dll
+ 2012-02-16 09:22 . 2012-02-16 09:22 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\76f83cdfb08ecbdd557d94aecae04faa\System.Configuration.Install.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\64b7e2fa8a11164f2ae27b40e964907c\System.AddIn.ni.dll
+ 2011-10-13 08:31 . 2011-10-13 08:31 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\007a48adac2d981fcda78d8daec3bb2c\sysglobl.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d071f953feda1b725369da479830eb88\SMSvcHost.ni.exe
+ 2012-02-16 09:27 . 2012-02-16 09:27 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb46ff3a7098925dd3f0552901668735\SMDiagnostics.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 107520 c:\windows\assembly\NativeImages_v2.0.50727_32\SBAIREPORTING\5070fbc78b5c54798e90aa0891150fac\SBAIREPORTING.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 636416 c:\windows\assembly\NativeImages_v2.0.50727_32\SBAIAPIV2\188676fc0c4df7fadaac6bdc58367a52\SBAIAPIV2.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 532992 c:\windows\assembly\NativeImages_v2.0.50727_32\SBAIAPI\e04a5027d334e988e3e56be85f53b93f\SBAIAPI.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcb224eff8a955d6e50c4c101a101c4a\PresentationFramework.Classic.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6954c7f14ea634672cdacf2cd793497e\PresentationFramework.Aero.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46e0bdf49703779e61f23d3654733369\PresentationFramework.Royale.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1450308c4daa43ac886a5daffda0fbf8\PresentationFramework.Luna.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 963584 c:\windows\assembly\NativeImages_v2.0.50727_32\office\8f78aa5e7c14055343dcc3ef9713407c\office.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\d5a81bd660c89cc9dc5bc3271c7cbacc\napsnap.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\8a66ac9aab2b41a23fac95d009b300fb\napinit.ni.dll
+ 2011-10-13 08:30 . 2011-10-13 08:30 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\d82c431d8f0463c0dd5b143ebb0b7fcc\naphlpr.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\570958f58a7b129cd0144f68a729affe\MSBuild.ni.exe
+ 2012-02-16 09:28 . 2012-02-16 09:28 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\921c5ac836dabe56ffcaaed760b641f7\MMCFxCommon.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 531456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\98b7f9abaa09101c587966132a4066c6\Microsoft.WSMan.Management.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4c35f544bfe27946fa0813c2334799ff\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fd38fbcf71b3823df212a54cbba55fd3\Microsoft.PowerShell.Security.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e4edfddd0927859f8cc66b4c307573d1\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9d2f1b242fece69dad034bc66ef1e781\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5f112e940c060f2bbfc1be27c5b7bc2c\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\05e22bfd2227bbb8a2116d441b6408bd\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 229888 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7fb68228743dbb021979b2075ef040b6\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 705024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7dec22322432c1efdf64aad6d9701657\Microsoft.MediaCenter.Sports.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7bee4751cacbc34c52be7b6dca16a31b\Microsoft.MediaCenter.Interop.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 740864 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\5537451f0e5a54e3ccca65aaafabc429\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\4c3f9e09df363e28ec27789a4002ab4b\Microsoft.MediaCenter.Playback.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 849920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\42b6b49c22c79b5cb11394dd9e070f34\Microsoft.MediaCenter.Shell.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 142848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\3abb617271ca3ae0946c9787c617e6ea\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 105472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\1e290e30985677cfabc4654662ea9944\Microsoft.MediaCenter.Mheg.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\19f3e4fa2162474ccd21e4cae5349a0a\Microsoft.ManagementConsole.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 393216 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Iris.Impo#\f0db17f09a2b9638a727696b425900ce\Microsoft.Iris.ImportExport.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 409088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Iris.Impo#\0c4f15b4a5796b742c9e04e5cacb0973\Microsoft.Iris.ImportExportDataAccess.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\ff62c62c410c2df0d28d3bd32d60cd85\Microsoft.Interop.Mapi.Interfaces.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 177664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\2dc410fe9c45f151a36697ca0d2258c1\Microsoft.Interop.Mapi.PropTags.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 945152 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.e#\d254b269ab970ae48f409613b520ec7c\Microsoft.Interop.eCRM.msforms.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 472064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.e#\b49acb93250731a3a370e879c39cce4b\Microsoft.Interop.eCRM.Publisher.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.e#\90d953808f8ea45aa335964d2bb8f2b6\Microsoft.Interop.eCRM.SHDocVw.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 595968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.e#\175f5aa43e83cc01db3387b9e050ce0c\Microsoft.Interop.eCRM.MSComCtl.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 493056 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.eCRM.Offi#\3054e0a0deda5835a1b17c5e58c41b78\Microsoft.eCRM.Office.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.eCRM.AxSH#\a32f52f942fd643b777c642980e7c152\Microsoft.eCRM.AxSHDocVw.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\c1c6b64ea5f3c94fb4d0cc7ffcaecca3\Microsoft.BusinessSolutions.eCRM.DataSync.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 866816 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\321503ca005b789261bc7bab865ba0e4\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.ImportExportUI.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f83d51fbc59eb8cbf1c9cd8046ce105a\Microsoft.Build.Utilities.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\7dcdedb09ce98ee880a1b4c5cc394b9f\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\895f4724a7b8c51c57262b9ee6ada525\Microsoft.Build.Engine.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\aa4ad0c8b50f5ae1304223cc464e335f\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 250880 c:\windows\assembly\NativeImages_v2.0.50727_32\Mcx2Dvcs\286c65f00880e2c6870e1c9a19ad2dd3\Mcx2Dvcs.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 380928 c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\1dcda2a565d934b5e4528382a3e3a968\mcupdate.ni.exe
+ 2012-02-16 09:27 . 2012-02-16 09:27 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\405472e5ddb5c9970b094ab01b6b242a\mcstoredb.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 371712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcplayerinterop\f123e45ed122ce325f3235e4caaa3f5f\mcplayerinterop.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\mcGlidHostObj\84bd15a29b7ad73b0db9598c0f241067\mcGlidHostObj.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 107520 c:\windows\assembly\NativeImages_v2.0.50727_32\MCESidebarCtrl\7ab4fa8ef7efeae9ab41dcd2509cabd5\MCESidebarCtrl.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 391168 c:\windows\assembly\NativeImages_v2.0.50727_32\Iris.Mapi.MessageSt#\0368eb8f778c89d2fb5c30fec7859f35\Iris.Mapi.MessageStore.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\b9e704d4f0a24ceffd38f7c3da8c154e\EventViewer.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\e5a93dfeab06088d8d3b8348b4adb791\ehRecObj.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 202752 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiWUapi\8547ec584de26890cc8074ed1a2b034e\ehiWUapi.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 340480 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiwmp\5532c1eed22175a4dd5f88a84f01b3c6\ehiwmp.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\834a40a7a64af82574eb4a08ad8c888f\ehiVidCtl.ni.dll
+ 2011-10-13 08:28 . 2011-10-13 08:28 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\d7cb05bc1b3ae306de88a42c372abb60\ehiProxy.ni.dll
+ 2011-10-13 08:29 . 2011-10-13 08:29 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\d0744480733b33f48db1e8b2c0a4a6a3\ehiExtens.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 257536 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\aac91e2db0f6ca6c12f6dd4e9dc6838e\ehExtHost.ni.exe
+ 2012-02-16 09:27 . 2012-02-16 09:27 223744 c:\windows\assembly\NativeImages_v2.0.50727_32\ehCIR\0ffbe2ef12c6b7657e23b25abc1b2e09\ehCIR.ni.dll
+ 2011-10-13 08:28 . 2011-10-13 08:28 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\545f2e1ca544c2a8a39cbf8565e1c709\CustomMarshalers.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\3700bd4fd9d1acf376ed8ac435b49b68\ComSvcConfig.ni.exe
+ 2012-02-16 09:26 . 2012-02-16 09:26 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\6c7304676a603cecc92657a0d23c8306\BDATunePIA.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 469504 c:\windows\assembly\NativeImages_v2.0.50727_32\BCMMSIDCRL.Managed\0c2487f977d7c741aae01fc8ab5bb558\BCMMSIDCRL.Managed.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 484352 c:\windows\assembly\NativeImages_v2.0.50727_32\BCMCommon\f581734c615d4d172277e821d41edc9c\BCMCommon.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\eb5a0829f81e7a6b5790ced38cb8e35a\AspNetMMCExt.ni.dll
+ 2011-08-26 20:13 . 2011-08-26 20:13 118784 c:\windows\assembly\GAC_MSIL\cli_uretypes\1.0.7.0__ce2cb7e279207b9e\cli_uretypes.dll
+ 2011-08-26 20:13 . 2011-08-26 20:13 892928 c:\windows\assembly\GAC_MSIL\cli_oootypes\1.0.7.0__ce2cb7e279207b9e\cli_oootypes.dll
- 2009-07-14 00:09 . 2009-07-14 01:22 280576 c:\windows\assembly\GAC_32\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll
+ 2011-10-13 03:08 . 2011-08-17 04:30 280576 c:\windows\assembly\GAC_32\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll
+ 2012-02-22 09:04 . 2012-02-22 09:04 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2010-04-29 11:46 . 2010-04-29 11:46 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2011-12-15 09:03 . 2011-12-15 09:03 350080 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2012-02-22 09:04 . 2012-02-22 09:04 149368 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2012-01-10 03:58 . 2011-12-26 19:08 5255168 c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.1.7600.21114_none_b4da6acbec7d671e\System.Web.dll
+ 2012-01-10 03:58 . 2011-12-26 19:13 5251072 c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.1.7600.16936_none_cba9e165d2d472ba\System.Web.dll
+ 2012-01-10 03:58 . 2011-12-26 19:08 1282048 c:\windows\winsxs\x86_netfx35linq-system.web.extensions_31bf3856ad364e35_6.1.7600.21114_none_cf242f286563de09\System.Web.Extensions.dll
+ 2012-01-10 03:58 . 2011-12-26 19:13 1277952 c:\windows\winsxs\x86_netfx35linq-system.web.extensions_31bf3856ad364e35_6.1.7600.16936_none_ce871af74c54758d\System.Web.Extensions.dll
+ 2011-10-13 03:09 . 2011-07-08 22:32 5924176 c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.1.7600.21005_none_f00efc1f04dd79f8\mscorwks.dll
+ 2011-10-13 03:09 . 2011-07-08 22:35 5916496 c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.1.7600.16847_none_06e0734ceb32b842\mscorwks.dll
+ 2011-10-13 03:09 . 2011-07-08 22:32 4550656 c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.1.7600.21005_none_85682d3197561573\mscorlib.dll
+ 2011-10-13 03:09 . 2011-07-08 22:35 4550656 c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.1.7600.16847_none_9c39a45f7dab53bd\mscorlib.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 1619456 c:\windows\winsxs\x86_microsoft-windows-wmvdecod_31bf3856ad364e35_6.1.7600.20717_none_c3382cfa5a86be34\WMVDECOD.DLL
+ 2012-02-29 09:01 . 2012-02-29 09:01 1619456 c:\windows\winsxs\x86_microsoft-windows-wmvdecod_31bf3856ad364e35_6.1.7600.16597_none_c2580ee941aa00cb\WMVDECOD.DLL
+ 2012-03-14 05:24 . 2012-02-03 04:13 2351104 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21914_none_bb84862311e67a0a\win32k.sys
+ 2012-02-15 14:02 . 2012-01-14 03:35 2351104 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21898_none_bb3206051223c1c7\win32k.sys
+ 2011-12-14 11:52 . 2011-11-24 04:21 2350080 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21866_none_bb507535120d3b46\win32k.sys
+ 2011-11-08 18:46 . 2011-09-29 04:49 2349568 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21828_none_bb7db57911eafe30\win32k.sys
+ 2011-10-13 03:07 . 2011-09-06 03:46 2342400 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21811_none_bb81835f11e930de\win32k.sys
+ 2012-03-14 05:24 . 2012-02-03 03:54 2343424 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17772_none_bab80755f8fb5211\win32k.sys
+ 2012-02-15 14:02 . 2012-01-14 03:35 2343424 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17762_none_bac2d741f8f33620\win32k.sys
+ 2011-12-14 11:52 . 2011-11-24 04:25 2342912 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17730_none_bae14671f8dcaf9f\win32k.sys
+ 2011-11-08 18:46 . 2011-09-29 03:37 2341888 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17697_none_baa76709f9070b7f\win32k.sys
+ 2011-10-13 03:07 . 2011-09-06 02:28 2334720 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17685_none_bab03661f900bce0\win32k.sys
+ 2012-03-14 05:24 . 2012-02-03 03:53 2350592 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21143_none_b97c8f4b14d97eb5\win32k.sys
+ 2012-02-15 14:02 . 2012-01-14 03:39 2350080 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21127_none_b996304b14c5ac2f\win32k.sys
+ 2011-12-14 11:52 . 2011-11-24 04:26 2349568 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21097_none_b94a7ef114fe729f\win32k.sys
+ 2011-11-08 18:46 . 2011-09-29 03:35 2349056 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21060_none_b963ecaf14ec6d6b\win32k.sys
+ 2011-10-13 03:07 . 2011-09-06 02:29 2341376 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21046_none_b97f8e4314d6cd93\win32k.sys
+ 2012-03-14 05:24 . 2012-02-03 04:01 2341376 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16957_none_b8ec4b99fbc02cf6\win32k.sys
+ 2012-02-15 14:02 . 2012-01-14 03:48 2340864 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16948_none_b8f81bcffbb72a5c\win32k.sys
+ 2011-12-14 11:52 . 2011-11-24 04:23 2340352 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16920_none_b905b957fbae27c2\win32k.sys
+ 2011-11-08 18:46 . 2011-09-29 04:20 2339840 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16889_none_b8cdda83fbd6b650\win32k.sys
+ 2011-10-13 03:07 . 2011-09-06 02:38 2332672 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16878_none_b8d7aa25fbcf8108\win32k.sys
+ 2009-07-13 23:42 . 2009-07-14 01:11 1098752 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7601.21830_none_579ad6f7c13ca999\wab32res.dll
+ 2009-07-13 23:42 . 2009-07-14 01:11 1098752 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7601.17699_none_56d95b58a847985d\wab32res.dll
+ 2009-07-13 23:42 . 2009-07-14 01:11 1098752 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7600.21062_none_5595e0fdc42cfa49\wab32res.dll
+ 2009-07-13 23:42 . 2009-07-14 01:11 1098752 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.1.7600.16891_none_54eafc02ab2861b9\wab32res.dll
+ 2011-11-08 18:46 . 2011-09-29 16:17 1303920 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
+ 2011-11-08 18:46 . 2011-09-29 16:03 1290608 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
+ 2011-11-08 18:46 . 2011-09-29 16:02 1301872 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
+ 2011-11-08 18:46 . 2011-09-29 15:43 1285488 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
+ 2012-02-29 09:02 . 2012-02-29 09:02 1798656 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_9.4.8112.16441_none_9b49eb7d117ae064\jscript9.dll
+ 2011-12-14 11:52 . 2011-10-26 07:01 3915120 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21847_none_6ea3fd3d2b986563\ntoskrnl.exe
+ 2011-12-14 11:52 . 2011-10-26 07:01 3970928 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21847_none_6ea3fd3d2b986563\ntkrnlpa.exe
+ 2011-12-14 11:52 . 2011-10-26 04:47 3912560 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17713_none_6e36cf0e12660c6a\ntoskrnl.exe
+ 2011-12-14 11:52 . 2011-10-26 04:47 3967856 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17713_none_6e36cf0e12660c6a\ntkrnlpa.exe
+ 2011-12-14 11:52 . 2011-10-26 04:51 3915120 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21077_none_6c9d06af2e8a8365\ntoskrnl.exe
+ 2011-12-14 11:52 . 2011-10-26 04:51 3970416 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.21077_none_6c9d06af2e8a8365\ntkrnlpa.exe
+ 2011-12-14 11:52 . 2011-10-26 04:42 3901808 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16905_none_6c5d42881535b73b\ntoskrnl.exe
+ 2011-12-14 11:52 . 2011-10-26 04:42 3957104 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16905_none_6c5d42881535b73b\ntkrnlpa.exe
+ 2012-01-11 01:35 . 2011-11-17 05:31 1293104 c:\windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.1.7601.21861_none_5b2ed84a73b89ee9\ntdll.dll
+ 2012-01-11 01:35 . 2011-11-17 05:38 1288472 c:\windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.1.7601.17725_none_5ad47c575a76f4b7\ntdll.dll
+ 2012-01-11 01:35 . 2011-11-17 07:17 1293640 c:\windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.1.7600.21092_none_5928e20676a9d642\ntdll.dll
+ 2012-01-11 01:35 . 2011-11-17 05:41 1288984 c:\windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.1.7600.16915_none_58f8ef3d5d486cda\ntdll.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 3181568 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.20717_none_9d0cd7e486f8464a\mf.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 3181568 c:\windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.1.7600.16597_none_9c2cb9d36e1b88e1\mf.dll
+ 2012-01-26 17:16 . 2011-11-17 05:26 1038848 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsasrv.dll
+ 2012-01-26 17:16 . 2011-11-17 05:32 1038848 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsasrv.dll
+ 2012-01-26 17:16 . 2011-11-17 07:12 1037824 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsasrv.dll
+ 2012-01-26 17:16 . 2011-11-17 05:38 1037312 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsasrv.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 9705472 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_9.4.8112.16441_none_7d0c6f85c87592a0\ieframe.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 1792000 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16441_none_600dad3fa6dab99a\iertutil.dll
+ 2012-02-15 14:02 . 2011-12-16 08:57 2073600 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21878_none_64b21db37b12e8e5\iertutil.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 2073600 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21855_none_64c4bcad7b0564fe\iertutil.dll
+ 2011-10-13 03:07 . 2011-08-20 05:49 2073600 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.21795_none_64997b177b25d79b\iertutil.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 2073600 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17744_none_6444ef8461e08fec\iertutil.dll
+ 2011-12-14 11:52 . 2011-11-05 04:30 2073600 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17720_none_64568e3461d3f2ae\iertutil.dll
+ 2011-10-13 03:07 . 2011-08-20 04:26 2073600 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7601.17671_none_64217cfc61fb9a93\iertutil.dll
+ 2012-02-15 14:02 . 2011-12-16 07:48 2073088 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.21108_none_631748437db3eca4\iertutil.dll
+ 2011-12-14 11:52 . 2011-11-05 04:33 2073088 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.21085_none_62bdc61f7df78300\iertutil.dll
+ 2011-10-13 03:07 . 2011-08-20 04:31 2073088 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.21033_none_62f1d5277dd0c49d\iertutil.dll
+ 2012-02-15 14:02 . 2011-12-16 07:58 2072576 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16930_none_6265614264b5a2b3\iertutil.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 2072576 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16912_none_627d01ae64a39d7f\iertutil.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 2072576 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16869_none_624df23264c5dd6e\iertutil.dll
+ 2012-02-15 14:02 . 2011-12-16 08:58 5998080 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21878_none_305185f610b833be\mshtml.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 5997568 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21855_none_306424f010aaafd7\mshtml.dll
+ 2011-10-13 03:07 . 2011-10-01 06:06 5991936 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21830_none_3074c356109ef942\mshtml.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 5997568 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17744_none_2fe457c6f785dac5\mshtml.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 5997056 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17720_none_2ff5f676f7793d87\mshtml.dll
+ 2011-10-13 03:07 . 2011-10-01 04:34 5990400 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17699_none_2fb347b6f7a9e806\mshtml.dll
+ 2012-02-15 14:02 . 2011-12-16 07:49 6000640 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21108_none_2eb6b0861359377d\mshtml.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 5999616 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21085_none_2e5d2e62139ccdd9\mshtml.dll
+ 2011-10-13 03:07 . 2011-10-01 04:39 5991936 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.21062_none_2e6fcd5c138f49f2\mshtml.dll
+ 2012-02-15 14:02 . 2011-12-16 07:59 5999104 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16930_none_2e04c984fa5aed8c\mshtml.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 5997568 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16912_none_2e1c69f0fa48e858\mshtml.dll
+ 2011-10-13 03:07 . 2011-10-01 04:42 5990912 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16891_none_2dc4e860fa8ab162\mshtml.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 3695416 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_9.4.8112.16421_none_1411b9158604ddae\ieapfltr.dat
+ 2012-02-29 09:02 . 2012-02-29 09:02 1127424 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\wininet.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 1103360 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_9.4.8112.16441_none_cd4d1ac1f12074aa\urlmon.dll
+ 2012-02-15 14:02 . 2011-12-16 09:00 1232896 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7601.21878_none_d1f18b35c558a3f5\urlmon.dll
+ 2011-12-14 11:52 . 2011-11-05 04:31 1232896 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7601.21855_none_d2042a2fc54b200e\urlmon.dll
+ 2011-10-13 03:07 . 2011-08-20 05:52 1232896 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7601.21795_none_d1d8e899c56b92ab\urlmon.dll
+ 2012-02-15 14:02 . 2011-12-16 07:54 1231360 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7601.17744_none_d1845d06ac264afc\urlmon.dll
+ 2011-12-14 11:52 . 2011-11-05 04:34 1231360 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7601.17720_none_d195fbb6ac19adbe\urlmon.dll
+ 2011-10-13 03:07 . 2011-08-20 04:30 1231360 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7601.17671_none_d160ea7eac4155a3\urlmon.dll
+ 2012-02-15 14:02 . 2011-12-16 07:51 1231872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7600.21108_none_d056b5c5c7f9a7b4\urlmon.dll
+ 2011-12-14 11:52 . 2011-11-05 04:37 1231872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7600.21085_none_cffd33a1c83d3e10\urlmon.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 1231872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7600.21033_none_d03142a9c8167fad\urlmon.dll
+ 2012-02-15 14:02 . 2011-12-16 08:02 1230336 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7600.16930_none_cfa4cec4aefb5dc3\urlmon.dll
+ 2011-12-14 11:52 . 2011-11-05 04:35 1230336 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7600.16912_none_cfbc6f30aee9588f\urlmon.dll
+ 2011-10-13 03:07 . 2011-08-20 04:38 1230336 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.7600.16869_none_cf8d5fb4af0b987e\urlmon.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 1495552 c:\windows\winsxs\x86_microsoft-windows-explorerframe_31bf3856ad364e35_6.1.7600.20743_none_c306411fee237118\ExplorerFrame.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 1495040 c:\windows\winsxs\x86_microsoft-windows-explorerframe_31bf3856ad364e35_6.1.7600.16623_none_c292442cd4f5996c\ExplorerFrame.dll
+ 2012-03-14 05:24 . 2012-02-10 05:35 1170944 c:\windows\winsxs\x86_microsoft-windows-directx-warp10_31bf3856ad364e35_6.1.7600.21148_none_eaf1bae6d0fa9229\d3d10warp.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 1170944 c:\windows\winsxs\x86_microsoft-windows-directx-warp10_31bf3856ad364e35_6.1.7600.20830_none_eaf4ac94d0f97df0\d3d10warp.dll
+ 2012-03-14 05:24 . 2012-02-10 05:41 1170944 c:\windows\winsxs\x86_microsoft-windows-directx-warp10_31bf3856ad364e35_6.1.7600.16961_none_ea4ba41bb7f3459e\d3d10warp.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 1170944 c:\windows\winsxs\x86_microsoft-windows-directx-warp10_31bf3856ad364e35_6.1.7600.16699_none_ea3330f5b8046cb4\d3d10warp.dll
+ 2012-03-14 05:24 . 2012-02-10 05:27 1077248 c:\windows\winsxs\x86_microsoft-windows-directwrite_31bf3856ad364e35_6.1.7601.21920_none_d51faa7676da7693\DWrite.dll
+ 2012-03-14 05:24 . 2012-02-10 05:38 1077248 c:\windows\winsxs\x86_microsoft-windows-directwrite_31bf3856ad364e35_6.1.7601.17776_none_d465fde55ddffd61\DWrite.dll
+ 2012-03-14 05:24 . 2012-02-10 05:35 1077248 c:\windows\winsxs\x86_microsoft-windows-directwrite_31bf3856ad364e35_6.1.7600.21148_none_d32b862479bd435c\DWrite.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 1076736 c:\windows\winsxs\x86_microsoft-windows-directwrite_31bf3856ad364e35_6.1.7600.20830_none_d32e77d279bc2f23\DWrite.dll
+ 2012-03-14 05:24 . 2012-02-10 05:41 1074176 c:\windows\winsxs\x86_microsoft-windows-directwrite_31bf3856ad364e35_6.1.7600.16961_none_d2856f5960b5f6d1\DWrite.dll
+ 2012-02-29 09:01 . 2012-02-29 09:01 1074176 c:\windows\winsxs\x86_microsoft-windows-directwrite_31bf3856ad364e35_6.1.7600.16699_none_d26cfc3360c71de7\DWrite.dll
+ 2012-01-11 01:35 . 2011-10-26 06:18 1328128 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.1.7601.21847_none_a8e3d37d655b7e87\quartz.dll
+ 2012-01-11 01:35 . 2011-10-26 04:32 1328128 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.1.7601.17713_none_a876a54e4c29258e\quartz.dll
+ 2012-01-11 01:35 . 2011-10-26 04:33 1328640 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.1.7600.21077_none_a6dcdcef684d9c89\quartz.dll
+ 2012-01-11 01:35 . 2011-10-26 04:28 1328640 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.1.7600.16905_none_a69d18c84ef8d05f\quartz.dll
+ 2012-02-15 14:02 . 2011-10-31 23:15 3190784 c:\windows\winsxs\msil_system_b77a5c561934e089_6.1.7600.21083_none_9849a3bc31eb6726\System.dll
+ 2012-02-15 14:02 . 2011-10-31 23:17 3182592 c:\windows\winsxs\msil_system_b77a5c561934e089_6.1.7600.16910_none_af108980184a0edf\System.dll
+ 2012-01-10 03:58 . 2011-12-26 19:08 1282048 c:\windows\winsxs\msil_system.web.extensions_31bf3856ad364e35_6.1.7600.21114_none_3be299ea1846cd10\System.Web.Extensions.dll
+ 2012-01-10 03:58 . 2011-12-26 19:13 1277952 c:\windows\winsxs\msil_system.web.extensions_31bf3856ad364e35_6.1.7600.16936_none_3b4585b8ff376494\System.Web.Extensions.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 1127424 c:\windows\System32\wininet.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 1103360 c:\windows\System32\urlmon.dll
- 2009-07-14 02:03 . 2011-08-13 03:02 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:03 . 2012-03-18 05:29 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2010-04-29 11:32 . 2009-12-19 09:02 1328640 c:\windows\System32\quartz.dll
+ 2012-01-11 01:35 . 2011-10-26 04:28 1328640 c:\windows\System32\quartz.dll
+ 2011-12-14 11:52 . 2011-10-26 04:42 3901808 c:\windows\System32\ntoskrnl.exe
+ 2011-12-14 11:52 . 2011-10-26 04:42 3957104 c:\windows\System32\ntkrnlpa.exe
+ 2012-01-11 01:35 . 2011-11-17 05:41 1288984 c:\windows\System32\ntdll.dll
+ 2007-03-07 07:35 . 2007-03-07 07:35 1060864 c:\windows\System32\MFC71.dll
+ 2010-11-01 14:46 . 2011-09-01 23:31 6277280 c:\windows\System32\Macromed\Flash\NPSWF32.dll
+ 2012-01-26 17:16 . 2011-11-17 05:38 1037312 c:\windows\System32\lsasrv.dll
- 2010-11-03 09:42 . 2009-12-11 07:38 1037312 c:\windows\System32\lsasrv.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 1798656 c:\windows\System32\jscript9.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 1792000 c:\windows\System32\iertutil.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 9705472 c:\windows\System32\ieframe.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 3695416 c:\windows\System32\ieapfltr.dat
+ 2011-07-07 08:28 . 2011-07-07 08:28 1193320 c:\windows\System32\FM20.DLL
+ 2011-11-08 18:46 . 2011-09-29 15:43 1285488 c:\windows\System32\drivers\tcpip.sys
- 2009-07-14 04:34 . 2011-08-11 08:26 3799596 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:34 . 2012-03-14 08:21 3799596 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2012-01-10 03:58 . 2011-12-26 19:13 5251072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2012-02-15 14:02 . 2011-10-31 23:17 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-10-13 03:09 . 2011-07-08 22:35 5916496 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-06-15 22:06 . 2011-03-29 22:31 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-10-13 03:09 . 2011-07-08 22:35 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-10-21 21:28 . 2011-10-21 21:28 4771840 c:\windows\Installer\a39d7b0.msi
+ 2011-12-09 01:24 . 2011-12-09 01:24 4989952 c:\windows\Installer\6fe2cb0.msp
+ 2011-08-10 22:43 . 2011-08-10 22:43 3795968 c:\windows\Installer\69ad6772.msp
+ 2011-09-07 02:46 . 2011-09-07 02:46 9006080 c:\windows\Installer\69ad675f.msp
+ 2011-08-24 11:37 . 2011-08-24 11:37 4985856 c:\windows\Installer\69ad674c.msp
+ 2011-08-10 22:42 . 2011-08-10 22:42 7070208 c:\windows\Installer\69ad6739.msp
+ 2011-09-07 02:48 . 2011-09-07 02:48 8181248 c:\windows\Installer\69ad6726.msp
+ 2011-07-27 12:39 . 2011-07-27 12:39 9892352 c:\windows\Installer\69ad66f9.msp
+ 2012-02-03 21:13 . 2012-02-03 21:13 4988928 c:\windows\Installer\641e1544.msp
+ 2011-09-21 21:18 . 2011-09-21 21:18 4985856 c:\windows\Installer\452a4fc0.msp
+ 2011-10-28 05:50 . 2011-10-28 05:50 3459584 c:\windows\Installer\44bddbf4.msi
+ 2011-10-17 18:26 . 2011-10-17 18:26 1437184 c:\windows\Installer\2bde5183.msi
+ 2011-11-01 19:34 . 2011-11-01 19:34 4250112 c:\windows\Installer\261820b0.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 2247168 c:\windows\Installer\2618209a.msp
+ 2011-11-11 22:14 . 2011-11-11 22:14 9096192 c:\windows\Installer\26182087.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 4225536 c:\windows\Installer\26182074.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 2531840 c:\windows\Installer\2618205c.msp
+ 2011-11-11 22:15 . 2011-11-11 22:15 1795584 c:\windows\Installer\26182049.msp
+ 2011-11-11 22:16 . 2011-11-11 22:16 8458240 c:\windows\Installer\26182036.msp
+ 2011-01-18 08:53 . 2011-01-18 08:53 2994688 c:\windows\Installer\231bd9.msi
+ 2011-09-16 00:40 . 2011-09-16 00:40 7959552 c:\windows\Installer\1ed497db.msp
+ 2011-09-16 00:35 . 2011-09-16 00:35 1411072 c:\windows\Installer\1ed49650.msp
+ 2012-03-01 04:45 . 2012-03-01 04:45 4989440 c:\windows\Installer\1d25cd76.msp
+ 2010-04-29 11:45 . 2012-03-14 08:01 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-04-29 11:45 . 2011-08-11 08:04 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-04-29 11:45 . 2012-03-14 08:01 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-10-10 05:10 . 2009-10-10 05:10 2594632 c:\windows\Installer\$PatchCache$\Managed\00002119130000000000000000F01FEC\12.0.6612\VBE6.DLL
+ 2012-02-16 09:26 . 2012-02-16 09:26 2102272 c:\windows\assembly\NativeImages_v2.0.50727_32\Xceed.Grid\1dac991d1b0fbb163ed57b7d43709634\Xceed.Grid.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ba917f139b65f36c511a405ea452664b\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b8cf747f5cf284655141ab94b0e8ed0a\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 1105408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\28e22f8be49abe03972007d393788159\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-02-16 09:22 . 2012-02-16 09:22 3325952 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\7302baafd6c169c170e4cb9946cf8744\UIAutomationClientsideProviders.ni.dll
+ 2012-02-16 09:22 . 2012-02-16 09:22 7952384 c:\windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
+ 2012-02-16 09:22 . 2012-02-16 09:22 5452800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\83e604a790d14f761b938491d842e505\System.WorkflowServices.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 1914880 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\bb367de311a5a667d190a6692c712500\System.Workflow.Runtime.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\0bbafbdfda6fd92b7fb4f73eea8232ee\System.Workflow.ComponentModel.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6ad8759175f1d88baaecf3778254ede8\System.Workflow.Activities.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e0dbdfca9d4a65b1189481a168295866\System.Web.Services.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\08da6943f50dc536ac83d9412c9467a0\System.Web.Mobile.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 2403840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\295c56a93b0e0870aebea1e1ff6c8a1c\System.Web.Extensions.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\4fd17a17a3491ac0900ce695e0accd05\System.Speech.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 1705984 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\dbe077c5cdcef7f2165db3d73265272c\System.ServiceModel.Web.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a221123a83601a4a964218b3bd3f4fa6\System.Runtime.Serialization.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\378d6092f62088bb4c6df0c3b08738b8\System.Printing.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 8871936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\9aa15efebe592d86fb49db195f254bda\System.Management.Automation.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 1072128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\44d15a5bcd3143d53fd67b871c728616\System.IdentityModel.ni.dll
+ 2012-02-16 09:23 . 2012-02-16 09:23 1586688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\63dc10cf90c6a9c70c95d21d15f20a96\System.DirectoryServices.ni.dll
+ 2012-02-16 09:23 . 2012-02-16 09:23 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\633c6734669cdde71728a7d59f1ed1a6\System.Deployment.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 6618624 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c06a0517281bb4a9c7fcaeb58d38cd63\System.Data.ni.dll
+ 2012-02-16 09:22 . 2012-02-16 09:22 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\24df52cfcb704a481e21428788c7dc22\System.Data.SqlXml.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 1328640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\dce37eabe9bb4bd40a8393179071d3b5\System.Data.Services.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\d2dff86b5456eccada29a351a227ba44\System.Data.OracleClient.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\dfb2b5f2ce8da373b076adcf6fc39f47\System.Data.Linq.ni.dll
+ 2012-02-16 09:30 . 2012-02-16 09:30 9921024 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\433bb06af0bef1a0b4c275c5c126eb04\System.Data.Entity.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\a25e06e527720656434230d3ee420427\System.Core.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 2147328 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\98f8b2daee55f5bfbd8dbb0b54e4d9a6\ReachFramework.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bb6c78075c09c3687df6d5de89e4dfad\PresentationUI.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 1449984 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\ce4a36b917a8cd24d1424e179ce7f36f\PresentationBuildTasks.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\62984e09939e3a213a10855ba255c071\Narrator.ni.exe
+ 2012-02-16 09:29 . 2012-02-16 09:29 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\a51531417c51271078f842827a26c99c\MMCEx.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 6434304 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\acdc9c9f34623e58e9acca16034b0512\MIGUIControls.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4745cd79cd87ef98af5163b152088e28\Microsoft.VisualBasic.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 1092608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c614532b38e34d7f4b952819f8bfa7c8\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\af0b58e5b7c723ea1ec8456f21e5bab2\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\58f05de45b1152a4323f754415a89ad1\Microsoft.PowerShell.Editor.ni.dll
+ 2012-02-16 09:29 . 2012-02-16 09:29 1705472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3195c772aac03582e7eeb55b74f75b18\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-10-13 08:27 . 2011-10-13 08:27 2267648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\59f2e27a09f2c8640442e1d8fdbff809\Microsoft.Office.Interop.Outlook.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\db9d6e283344291ab71cb94015294a39\Microsoft.MediaCenter.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\a9d9608aba73e52c1163523848a54e9b\Microsoft.MediaCenter.UI.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 1125376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8cdffd2062745b61314cb812c100393c\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 2332672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\dd8c9dad457c919a28c818d5f6f2d457\Microsoft.JScript.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 1040896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\9bf4384aa1740f03ce6cf2e322d1249e\Microsoft.Interop.Mapi.Impl.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\fc50bce0e1ed23371ece4d8863086c25\Microsoft.Ink.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 4466688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\82e5bd82148a4b64c3323df73bc898c9\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.CSUtils.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 2831360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\1ad0976b154ad3bf1a507486e2194aa1\Microsoft.BusinessSolutions.eCRM.Reports2.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\c70384fb53daf2c28d8a641f76c06d0e\Microsoft.Build.Tasks.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9bea316c60079f4ac7ce0353f312874f\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\154f4214ffb1488ed7fadf6381100569\Microsoft.Build.Engine.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 2031104 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\7edf6d9f64bcd72c34376c56b19a7279\mcstore.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 3318784 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\9b0df623af29aadf4f0140b88585d987\mcepg.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 3826688 c:\windows\assembly\NativeImages_v2.0.50727_32\BusinessLayer\5be6c1f763e2178a4bc49ed949094ad9\BusinessLayer.ni.dll
+ 2012-02-16 09:26 . 2012-02-16 09:26 1526272 c:\windows\assembly\NativeImages_v2.0.50727_32\BCMRes\d5986073cb36e5a110d9c840391a414e\BCMRes.ni.dll
+ 2012-02-15 14:02 . 2011-10-31 23:17 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-01-10 03:58 . 2011-12-26 19:13 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-11-03 09:42 . 2010-09-23 22:31 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-01-10 03:58 . 2011-12-26 19:13 5251072 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-13 03:09 . 2011-07-08 22:35 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-06-15 22:06 . 2011-03-29 22:31 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-02-22 09:04 . 2012-02-22 09:04 1279864 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2012-02-15 14:02 . 2011-12-16 08:57 10992128 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.21878_none_81b0dff99cadc1eb\ieframe.dll
+ 2011-12-14 11:52 . 2011-11-11 05:36 10991616 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.21858_none_81c67fd19c9d8a09\ieframe.dll
+ 2011-10-13 03:07 . 2011-08-20 05:49 10991104 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.21795_none_81983d5d9cc0b0a1\ieframe.dll
+ 2012-02-15 14:02 . 2011-12-16 07:52 10992128 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.17744_none_8143b1ca837b68f2\ieframe.dll
+ 2011-12-14 11:52 . 2011-11-11 05:40 10991104 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.17723_none_81585158836c17b9\ieframe.dll
+ 2011-10-13 03:07 . 2011-08-20 04:26 10991104 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7601.17671_none_81203f4283967399\ieframe.dll
+ 2012-02-15 14:02 . 2011-12-16 07:48 10992128 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.21108_none_80160a899f4ec5aa\ieframe.dll
+ 2011-12-14 11:52 . 2011-11-11 05:50 10991104 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.21088_none_7fbf89439f8fa80b\ieframe.dll
+ 2011-10-13 03:07 . 2011-08-20 04:31 10991104 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.21033_none_7ff0976d9f6b9da3\ieframe.dll
+ 2012-02-15 14:02 . 2011-12-16 07:58 10991104 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.16930_none_7f64238886507bb9\ieframe.dll
+ 2011-12-14 11:52 . 2011-11-11 05:50 10990080 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.16913_none_7f7cc43e863d8fdc\ieframe.dll
+ 2011-10-13 03:07 . 2011-08-20 04:35 10990080 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.7600.16869_none_7f4cb4788660b674\ieframe.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 12282368 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_2bad15823c800473\mshtml.dll
+ 2012-02-29 09:02 . 2012-02-29 09:02 12282368 c:\windows\System32\mshtml.dll
+ 2011-08-26 20:01 . 2011-06-07 22:46 11575296 c:\windows\System32\gs\gs8.71\bin\gsdll32.dll
+ 2011-07-27 12:37 . 2011-07-27 12:37 11592192 c:\windows\Installer\69ad6713.msp
+ 2012-02-16 09:02 . 2012-02-16 09:02 20333056 c:\windows\Installer\641e154f.msp
+ 2011-10-13 08:02 . 2011-10-13 08:02 20333568 c:\windows\Installer\452a4fcb.msp
+ 2011-11-03 18:08 . 2011-11-03 18:08 15544320 c:\windows\Installer\313d4d74.msi
+ 2011-09-16 00:39 . 2011-09-16 00:39 11163136 c:\windows\Installer\1ed497d2.msp
+ 2011-09-16 00:38 . 2011-09-16 00:38 10838528 c:\windows\Installer\1ed497c7.msp
+ 2011-09-16 00:37 . 2011-09-16 00:37 16691712 c:\windows\Installer\1ed4966b.msp
+ 2011-09-16 00:37 . 2011-09-16 00:37 34428416 c:\windows\Installer\1ed49651.msp
+ 2012-02-16 09:23 . 2012-02-16 09:23 12431360 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 11824128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\2df79ab909c782d3796e4107d040327d\System.Web.ni.dll
+ 2012-02-16 09:27 . 2012-02-16 09:27 17400320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3623247db0c19cd14589e6f4d6cfb290\System.ServiceModel.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 10578432 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\2de1178a4e6c8d13ae1994dc67ba657a\System.Design.ni.dll
+ 2012-02-16 09:24 . 2012-02-16 09:24 14322688 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8435718626a24beaeefc98d45ae77127\PresentationFramework.ni.dll
+ 2012-02-16 09:23 . 2012-02-16 09:23 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c0508b05f5c28e37711f447a66368e75\PresentationCore.ni.dll
+ 2011-10-13 08:22 . 2011-10-13 08:22 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
+ 2012-02-16 09:28 . 2012-02-16 09:28 18683904 c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\ae91b1732df5ca76ea7d3d9069f9dfb8\ehshell.ni.dll
+ 2011-05-14 08:01 . 2012-03-14 08:01 137389436 c:\windows\winsxs\ManifestCache\a786a517e28d5687_blobs.bin
+ 2011-09-16 00:34 . 2011-09-16 00:34 428804608 c:\windows\Installer\1ed497bd.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ycVEDYkOmkxvLr.exe"="c:\programdata\ycVEDYkOmkxvLr.exe" [2012-03-18 447488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LenovoFSC"="c:\program files\Lenovo\FanSpeedControl\LenovoFSC.exe" [2009-07-29 49152]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-10 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-13 7830048]
"Healthcare"="c:\program files\Lenovo\HealthCare\HealthCare.exe" [2009-09-28 827392]
"CLMLServer"="c:\program files\Lenovo\Power2Go\CLMLSvc.exe" [2009-06-04 103720]
"UpdateP2GoShortCut"="c:\program files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"IdeaNotesUser"="c:\program files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe" [2009-08-24 221872]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-07 281768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-12-24 981680]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files\Windows Live\Installer\wlstart.exe" [2009-07-26 768336]
.
c:\users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\users\catt\AppData\Local\temp\quickstart.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-10 176128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DDNIMSGService;DDNIMSGService;c:\program files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-07-20 171872]
R2 DDNIService;DDNIService;c:\program files\DDNI\DIBS\DDNIService.exe [2010-07-23 163680]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-28 136176]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-11-03 2152152]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys [2009-03-02 16200]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-28 136176]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-11-03 15232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-04 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-22 81704]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-11-03 64512]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
S3 SuperIO;Lenovo ASD HWM Driver;c:\windows\system32\DRIVERS\spio.sys [2009-06-06 11720]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 18:06]
.
2012-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-28 06:46]
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-28 06:46]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://lenovo.msn.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
FF - ProfilePath - c:\users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://leftaction.com/|http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Add to Amazon Wish List Button: [email protected] - %profile%\extensions\[email protected]
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-03-20 15:29:00
ComboFix-quarantined-files.txt 2012-03-20 20:29
ComboFix2.txt 2011-08-13 16:06
.
Pre-Run: 46,566,481,920 bytes free
Post-Run: 46,249,959,424 bytes free
.
- - End Of File - - B97DB7A7F5F8D23F2B818DBD0C2F6B2E
  • 0

#15
Essexboy
Posted 20 March 2012 - 03:06 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK this should be the last of it, on completion can you let me know what problems remain

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:

File::
c:\programdata\1jv4PjOjeywkjD.exe
c:\programdata\ycVEDYkOmkxvLr.exe

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ycVEDYkOmkxvLr.exe"=-

Save this as CFScript.txt, in the same location as ComboFix.exe
Posted Image

Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP