Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

ZeroAccess + abnow google redirect


  • Please log in to reply

#1
klose

klose

    New Member

  • Member
  • Pip
  • 9 posts
My computer seems to be infected with the ZeroAccess trojan and a google redirector to abnow.com. I ran the standard programs to fix the redirect(ran the programs in the geekstogo redirect removal guide) and it seemed to fix it for a little bit, but on next reboot it continued again. MBAM wont get rid of ZeroAccess either.

Here is my OTL logfile. Thank you for your assistance.

OTL logfile created on: 4/4/2012 1:29:04 AM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Zack\Desktop
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.63 Gb Available Physical Memory | 65.73% Memory free
8.00 Gb Paging File | 6.28 Gb Available in Paging File | 78.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 156.14 Gb Free Space | 33.53% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 122.81 Gb Free Space | 13.18% Space Free | Partition Type: NTFS
Drive J: | 7.46 Gb Total Space | 2.41 Gb Free Space | 32.25% Space Free | Partition Type: FAT32

Computer Name: BADLANDS | User Name: Zack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/04 01:27:52 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Zack\Desktop\OTL.exe
PRC - [2012/03/13 05:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Zack\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/02/14 19:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Zack\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/12/12 01:28:22 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/12/01 06:11:22 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2011/12/01 06:11:18 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2010/03/10 01:38:18 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
PRC - [2010/01/06 18:23:32 | 000,142,648 | ---- | M] (FSPro Labs) -- C:\Windows\SysWOW64\fsproflt.exe
PRC - [2009/10/09 09:07:22 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========

MOD - [2009/07/13 21:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/06 23:28:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/03/15 16:35:18 | 000,071,168 | ---- | M] (Palm) [Auto | Running] -- C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe -- (NovacomD)
SRV:64bit: - [2010/10/12 23:54:08 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/10 01:38:18 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe -- (mi-raysat_3dsmax2011_64)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:39:46 | 000,005,120 | ---- | M] (Iomega) [Auto | Running] -- C:\Windows\SysNative\bdrsdrv.dll -- (SWNC5E00)
SRV:64bit: - [2008/07/29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2012/04/03 17:25:26 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/27 18:28:07 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012/02/07 18:23:43 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012/02/07 18:23:32 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/12/12 11:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/12/12 01:28:22 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/12/08 20:51:22 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/12/01 06:11:22 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2011/12/01 06:11:18 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2011/09/16 15:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/06 18:23:32 | 000,142,648 | ---- | M] (FSPro Labs) [Auto | Running] -- C:\Windows\SysWOW64\fsproflt.exe -- (fsproflt)
SRV - [2009/10/09 09:07:22 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009/07/26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/07 18:23:33 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011/10/07 01:21:40 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/06 22:46:02 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/16 15:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011/09/16 15:10:24 | 000,014,944 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\radpms.sys -- (radpms)
DRV:64bit: - [2011/09/16 15:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011/06/06 18:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/05/06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/16 16:22:04 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/10/09 08:50:50 | 000,024,248 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 16:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/06/06 16:35:46 | 000,055,440 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd.sys -- (FSProFilter)
DRV:64bit: - [2008/05/20 18:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2011/09/16 15:10:50 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D8 5F 43 52 0E E6 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FC AE A1 16 7B B3 AC 47 86 EA E7 C0 A6 62 69 6D [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8A622E3E-E722-4AF3-A088-1928DB90408A}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.18
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.724
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@onlive.com/OlGameDetect,version=1.1.0.70351: C:\Program Files (x86)\OnLive\FirefoxPlugin\npolgdet.dll (OnLive)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@rayv.com/rayvplugin: C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll (RayV)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Zack\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zack\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zack\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/02 20:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/15 17:19:35 | 000,000,000 | ---D | M]

[2010/07/23 19:29:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zack\AppData\Roaming\Mozilla\Extensions
[2012/04/03 20:35:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions
[2011/01/12 18:29:26 | 000,000,000 | ---D | M] (WebSlingPlayer) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
[2011/12/30 18:58:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/03/16 16:43:32 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2012/03/16 16:43:36 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/03/16 16:43:35 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\[email protected]
[2011/05/06 16:35:54 | 000,000,000 | ---D | M] ("Pencil") -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\[email protected]
[2012/04/03 20:35:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/30 21:22:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/12/30 18:57:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2010/05/12 16:42:04 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010/05/12 16:43:54 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010/05/12 16:42:52 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010/05/12 16:42:32 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2011/12/30 18:57:08 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/05/12 17:22:36 | 000,423,328 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2010/05/12 16:43:56 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Zack\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Zack\AppData\Local\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Zack\AppData\Local\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Zack\AppData\Local\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Zack\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: OnLive Games Service Detector for Firefox (Enabled) = C:\Program Files (x86)\OnLive\FirefoxPlugin\npolgdet.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RayV Plugin (Enabled) = C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Zack\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Zack\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Zack\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Gmail = C:\Users\Zack\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/03 23:20:50 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Zack\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - Startup: C:\Users\Zack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Zack\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FE176C4-A6CE-4CB1-971B-EE704D520D66}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FE176C4-A6CE-4CB1-971B-EE704D520D66}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/26 19:34:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: autouery - (C:\Windows\system32\dxdition64.dll) - File not found
O36 - AppCertDlls: PnkBgini - (C:\Windows\system32\dxdition.dll) - C:\Windows\SysWOW64\dxdition.dll (Kaspersky Lab)
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/04 01:28:20 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Zack\Desktop\OTL.exe
[2012/04/03 23:36:03 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/04/03 23:27:05 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/04/03 23:26:01 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\tdsskiller
[2012/04/03 23:24:55 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\GooredFix Backups
[2012/04/03 23:20:45 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/04/03 23:17:29 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Fix Computer
[2012/04/03 20:35:34 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\FiOS
[2012/04/03 20:28:25 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\VBAQSG
[2012/04/02 18:30:37 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012/04/02 18:26:20 | 000,000,000 | -HSD | C] -- C:\Users\Zack\AppData\Local\af0bcd22
[2012/03/30 13:59:58 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Roaming\PDAppFlex
[2012/03/30 13:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/03/30 13:47:17 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Rift
[2012/03/30 13:26:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/03/30 13:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/03/29 14:48:51 | 000,100,864 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\dxdition64.dll
[2012/03/29 14:48:51 | 000,089,088 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysWow64\dxdition.dll
[2012/03/23 15:48:59 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Roaming\Verizon
[2012/03/23 15:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Media Manager
[2012/03/23 15:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Verizon
[2012/03/23 15:35:35 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Local\SupportSoft
[2012/03/23 15:35:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VERIZONDM
[2012/03/23 15:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2012/03/23 15:35:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SupportSoft
[2012/03/23 12:37:07 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2012/03/23 12:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2012/03/23 12:33:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon
[2012/03/23 12:29:41 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Roaming\TechWizard
[2012/03/23 09:57:27 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Router1
[2012/03/16 17:53:58 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Inspiration
[2012/03/16 17:37:24 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Sticky Lips
[2012/03/11 20:10:12 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\App Icon [Rounded]
[2012/03/11 15:49:19 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Sketches
[2012/03/11 15:49:06 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Shops
[2012/03/11 15:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/11 15:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/03/11 15:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/03/11 15:20:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/03/10 17:33:02 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Roaming\Google
[2012/03/10 17:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/03/10 17:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
[2012/03/10 17:31:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/03/10 16:14:38 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\App Icons

========== Files - Modified Within 30 Days ==========

[2012/04/04 01:27:52 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Zack\Desktop\OTL.exe
[2012/04/04 01:27:52 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/04 01:27:52 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/04 01:20:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/04 01:20:27 | 000,000,000 | -HS- | M] () -- C:\Windows\SysNative\dds_log_ad13.cmd
[2012/04/04 01:20:22 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/04 01:13:56 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/04 00:45:05 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2511343510-2362421710-3736614235-1001UA.job
[2012/04/03 23:20:50 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/04/03 23:18:41 | 000,888,518 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/03 23:18:41 | 000,737,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/03 23:18:41 | 000,150,480 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/03 23:16:50 | 002,052,880 | ---- | M] () -- C:\Users\Zack\Desktop\tdsskiller.zip
[2012/04/03 22:45:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2511343510-2362421710-3736614235-1001Core.job
[2012/04/03 21:02:48 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/03 20:28:20 | 000,242,428 | ---- | M] () -- C:\Users\Zack\Desktop\VBAQSG.ZIP
[2012/04/01 23:05:15 | 442,232,930 | ---- | M] () -- C:\Users\Zack\Desktop\[uh] Saint Seiya Omega - 01 [B255D1EB].mkv
[2012/04/01 20:29:02 | 000,759,764 | ---- | M] () -- C:\Users\Zack\Desktop\6803.jpg
[2012/03/31 17:11:09 | 005,168,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/30 17:23:58 | 000,000,132 | ---- | M] () -- C:\Users\Zack\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/03/29 14:48:51 | 000,100,864 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\dxdition64.dll
[2012/03/29 14:48:51 | 000,089,088 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysWow64\dxdition.dll
[2012/03/23 16:45:07 | 1842,465,194 | ---- | M] () -- C:\Users\Zack\Desktop\photoshopcs6_p1_win_032112.zip
[2012/03/23 16:07:56 | 000,000,106 | ---- | M] () -- C:\Windows\VaultMediaClient.INI
[2012/03/23 15:49:20 | 000,003,584 | ---- | M] () -- C:\Users\Zack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/23 12:33:39 | 000,000,260 | ---- | M] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2012/03/23 12:33:39 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\MSIevent.bat
[2012/03/20 21:12:12 | 000,257,612 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/03/18 22:26:32 | 000,043,417 | ---- | M] () -- C:\Users\Zack\Desktop\1.jpg
[2012/03/18 19:01:01 | 000,624,681 | ---- | M] () -- C:\Users\Zack\Desktop\MichaelBay.jpg
[2012/03/11 20:10:15 | 000,001,456 | ---- | M] () -- C:\Users\Zack\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/03/11 15:20:29 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

========== Files Created - No Company Name ==========

[2012/04/03 23:17:29 | 002,052,880 | ---- | C] () -- C:\Users\Zack\Desktop\tdsskiller.zip
[2012/04/03 21:02:48 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/03 20:28:20 | 000,242,428 | ---- | C] () -- C:\Users\Zack\Desktop\VBAQSG.ZIP
[2012/04/03 17:25:46 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/02 18:27:24 | 000,000,000 | -HS- | C] () -- C:\Windows\SysNative\dds_log_ad13.cmd
[2012/04/01 22:56:18 | 442,232,930 | ---- | C] () -- C:\Users\Zack\Desktop\[uh] Saint Seiya Omega - 01 [B255D1EB].mkv
[2012/04/01 20:29:01 | 000,759,764 | ---- | C] () -- C:\Users\Zack\Desktop\6803.jpg
[2012/03/30 17:23:58 | 000,000,132 | ---- | C] () -- C:\Users\Zack\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/03/30 13:27:35 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012/03/30 13:26:48 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012/03/30 13:25:06 | 000,001,317 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012/03/30 13:24:52 | 000,001,483 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012/03/23 16:32:16 | 1842,465,194 | ---- | C] () -- C:\Users\Zack\Desktop\photoshopcs6_p1_win_032112.zip
[2012/03/23 16:07:56 | 000,000,106 | ---- | C] () -- C:\Windows\VaultMediaClient.INI
[2012/03/23 15:49:20 | 000,003,584 | ---- | C] () -- C:\Users\Zack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/23 12:33:39 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2012/03/23 12:33:39 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\MSIevent.bat
[2012/03/18 22:26:32 | 000,043,417 | ---- | C] () -- C:\Users\Zack\Desktop\1.jpg
[2012/03/18 19:01:00 | 000,624,681 | ---- | C] () -- C:\Users\Zack\Desktop\MichaelBay.jpg
[2012/03/11 15:20:29 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/10 00:07:51 | 000,001,456 | ---- | C] () -- C:\Users\Zack\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/11/19 14:17:20 | 000,000,000 | ---- | C] () -- C:\ProgramData\8C227oEtM.dat
[2011/11/09 19:14:05 | 000,000,116 | ---- | C] () -- C:\Windows\ftk.INI
[2011/11/06 18:37:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/06 18:37:24 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/06 18:37:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/06 18:37:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/06 18:37:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/09/23 22:15:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/09/14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/17 13:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/02 19:39:39 | 000,000,028 | ---- | C] () -- C:\Windows\UML.INI
[2010/12/20 23:00:30 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/11/04 16:14:37 | 000,000,600 | ---- | C] () -- C:\Users\Zack\AppData\Local\PUTTY.RND
[2010/10/14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/09/09 23:25:05 | 000,257,612 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/08/01 12:29:46 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/07/27 18:46:21 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/07/23 20:11:19 | 000,882,114 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/23 20:10:15 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/07/23 20:10:15 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/07/23 20:10:14 | 002,373,712 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/07/23 18:49:17 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/07/23 18:49:17 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/07/23 18:49:17 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/07/23 18:49:17 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/07/23 18:49:17 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/07/23 18:35:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== LOP Check ==========

[2011/11/19 14:04:14 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\a33ppnG4aQH6WKE
[2010/11/28 01:39:53 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Autodesk
[2012/01/17 21:31:02 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\BigHugeEngine
[2010/08/27 18:06:00 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Blackberry Desktop
[2010/12/19 18:47:04 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Braid
[2012/04/04 01:21:37 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Dropbox
[2011/11/19 14:04:20 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\EssWWJJ7dELgRqh
[2010/11/04 21:32:00 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\FileZilla
[2011/09/21 17:50:27 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\GameFly
[2011/10/03 16:44:36 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\ICAClient
[2011/08/08 19:58:47 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\IrfanView
[2011/08/30 21:23:48 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Jason Robitaille
[2010/07/24 11:32:23 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Launchy
[2010/11/07 22:14:01 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\LolClient
[2010/11/04 17:11:46 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Notepad++
[2010/08/27 19:15:38 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Octoshape
[2011/01/14 22:04:07 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\OnLive App
[2011/10/27 17:35:31 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Origin
[2012/03/30 13:59:58 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\PDAppFlex
[2010/10/22 20:15:22 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\RayV
[2010/08/27 18:00:17 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Research In Motion
[2012/03/30 13:52:21 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\RIFT
[2011/11/19 14:04:05 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\RZZZqhhYCwkUrlB
[2011/01/12 18:29:28 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Sling Media
[2012/01/26 21:35:16 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Spotify
[2010/12/06 19:19:36 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\SQL Developer
[2012/03/23 12:33:13 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\TechWizard
[2011/11/19 18:28:33 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\teeelIIBrzPNx
[2010/07/23 19:34:44 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Trillian
[2011/09/05 23:53:14 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\Two Pilots
[2012/04/03 20:34:27 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\uTorrent
[2011/11/19 14:04:12 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\vFFF4ppmG5sJ6
[2011/11/19 14:04:06 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\VXXwwkUVelOBzPy
[2011/11/19 14:04:20 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\yoonnF4aam5
[2012/03/03 14:37:31 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010/10/28 19:14:34 | 000,000,000 | ---D | M](C:\Users\Zack\Documents\?? ???) -- C:\Users\Zack\Documents\넥슨 플러그
[2010/10/28 19:14:34 | 000,000,000 | ---D | C](C:\Users\Zack\Documents\?? ???) -- C:\Users\Zack\Documents\넥슨 플러그

< End of report >



Extras file:

OTL Extras logfile created on: 4/4/2012 1:29:04 AM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Zack\Desktop
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.63 Gb Available Physical Memory | 65.73% Memory free
8.00 Gb Paging File | 6.28 Gb Available in Paging File | 78.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 156.14 Gb Free Space | 33.53% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 122.81 Gb Free Space | 13.18% Space Free | Partition Type: NTFS
Drive J: | 7.46 Gb Total Space | 2.41 Gb Free Space | 32.25% Space Free | Partition Type: FAT32

Computer Name: BADLANDS | User Name: Zack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Zack\AppData\Roaming\n4f9.exe" = C:\Users\Zack\AppData\Roaming\n4f9.exe:*:Enabled:n4f9.exe
"C:\Windows\System32\config\systemprofile\AppData\Roaming\n4f9.exe" = C:\Windows\System32\config\systemprofile\AppData\Roaming\n4f9.exe:*:Enabled:n4f9.exe
"C:\Users\Zack\AppData\Roaming\lssas.exe" = C:\Users\Zack\AppData\Roaming\lssas.exe:*:Enabled:lssas.exe
"C:\Users\Zack\AppData\Roaming\manager.exe" = C:\Users\Zack\AppData\Roaming\manager.exe:*:Enabled:manager.exe
"C:\Users\Zack\AppData\Roaming\n4f9.exe" = C:\Users\Zack\AppData\Roaming\n4f9.exe:*:Enabled:n4f9.exe
"C:\Windows\System32\config\systemprofile\AppData\Roaming\n4f9.exe" = C:\Windows\System32\config\systemprofile\AppData\Roaming\n4f9.exe:*:Enabled:n4f9.exe
"C:\Users\Zack\AppData\Roaming\lssas.exe" = C:\Users\Zack\AppData\Roaming\lssas.exe:*:Enabled:lssas.exe
"C:\Users\Zack\AppData\Roaming\manager.exe" = C:\Users\Zack\AppData\Roaming\manager.exe:*:Enabled:manager.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{144B2F95-E2C6-4317-94E7-0B9B03F133B7}" = Autodesk Inventor 2010
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{36EAEAF0-CDC5-F32F-01D2-C7D01EF96472}" = AMD AVIVO64 Codecs
"{39BFB02A-9692-0409-A808-3F5C7B1F8953}" = Autodesk 3ds Max 2011 64-bit
"{4B55F339-396E-29A9-B6D0-24B6D251C90A}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5783F2D7-8028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2010
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7563F495-80F5-0409-A514-747C66C22449}" = Autodesk 3ds Max 2011 64-bit Components
"{7FA24ACE-BF20-5570-F94A-3AE540223771}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B305CEFC-93A1-EF99-BFEF-CF7985E88D03}" = ccc-utility64
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BA9A297F-0198-4EE8-90CB-F5036C180E1D}" = Novacomd
"{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}" = Microsoft SQL Server 2008 Native Client
"{D0D59644-6282-D7C8-0EE3-4DDD7245C84C}" = AMD Media Foundation Decoders
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DBF6B4E9-CD43-476A-895D-4D688D41CE63}" = Composite 2011 (64-bit)
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{EF90F06A-3B2D-48E3-8C7A-1F2210200476}" = Autodesk Inventor Content Center Libraries 2010 (Desktop Content)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F763AC14-3F26-4161-9567-11D5260AD4FE}" = Autodesk Inventor 2010 English Language Pack
"332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 64-bit" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 64-bit
"Autodesk Inventor 2010" = Autodesk Inventor Professional 2010
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DWG TrueView 2010" = DWG TrueView 2010
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"My Lockbox_is1" = My Lockbox 2.1
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FF08D2-C0CD-4B02-B9A6-E2E7E5762AA9}" = Vz In Home Agent
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0AEB967F-1D12-43C8-A59C-D93DA8EE4A4E}" = Duty Calls
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0F052922-4BCE-4763-A540-00857554336D}" = Redist
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C78514A-5E5A-E653-1271-DAC1744206E3}" = HydraVision
"{1D106581-6726-4D1B-ABEC-0CA02410F24F}" = Adobe Photoshop CS6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{22764EFF-300F-8F3D-564D-7A4C4662D120}" = CCC Help Polish
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{2894AAC3-9A08-FF3A-6737-41A6178D0A09}" = CCC Help Chinese Standard
"{2A6355EB-273D-4368-9DB6-FB99EBA9FABD}" = Cisco AnyConnect VPN Client
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2F9CA7CF-BEF5-3CD9-8EFF-EC70162E3C02}" = Google Talk Plugin
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3536AD21-940C-D198-DD10-078011A5C13B}" = CCC Help Thai
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{4343080E-448E-4E2C-B27F-B91000018201}" = Dead Rising 2
"{4343080E-448E-4E2C-B27F-B91000028201}" = Dead Rising 2
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}" = Google SketchUp 8
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{49D87A8F-D04F-7749-DD32-BDBF9B24B232}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{50ACF4F1-D38A-4DCE-8147-0F574CDEF45B}" = Citrix online plug-in (USB)
"{52A4E146-A102-4ED0-970F-6B1715EB3C86}" = Quake Live Mozilla Plugin
"{53527E6C-D448-944C-C927-5D04EA99AA9F}" = GameFly
"{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}" = IHA_MessageCenter
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{657201DD-30C8-4E50-88AD-164B3812E8F5}" = Framebuffer Crysis WARHEAD Benchmark Tool
"{660C748F-A503-B771-7BD6-2D7C5AA1DBB4}" = CCC Help Dutch
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E03FAB5-6253-58B8-B939-AA83F64C3278}" = CCC Help Swedish
"{6FCB9803-D5BE-4AD3-A864-EB90A30C0001}" = CHM2PDF Pilot 2.16.108 Trial
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78BC5838-099A-402E-8868-ED8AA3506F42}" = ProDiscover Basic 7.0
"{7A75AFE3-A0C3-951D-4804-54721360FF90}" = CCC Help Hungarian
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{4B94701D-F335-49DE-89DB-7BDDD7282C02}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{976475B8-63E9-4559-BE2C-D26086BE4C40}" = LogMeIn
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2DC81B-8114-37D9-A922-95E460A1FAFB}" = Microsoft Visual Basic 2008 Express Edition - ENU
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9F218882-4CF1-F411-111A-B9B68770C0CE}" = CCC Help Czech
"{A1EF8DA8-E0CB-C805-4ACA-B7C028CF36F2}" = CCC Help Italian
"{A9F27D99-8478-C124-8978-09595FA9D805}" = CCC Help Portuguese
"{AAB0D88E-85D7-22CC-6935-0D2247152700}" = CCC Help French
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B124E6D3-91B4-4E3C-AD03-BA959B223537}" = Citrix online plug-in (Web)
"{B1D46FFA-BCA1-4810-A8C1-D091E65D544B}" = League of Legends
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{BFE903DE-4845-4387-9C6C-98B21B8445A3}" = GMATPrep™
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C104E9E6-F21E-2762-FBF0-6FE820B2D739}" = CCC Help Korean
"{C5632631-95E3-4DAF-2EB1-487EBE04DE19}" = Catalyst Control Center
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C95E964C-FCF4-13DB-1445-4FA8062271F8}" = CCC Help Spanish
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D7A8C334-7974-54A4-6533-EB84D19D7133}" = CCC Help English
"{D899C197-F8C1-4773-9EC4-6C1FBADB9B29}" = Citrix online plug-in (HDX)
"{D89F00EB-7868-A817-D618-AA446C0D56B3}" = CCC Help Chinese Traditional
"{D8D4ED7E-954C-449D-B21D-6F97036DF0E9}" = Citrix online plug-in (DV)
"{D9AB20FE-5267-7A1A-2064-8F18969DF88D}" = CCC Help German
"{DA45F8EC-4226-EA6A-4DA9-F1148F801BDA}" = CCC Help Russian
"{DA7747E1-1F8D-BBC5-BE66-00B21BE5B81B}" = CCC Help Turkish
"{DADEC9BB-66FC-A3E4-8BC9-83E73BA1B5B2}" = CCC Help Greek
"{DD0FDF02-6AA4-8C7D-AAB0-4C8C7207C0C1}" = CCC Help Japanese
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DF38F332-2AC3-37FF-9FDC-8C4C80E531FB}" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"{E0D5CB1C-7D35-709E-7F58-6CF6FFC3D6B7}" = Catalyst Control Center Graphics Previews Common
"{E1D8B687-F098-4C43-B388-CFE3C621EE38}" = AccessData FTK Imager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB20F561-2AF5-0368-E353-AF093FBBADC2}" = CCC Help Norwegian
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECDE16E7-E3FC-F094-F14D-0326D03B9D96}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F38AF6F6-059C-C683-826F-00539526D86D}" = CCC Help Danish
"{F5DAFD10-6E61-49BF-B3C5-5AA9AF3A0863}" = Verizon Download Manager
"{F5DB451E-D0B7-477E-8DC5-704401139DAD}" = AccessData Forensic Toolkit 1.81.2
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FCD58710-F023-E26C-6373-79C72FED0B90}" = Catalyst Control Center Localization All
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"Bejeweled 2 Deluxe" = Bejeweled 2 Deluxe
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"CCleaner" = CCleaner
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Diablo III Beta" = Diablo III Beta
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.3.4.1
"Fraps" = Fraps (remove only)
"GameFly" = GameFly
"GOM Player" = GOM Player
"GomTVStreamer" = GOMTV Streamer
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.1.0 (Full)
"Launchy_21344213_is1" = Launchy 2.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2008 Express Edition - ENU" = Microsoft Visual Basic 2008 Express Edition - ENU
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"MSDN Library for Microsoft Visual Studio 2008 Express Editions" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"Notepad++" = Notepad++
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.VISIOR" = Microsoft Visio Professional 2010
"OnLive" = OnLive
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RayV" = DTVblizzcon
"SopCast" = SopCast 3.0.3
"Spotify" = Spotify
"StarCraft II" = StarCraft II
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 1500" = Darwinia
"Steam App 17330" = Crysis Warhead
"Steam App 200910" = Sequence
"Steam App 20820" = Shatter
"Steam App 20920" = The Witcher 2
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 26500" = Cogs
"Steam App 26800" = Braid
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 29180" = Osmos
"Steam App 40800" = Super Meat Boy
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 42910" = Magicka
"Steam App 49400" = Magic: The Gathering - Duels of the Planeswalkers
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"Steam App 63710" = BIT.TRIP RUNNER
"Steam App 70300" = VVVVVV
"Steam App 71270" = Football Manager 2012
"Steam App 71400" = Football Manager 2012 Editor
"Steam App 71410" = Football Manager 2012 Resource Archiver
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8190" = Just Cause 2
"Steam App 94200" = Jamestown
"Trillian" = Trillian
"Verizon Media Manager" = Verizon Media Manager
"Vindictus" = Vindictus
"VLC media player" = VLC media player 1.1.1
"WinHex" = WinHex

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Octoshape Streaming Services" = Octoshape Streaming Services
"Spotify" = Spotify

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/15/2012 8:13:09 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/15/2012 9:22:25 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/16/2012 12:15:05 AM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/16/2012 12:58:23 AM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/16/2012 8:15:46 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/17/2012 7:42:01 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/17/2012 9:43:51 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/18/2012 9:02:05 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/20/2012 8:08:09 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/21/2012 7:14:42 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 4/4/2012 1:15:01 AM | Computer Name = Badlands | Source = DCOM | ID = 10016
Description =

Error - 4/4/2012 1:15:09 AM | Computer Name = Badlands | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 4/4/2012 1:15:50 AM | Computer Name = Badlands | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 4/4/2012 1:20:36 AM | Computer Name = Badlands | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060

Error - 4/4/2012 1:20:37 AM | Computer Name = Badlands | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 4/4/2012 1:20:40 AM | Computer Name = Badlands | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 4/4/2012 1:20:40 AM | Computer Name = Badlands | Source = Service Control Manager | ID = 7003
Description = The Internet Connection Sharing (ICS) service depends the following
service: BFE. This service might not be installed.

Error - 4/4/2012 1:20:45 AM | Computer Name = Badlands | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126

Error - 4/4/2012 1:21:17 AM | Computer Name = Badlands | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 4/4/2012 1:21:40 AM | Computer Name = Badlands | Source = DCOM | ID = 10016
Description =


< End of report >

Edited by klose, 04 April 2012 - 12:09 AM.

  • 0

Advertisements


#2
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hello, klose! :wave:

:welcome: I'm Nedklaw and I'll be glad to help you with your malware issues. :)

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

These instructions are specifically designed for klose only. No one else should follow these instructions because it can cause serious damage to your computer.

Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:
  • Please completely read through all of the instructions given to you before attempting to follow them. Reading too lightly will cause you to miss important steps, which could have DESTRUCTIVE effects. If you can't perform a certain step or you are unsure about what to do, let me know!
  • Don't be afraid to ask questions! If you are unsure about anything, ask me! No question is considered stupid here!
  • Be patient with me, logs can take some time to research and my life can mean that I'm busy.
  • Please copy and paste all logs into your reply. Do not attach logs to a post unless I tell you to or if they don't fit in the post.
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • NEVER fix anything in OTL or other programs on your own! This can be very dangerous and cause harm to your system.
  • Refrain from running any other tools apart from the ones I tell you to.
Note: You should save or print out my instructions for easy reference, as part of the fix may be in Safe Mode and you won't be able to access GeeksToGo.


I am currently reviewing you logs and I will post back soon.
  • 0

#3
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
Download aswMBR.exe (1.8mb) to your desktop.

Double click aswMBR.exe to run it.

Click the "Scan" button to start the scan.
If Avast asks to download definitions, please say Yes.

Posted Image


On completion of the scan click save log, save it to your desktop and post it in your next reply.

Posted Image
  • 0

#4
klose

klose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Here is the aswMBR log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-04 18:00:44
-----------------------------
18:00:44.754 OS Version: Windows x64 6.1.7600
18:00:44.754 Number of processors: 2 586 0x1706
18:00:44.754 ComputerName: BADLANDS UserName: Zack
18:00:46.501 Initialize success
18:01:06.140 AVAST engine defs: 12040401
18:01:13.878 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
18:01:13.878 Disk 0 Vendor: WDC_WD1002FAEX-00Z3A0 05.01D05 Size: 953868MB BusType: 3
18:01:13.878 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
18:01:13.878 Disk 1 Vendor: WDC_WD5000AAKS-65YGA0 12.01C02 Size: 476940MB BusType: 3
18:01:13.894 Disk 1 MBR read successfully
18:01:13.894 Disk 1 MBR scan
18:01:13.894 Disk 1 Windows 7 default MBR code
18:01:13.894 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:01:13.909 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
18:01:13.956 Disk 1 scanning C:\Windows\system32\drivers
18:01:23.940 Service scanning
18:01:41.474 Service SWNC5E00 C:\Windows\system32\bdrsdrv.dll **INFECTED** Win64:Sirefef-E [Trj]
18:01:45.125 Modules scanning
18:01:45.125 Disk 1 trace - called modules:
18:01:45.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
18:01:45.140 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80049fa060]
18:01:45.140 3 CLASSPNP.SYS[fffff880019a143f] -> nt!IofCallDriver -> [0xfffffa8004089b20]
18:01:45.140 5 ACPI.sys[fffff88000f8c781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa80044b1060]
18:01:46.310 AVAST engine scan C:\Windows
18:01:48.853 AVAST engine scan C:\Windows\system32
18:01:53.486 File: C:\Windows\system32\bdrsdrv.dll **INFECTED** Win64:Sirefef-E [Trj]
18:01:56.653 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Sirefef-JQ [Trj]
18:02:08.416 File: C:\Windows\system32\dxdition64.dll **INFECTED** Win32:Kryptik-IFN [Trj]
18:03:25.816 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
18:03:27.953 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
18:04:31.868 File: C:\Windows\assembly\tmp\loader.tlb **SUSPICIOUS**
18:04:31.931 File: C:\Windows\assembly\tmp\U\[email protected] **SUSPICIOUS**
18:04:31.977 File: C:\Windows\assembly\tmp\U\[email protected] **SUSPICIOUS**
18:04:31.977 File: C:\Windows\assembly\tmp\U\[email protected] **SUSPICIOUS**
18:04:32.009 File: C:\Windows\assembly\tmp\U\[email protected] **SUSPICIOUS**
18:04:32.024 File: C:\Windows\assembly\tmp\U\[email protected] **SUSPICIOUS**
18:04:32.055 File: C:\Windows\assembly\tmp\U\[email protected] **SUSPICIOUS**
18:04:32.102 File: C:\Windows\assembly\tmp\U\[email protected] **INFECTED** Win32:Sirefef-PL [Rtk]
18:04:32.118 File: C:\Windows\assembly\tmp\U\[email protected] **SUSPICIOUS**
18:04:32.149 File: C:\Windows\assembly\tmp\U\[email protected] **SUSPICIOUS**
18:04:32.196 File: C:\Windows\assembly\tmp\U\[email protected] **INFECTED** Win32:Malware-gen
18:04:32.243 File: C:\Windows\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6} **SUSPICIOUS**
18:04:32.820 AVAST engine scan C:\Windows\system32\drivers
18:04:43.912 AVAST engine scan C:\Users\Zack
18:04:45.019 File: C:\Users\Zack\AppData\Local\af0bcd22\U\[email protected] **INFECTED** Win32:Malware-gen
18:04:45.050 File: C:\Users\Zack\AppData\Local\af0bcd22\U\[email protected] **INFECTED** Win32:Malware-gen
18:11:36.477 AVAST engine scan C:\ProgramData
18:14:54.207 Scan finished successfully
18:16:06.827 Disk 1 MBR has been saved successfully to "C:\Users\Zack\Desktop\MBR.dat"
18:16:06.827 The log file has been saved successfully to "C:\Users\Zack\Desktop\aswMBR.txt"
18:16:23.256 Disk 1 MBR has been saved successfully to "J:\Fix Computer\MBR.dat"
18:16:23.475 The log file has been saved successfully to "J:\Fix Computer\aswMBR.txt"
  • 0

#5
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)

Re-Run aswMBR.

Click Scan.

On completion of the scan, click the Fix botton.

Posted Image

Save the log as before and post it in your next reply.
  • 0

#6
klose

klose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I ran the scan again and it found the same stuff. I hit fix and shortly after my computer rebooted, which lead to a chkdsk starting. After the chkdsk ended my computer rebooted again but when I came back to my desktop the new log didn't save unfortunately. So I ran the aswMBR again and now no malacious stuff showed up. Here is the log.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-05 20:16:04
-----------------------------
20:16:04.088 OS Version: Windows x64 6.1.7600
20:16:04.088 Number of processors: 2 586 0x1706
20:16:04.088 ComputerName: BADLANDS UserName: Zack
20:16:17.216 Initialize success
20:16:26.342 AVAST engine defs: 12040401
20:16:52.109 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
20:16:52.110 Disk 0 Vendor: WDC_WD1002FAEX-00Z3A0 05.01D05 Size: 953868MB BusType: 3
20:16:52.112 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
20:16:52.114 Disk 1 Vendor: WDC_WD5000AAKS-65YGA0 12.01C02 Size: 476940MB BusType: 3
20:16:52.123 Disk 1 MBR read successfully
20:16:52.125 Disk 1 MBR scan
20:16:52.128 Disk 1 Windows 7 default MBR code
20:16:52.134 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:16:52.145 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
20:16:52.205 Disk 1 scanning C:\Windows\system32\drivers
20:16:58.264 Service scanning
20:17:16.548 Modules scanning
20:17:16.553 Disk 1 trace - called modules:
20:17:16.894 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
20:17:16.897 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80049f7790]
20:17:16.900 3 CLASSPNP.SYS[fffff8800186143f] -> nt!IofCallDriver -> [0xfffffa8004082b20]
20:17:16.904 5 ACPI.sys[fffff88000f32781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa80044ae060]
20:17:18.211 AVAST engine scan C:\Windows
20:17:20.620 AVAST engine scan C:\Windows\system32
20:19:34.276 AVAST engine scan C:\Windows\system32\drivers
20:19:41.910 AVAST engine scan C:\Users\Zack
20:26:52.628 AVAST engine scan C:\ProgramData
20:30:48.420 Scan finished successfully
20:33:24.519 Disk 1 MBR has been saved successfully to "J:\Fix Computer\MBR.dat"
20:33:24.874 The log file has been saved successfully to "J:\Fix Computer\aswMBR 4-5-12.txt"

Not sure if this means everything is fixed. Leaving my computer off my network for now.
  • 0

#7
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
We still have quite a few steps to perform until your computer is fully clean of malware.


Step 1

Download ComboFix from one of these locations and set the Save as type to All Files before saving it.

Link 1
Link 2
Link 3


IMPORTANT !!! You need to Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you are still unsure on how to do this, see here.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click Yes, to continue scanning for malware. Please be patient and don't use the PC whilst it is scanning.

When finished, it shall produce a log for you. Please copy & paste the contents of this log at C:\ComboFix.txt in your next reply.


Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Double-click on TDSSKiller.exe to run the application, then click on Change Parameters.

    Posted Image

  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image

  • Click the Start Scan button.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image

  • If malicious objects are found, they will show in the Scan results and offer 3 options.
  • Ensure Cure is selected, then click Continue --> Reboot Computer to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.


Things I want to see in your next reply

  • ComboFix.txt
  • TDSSKiller.[Version]_[Date]_[Time]_log.txt

  • 0

#8
klose

klose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Here is the combofix log file:

ComboFix 12-04-06.03 - Zack 04/06/2012 12:15:52.8.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.4094.2860 [GMT -4:00]
Running from: c:\users\Zack\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Zack\AppData\Local\af0bcd22\U
c:\users\Zack\AppData\Local\af0bcd22\U\[email protected]
c:\windows\assembly\tmp\U
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-03-06 to 2012-04-06 )))))))))))))))))))))))))))))))
.
.
2012-04-06 16:21 . 2012-04-06 16:21 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-06 16:21 . 2012-04-06 16:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-04 03:27 . 2012-04-04 05:19 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-04 03:20 . 2012-04-04 03:20 -------- d-----w- C:\_OTM
2012-04-03 21:25 . 2012-04-03 21:25 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-02 22:30 . 2012-04-02 22:30 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-04-02 22:27 . 2012-04-05 23:49 0 --sha-w- c:\windows\system32\dds_log_ad13.cmd
2012-04-02 22:26 . 2012-04-06 16:21 -------- d-sh--w- c:\users\Zack\AppData\Local\af0bcd22
2012-03-30 17:59 . 2012-03-30 17:59 -------- d-----w- c:\users\Zack\AppData\Roaming\PDAppFlex
2012-03-30 17:59 . 2012-03-30 18:00 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-03-30 17:22 . 2012-03-30 17:27 -------- d-----w- c:\program files\Common Files\Adobe
2012-03-29 18:48 . 2012-03-29 18:48 89088 ----a-w- c:\windows\SysWow64\dxdition.dll
2012-03-23 19:48 . 2012-03-23 19:49 -------- d-----w- c:\users\Zack\AppData\Roaming\Verizon
2012-03-23 19:48 . 2012-03-23 19:48 -------- d-----w- c:\programdata\Verizon
2012-03-23 19:35 . 2012-03-23 19:37 -------- d-----w- c:\users\Zack\AppData\Local\SupportSoft
2012-03-23 19:35 . 2012-03-23 19:35 -------- d-----w- c:\program files (x86)\VERIZONDM
2012-03-23 19:35 . 2012-03-23 19:35 -------- d-----w- c:\programdata\SupportSoft
2012-03-23 19:35 . 2012-03-23 19:35 -------- d-----w- c:\program files (x86)\Common Files\SupportSoft
2012-03-23 16:37 . 2012-03-23 16:37 -------- d-----w- c:\program files\Verizon
2012-03-23 16:33 . 2012-03-23 16:33 260 ----a-w- c:\windows\SysWow64\cmdVBS.vbs
2012-03-23 16:33 . 2012-03-23 16:33 256 ----a-w- c:\windows\SysWow64\MSIevent.bat
2012-03-23 16:33 . 2012-03-23 19:48 -------- d-----w- c:\program files (x86)\Verizon
2012-03-23 16:29 . 2012-03-23 16:33 -------- d-----w- c:\users\Zack\AppData\Roaming\TechWizard
2012-03-11 19:20 . 2012-03-11 19:20 -------- d-----w- c:\program files\iPod
2012-03-11 19:20 . 2012-03-11 19:20 -------- d-----w- c:\program files\iTunes
2012-03-11 19:20 . 2012-03-11 19:20 -------- d-----w- c:\program files (x86)\iTunes
2012-03-10 21:31 . 2012-03-10 21:31 -------- d-----w- c:\program files (x86)\Google
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-03 21:25 . 2011-05-18 21:09 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-28 06:10 . 2012-02-28 06:10 947472 ----a-w- c:\windows\SysWow64\msjava.dll
2012-02-15 15:01 . 2012-02-15 15:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 15:01 . 2012-02-15 15:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-07 22:23 . 2011-12-25 21:06 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-02-07 22:23 . 2011-12-25 21:06 34688 ----a-w- c:\windows\system32\LMIport.dll
2012-02-07 22:23 . 2011-12-25 21:06 80768 ----a-w- c:\windows\system32\LMIinit.dll
2011-11-06 20:46 442368 --sh--w- c:\windows\SysWOW64\ykkcr.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2011-11-19_22.58.09 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-07-24 00:10 . 2011-10-27 22:20 75136 c:\windows\SysWOW64\PnkBstrA.exe
+ 2010-07-24 00:10 . 2011-12-12 05:28 75136 c:\windows\SysWOW64\PnkBstrA.exe
+ 2010-05-19 15:36 . 2010-05-19 15:36 88904 c:\windows\SysWOW64\msxml4r.dll
+ 2011-08-31 04:05 . 2011-08-31 04:05 50536 c:\windows\SysWOW64\jdns_sd.dll
- 2011-07-12 15:20 . 2011-07-12 15:20 50536 c:\windows\SysWOW64\jdns_sd.dll
- 2011-07-12 15:20 . 2011-07-12 15:20 73064 c:\windows\SysWOW64\dnssd.dll
+ 2011-08-31 04:05 . 2011-08-31 04:05 73064 c:\windows\SysWOW64\dnssd.dll
+ 2011-08-31 04:05 . 2011-08-31 04:05 83816 c:\windows\SysWOW64\dns-sd.exe
- 2011-07-12 15:20 . 2011-07-12 15:20 83816 c:\windows\SysWOW64\dns-sd.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 17760 c:\windows\SysWOW64\aspnet_counters.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 17760 c:\windows\SysWOW64\aspnet_counters.dll
+ 2011-12-30 22:57 . 2011-12-30 22:57 87901 c:\windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe
+ 2011-11-22 13:34 . 2011-11-22 13:34 86016 c:\windows\SysWOW64\Adobe\Shockwave 11\SwMenu.dll
+ 2011-11-22 13:19 . 2011-11-22 13:19 73408 c:\windows\SysWOW64\Adobe\Shockwave 11\gtapi.dll
+ 2011-11-22 13:19 . 2011-11-22 13:19 64512 c:\windows\SysWOW64\Adobe\Shockwave 11\gcapi_dll.dll
+ 2011-11-22 13:36 . 2011-11-22 13:36 12800 c:\windows\SysWOW64\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-12-25 21:07 . 2011-12-25 21:07 43744 c:\windows\system32\wups2.dll
+ 2011-12-25 21:07 . 2011-12-25 21:07 38112 c:\windows\system32\wups.dll
+ 2011-12-25 21:07 . 2011-12-25 21:07 98816 c:\windows\system32\wudriver.dll
+ 2011-12-25 21:07 . 2011-12-25 21:07 57560 c:\windows\system32\wuauclt.exe
+ 2011-12-25 21:07 . 2011-12-25 21:07 36864 c:\windows\system32\wuapp.exe
- 2009-07-14 00:34 . 2009-07-14 01:39 36864 c:\windows\system32\wuapp.exe
+ 2010-07-24 15:32 . 2012-04-06 16:25 46894 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-06 16:25 38020 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-07-23 22:37 . 2012-04-06 16:25 20564 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2511343510-2362421710-3736614235-1001_UserData.bin
+ 2011-02-20 02:51 . 2011-02-20 02:51 57168 c:\windows\system32\vcomp100.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 57168 c:\windows\system32\vcomp100.dll
+ 2011-12-25 21:06 . 2012-02-07 22:23 59776 c:\windows\system32\spool\prtprocs\x64\LMIproc.dll
+ 2011-12-25 21:06 . 2012-02-07 22:23 65408 c:\windows\system32\spool\drivers\x64\LMIprinterui.dll
+ 2011-12-25 21:06 . 2012-02-07 22:23 65408 c:\windows\system32\spool\drivers\x64\LMIprinterdat.dll
+ 2011-12-25 21:06 . 2012-02-07 22:23 53120 c:\windows\system32\spool\drivers\x64\LMIprinter.dll
+ 2011-12-25 21:06 . 2012-02-07 22:23 65408 c:\windows\system32\spool\drivers\x64\3\LMIprinterui.dll
+ 2011-12-25 21:06 . 2012-02-07 22:23 65408 c:\windows\system32\spool\drivers\x64\3\LMIprinterdat.dll
+ 2011-12-25 21:06 . 2012-02-07 22:23 53120 c:\windows\system32\spool\drivers\x64\3\LMIprinter.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 93008 c:\windows\system32\mfcm100u.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 93008 c:\windows\system32\mfcm100.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 60752 c:\windows\system32\mfc100rus.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 60752 c:\windows\system32\mfc100rus.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 43344 c:\windows\system32\mfc100kor.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 43344 c:\windows\system32\mfc100kor.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 43856 c:\windows\system32\mfc100jpn.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 43856 c:\windows\system32\mfc100jpn.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 62288 c:\windows\system32\mfc100ita.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 62288 c:\windows\system32\mfc100ita.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 64336 c:\windows\system32\mfc100fra.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 64336 c:\windows\system32\mfc100fra.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 63824 c:\windows\system32\mfc100esn.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 63824 c:\windows\system32\mfc100esn.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 55120 c:\windows\system32\mfc100enu.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 55120 c:\windows\system32\mfc100enu.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 64336 c:\windows\system32\mfc100deu.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 64336 c:\windows\system32\mfc100deu.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 36176 c:\windows\system32\mfc100cht.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 36176 c:\windows\system32\mfc100cht.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 36176 c:\windows\system32\mfc100chs.dll
- 2010-03-18 14:36 . 2010-03-18 14:36 36176 c:\windows\system32\mfc100chs.dll
+ 2011-09-16 19:10 . 2011-09-16 19:10 14624 c:\windows\system32\lmimirr2.dll
+ 2011-09-16 19:10 . 2011-09-16 19:10 35616 c:\windows\system32\lmimirr.dll
- 2011-07-12 15:34 . 2011-07-12 15:34 61288 c:\windows\system32\jdns_sd.dll
+ 2011-08-31 04:05 . 2011-08-31 04:05 61288 c:\windows\system32\jdns_sd.dll
+ 2009-07-14 05:30 . 2012-03-23 16:29 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-10-09 02:08 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-02-15 15:01 . 2012-02-15 15:01 52736 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c111aaecb61e9a2b\usbaapl64.sys
+ 2011-06-27 15:39 . 2009-11-13 05:38 13931 c:\windows\system32\DriverStore\FileRepository\netr28ux.inf_amd64_neutral_86005164051984f0\RaCoInst.dat
+ 2011-05-10 12:06 . 2011-05-10 12:06 22528 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_dc2cbd989eec1514\netaapl64.sys
+ 2011-09-16 19:10 . 2011-09-16 19:10 14944 c:\windows\system32\drivers\radpms.sys
+ 2010-07-23 22:51 . 2011-12-10 19:24 23152 c:\windows\system32\drivers\mbam.sys
+ 2011-12-25 21:06 . 2011-09-16 19:10 72216 c:\windows\system32\drivers\LMIRfsDriver.sys
+ 2011-09-16 19:10 . 2011-09-16 19:10 11552 c:\windows\system32\drivers\lmimirr.sys
+ 2011-08-31 04:05 . 2011-08-31 04:05 85864 c:\windows\system32\dnssd.dll
- 2011-07-12 15:34 . 2011-07-12 15:34 85864 c:\windows\system32\dnssd.dll
+ 2011-08-31 04:05 . 2011-08-31 04:05 96104 c:\windows\system32\dns-sd.exe
- 2011-07-12 15:34 . 2011-07-12 15:34 96104 c:\windows\system32\dns-sd.exe
+ 2012-04-05 23:52 . 2012-04-06 00:03 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012040520120406\index.dat
+ 2012-04-04 04:07 . 2012-04-05 00:03 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012040420120405\index.dat
+ 2012-04-03 04:30 . 2012-04-04 03:56 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012040320120404\index.dat
+ 2012-04-02 22:30 . 2012-04-03 03:04 81920 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012040220120403\index.dat
+ 2012-04-02 22:30 . 2012-04-02 22:30 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
+ 2012-04-02 22:30 . 2012-04-05 23:52 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
- 2010-03-18 21:23 . 2010-03-18 21:23 20832 c:\windows\system32\aspnet_counters.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 20832 c:\windows\system32\aspnet_counters.dll
+ 2012-04-02 22:30 . 2012-04-06 00:03 16384 c:\windows\system32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2010-07-23 22:36 . 2012-04-06 16:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-23 22:36 . 2011-11-19 22:58 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-04-01 16:21 84592 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-07-23 22:36 . 2012-04-06 16:04 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-23 22:36 . 2011-11-19 22:58 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-23 22:36 . 2011-11-19 22:58 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-23 22:36 . 2012-04-06 16:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-23 22:36 . 2012-04-06 16:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-23 22:36 . 2011-11-19 22:58 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-23 22:36 . 2012-04-06 16:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-07-23 22:36 . 2011-11-19 22:58 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-18 21:47 . 2010-03-18 21:47 97624 c:\windows\Microsoft.NET\Framework64\v4.0.30319\XamlBuildTask.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 97624 c:\windows\Microsoft.NET\Framework64\v4.0.30319\XamlBuildTask.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 87408 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsFormsIntegration.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 87408 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsFormsIntegration.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 93024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\UIAutomationTypes.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 93024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\UIAutomationTypes.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 35688 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\UIAutomationProvider.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 35688 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\UIAutomationProvider.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 17784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\System.Windows.Presentation.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 17784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\System.Windows.Presentation.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 58240 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\System.Windows.Input.Manipulations.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 58240 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\System.Windows.Input.Manipulations.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 83272 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PenIMC.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 83272 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PenIMC.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 39256 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 39256 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 15696 c:\windows\Microsoft.NET\Framework64\v4.0.30319\webengine.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 15696 c:\windows\Microsoft.NET\Framework64\v4.0.30319\webengine.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 81224 c:\windows\Microsoft.NET\Framework64\v4.0.30319\TLBREF.DLL
- 2010-03-18 21:23 . 2010-03-18 21:23 81224 c:\windows\Microsoft.NET\Framework64\v4.0.30319\TLBREF.DLL
+ 2010-03-18 21:47 . 2010-03-18 21:47 29544 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Xaml.Hosting.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 29544 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Xaml.Hosting.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 70040 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.DataVisualization.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 70040 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.DataVisualization.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 24928 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Routing.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 24928 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Routing.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 81272 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.RegularExpressions.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 81272 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.RegularExpressions.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 33144 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.DynamicData.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 33144 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.DynamicData.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 93576 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.DataVisualization.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 93576 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.DataVisualization.Design.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 44920 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.ApplicationServices.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 44920 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.ApplicationServices.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 24944 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Abstractions.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 24944 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Abstractions.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 28024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.WasHosting.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 28024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.WasHosting.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 12168 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.ServiceMoniker40.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 12168 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.ServiceMoniker40.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 37240 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Channels.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 37240 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Channels.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 95592 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Caching.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 95592 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Caching.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 64352 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Numerics.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 64352 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Numerics.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 52608 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.EnterpriseServices.Thunk.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 52608 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.EnterpriseServices.Thunk.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 86888 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 86888 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.Design.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 51032 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Device.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 51032 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Device.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 50552 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.DataSetExtensions.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 50552 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.DataSetExtensions.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 81784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Configuration.Install.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 81784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Configuration.Install.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 81800 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ComponentModel.DataAnnotations.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 81800 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ComponentModel.DataAnnotations.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 39784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.AddIn.Contract.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 39784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.AddIn.Contract.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 68952 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMDiagnostics.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 68952 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMDiagnostics.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 20840 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceMonikerSupport.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 20840 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceMonikerSupport.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 48512 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelPerformanceCounters.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 48512 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelPerformanceCounters.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 14160 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SbsNclPerf.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 14160 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SbsNclPerf.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 65360 c:\windows\Microsoft.NET\Framework64\v4.0.30319\regtlibv12.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 65360 c:\windows\Microsoft.NET\Framework64\v4.0.30319\regtlibv12.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 32080 c:\windows\Microsoft.NET\Framework64\v4.0.30319\RegSvcs.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 32080 c:\windows\Microsoft.NET\Framework64\v4.0.30319\RegSvcs.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 51528 c:\windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 51528 c:\windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 24408 c:\windows\Microsoft.NET\Framework64\v4.0.30319\normalization.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 24408 c:\windows\Microsoft.NET\Framework64\v4.0.30319\normalization.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 67920 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 67920 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 27984 c:\windows\Microsoft.NET\Framework64\v4.0.30319\MUI\0409\mscorsecr.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 27984 c:\windows\Microsoft.NET\Framework64\v4.0.30319\MUI\0409\mscorsecr.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 16208 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsn.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 16208 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsn.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 45904 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorpe.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 45904 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorpe.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 20816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscoreeis.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 20816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscoreeis.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 21880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 21880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 62880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Windows.ApplicationServer.Applications.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 62880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 40304 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualC.STLCLR.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 40304 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualC.STLCLR.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 12128 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualC.Dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 12128 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualC.Dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 97680 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 97680 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 38784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Data.Entity.Build.Tasks.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 38784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Data.Entity.Build.Tasks.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 67968 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Conversion.v4.0.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 67968 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Conversion.v4.0.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 36168 c:\windows\Microsoft.NET\Framework64\v4.0.30319\jsc.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 36168 c:\windows\Microsoft.NET\Framework64\v4.0.30319\jsc.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 94552 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ISymWrapper.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 94552 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ISymWrapper.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 67416 c:\windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtilLib.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 67416 c:\windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtilLib.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 27480 c:\windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 27480 c:\windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 48456 c:\windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 48456 c:\windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 84296 c:\windows\Microsoft.NET\Framework64\v4.0.30319\EdmGen.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 84296 c:\windows\Microsoft.NET\Framework64\v4.0.30319\EdmGen.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 11592 c:\windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 11592 c:\windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 60248 c:\windows\Microsoft.NET\Framework64\v4.0.30319\DataSvcUtil.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 60248 c:\windows\Microsoft.NET\Framework64\v4.0.30319\DataSvcUtil.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 35656 c:\windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 35656 c:\windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 91488 c:\windows\Microsoft.NET\Framework64\v4.0.30319\CustomMarshalers.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 91488 c:\windows\Microsoft.NET\Framework64\v4.0.30319\CustomMarshalers.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 53072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Culture.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 53072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Culture.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 94536 c:\windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 94536 c:\windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe
- 2010-03-18 21:23 . 2010-03-18 21:23 40784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_wp.exe
+ 2010-03-18 22:23 . 2010-03-18 22:23 40784 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_wp.exe
- 2010-03-18 21:23 . 2010-03-18 21:23 44376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
+ 2010-03-18 22:23 . 2010-03-18 22:23 44376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
+ 2010-03-18 22:23 . 2010-03-18 22:23 36696 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe
- 2010-03-18 21:23 . 2010-03-18 21:23 36696 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe
+ 2010-03-18 22:23 . 2010-03-18 22:23 19296 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regbrowsers.exe
- 2010-03-18 21:23 . 2010-03-18 21:23 19296 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regbrowsers.exe
+ 2010-03-18 22:23 . 2010-03-18 22:23 78160 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 78160 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 36184 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Aspnet_perf.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 36184 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Aspnet_perf.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 15704 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 15704 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 29528 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_filter.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 29528 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_filter.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 29536 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_compiler.exe
- 2010-03-18 21:23 . 2010-03-18 21:23 29536 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_compiler.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 29008 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AddInUtil.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 29008 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AddInUtil.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 29528 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess32.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 29528 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess32.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 29016 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 29016 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 17240 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Accessibility.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 17240 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Accessibility.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 11608 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\FileTrackerUI.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 11608 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\FileTrackerUI.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 10064 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\CvtResUI.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 10064 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\CvtResUI.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 24400 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\alinkui.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 24400 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\alinkui.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 97624 c:\windows\Microsoft.NET\Framework\v4.0.30319\XamlBuildTask.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 97624 c:\windows\Microsoft.NET\Framework\v4.0.30319\XamlBuildTask.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 87408 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsFormsIntegration.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 87408 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsFormsIntegration.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 93024 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationTypes.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 93024 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationTypes.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 35688 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationProvider.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 35688 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationProvider.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 17784 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Windows.Presentation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 17784 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Windows.Presentation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 58240 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Windows.Input.Manipulations.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 58240 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Windows.Input.Manipulations.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 67912 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PenIMC.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 67912 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PenIMC.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 31576 c:\windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 31576 c:\windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 14160 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 14160 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 69960 c:\windows\Microsoft.NET\Framework\v4.0.30319\TLBREF.DLL
- 2010-03-18 20:47 . 2010-03-18 20:47 69960 c:\windows\Microsoft.NET\Framework\v4.0.30319\TLBREF.DLL
- 2010-03-18 20:47 . 2010-03-18 20:47 29544 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xaml.Hosting.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 29544 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xaml.Hosting.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 70040 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.DataVisualization.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 70040 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.DataVisualization.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 24928 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Routing.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 24928 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Routing.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 81272 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.RegularExpressions.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 81272 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.RegularExpressions.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 33144 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DynamicData.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 33144 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DynamicData.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 93576 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DataVisualization.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 93576 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DataVisualization.Design.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 44920 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.ApplicationServices.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 44920 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.ApplicationServices.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 24944 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Abstractions.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 24944 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Abstractions.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 28024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.WasHosting.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 28024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.WasHosting.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 12168 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.ServiceMoniker40.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 12168 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.ServiceMoniker40.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 37240 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Channels.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 37240 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Channels.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 95592 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Caching.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 95592 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Caching.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 64352 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Numerics.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 64352 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Numerics.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 45952 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.Thunk.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 45952 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.Thunk.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 86888 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 86888 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.Design.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 51032 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Device.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 51032 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Device.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 50552 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.DataSetExtensions.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 50552 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.DataSetExtensions.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 81784 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Configuration.Install.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 81784 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Configuration.Install.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 81800 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ComponentModel.DataAnnotations.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 81800 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ComponentModel.DataAnnotations.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 39784 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.Contract.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 39784 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.Contract.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 68952 c:\windows\Microsoft.NET\Framework\v4.0.30319\SMDiagnostics.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 68952 c:\windows\Microsoft.NET\Framework\v4.0.30319\SMDiagnostics.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 17256 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceMonikerSupport.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 17256 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceMonikerSupport.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 42880 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelPerformanceCounters.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 42880 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelPerformanceCounters.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 13648 c:\windows\Microsoft.NET\Framework\v4.0.30319\SbsNclPerf.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 13648 c:\windows\Microsoft.NET\Framework\v4.0.30319\SbsNclPerf.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 58192 c:\windows\Microsoft.NET\Framework\v4.0.30319\regtlibv12.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 58192 c:\windows\Microsoft.NET\Framework\v4.0.30319\regtlibv12.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 32592 c:\windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 32592 c:\windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 52040 c:\windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 52040 c:\windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 21336 c:\windows\Microsoft.NET\Framework\v4.0.30319\normalization.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 21336 c:\windows\Microsoft.NET\Framework\v4.0.30319\normalization.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 27984 c:\windows\Microsoft.NET\Framework\v4.0.30319\MUI\0409\mscorsecr.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 27984 c:\windows\Microsoft.NET\Framework\v4.0.30319\MUI\0409\mscorsecr.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 15184 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsn.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 15184 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsn.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 40784 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorpe.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 40784 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorpe.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 20816 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreeis.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 20816 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreeis.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 96592 c:\windows\Microsoft.NET\Framework\v4.0.30319\MmcAspExt.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 96592 c:\windows\Microsoft.NET\Framework\v4.0.30319\MmcAspExt.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 21880 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Workflow.Compiler.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 21880 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Workflow.Compiler.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 62880 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Windows.ApplicationServer.Applications.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 62880 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 40304 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualC.STLCLR.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 40304 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualC.STLCLR.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 12128 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualC.Dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 12128 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualC.Dll
- 2010-03-18 17:16 . 2010-03-18 17:16 97680 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 97680 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 38784 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Data.Entity.Build.Tasks.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 38784 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Data.Entity.Build.Tasks.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 67968 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Conversion.v4.0.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 67968 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Conversion.v4.0.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 36168 c:\windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 36168 c:\windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 78168 c:\windows\Microsoft.NET\Framework\v4.0.30319\ISymWrapper.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 78168 c:\windows\Microsoft.NET\Framework\v4.0.30319\ISymWrapper.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 58200 c:\windows\Microsoft.NET\Framework\v4.0.30319\InstallUtilLib.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 58200 c:\windows\Microsoft.NET\Framework\v4.0.30319\InstallUtilLib.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 27992 c:\windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 27992 c:\windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 42312 c:\windows\Microsoft.NET\Framework\v4.0.30319\fusion.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 42312 c:\windows\Microsoft.NET\Framework\v4.0.30319\fusion.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 84296 c:\windows\Microsoft.NET\Framework\v4.0.30319\EdmGen.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 84296 c:\windows\Microsoft.NET\Framework\v4.0.30319\EdmGen.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 11592 c:\windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 11592 c:\windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 88904 c:\windows\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 88904 c:\windows\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 60248 c:\windows\Microsoft.NET\Framework\v4.0.30319\DataSvcUtil.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 60248 c:\windows\Microsoft.NET\Framework\v4.0.30319\DataSvcUtil.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 31048 c:\windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 31048 c:\windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 81248 c:\windows\Microsoft.NET\Framework\v4.0.30319\CustomMarshalers.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 81248 c:\windows\Microsoft.NET\Framework\v4.0.30319\CustomMarshalers.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 95048 c:\windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 95048 c:\windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 32592 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 32592 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 35160 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 35160 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 30040 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 30040 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 19808 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regbrowsers.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 19808 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regbrowsers.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 78160 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 78160 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 30040 c:\windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 30040 c:\windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 14168 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 14168 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 24408 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_filter.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 24408 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_filter.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 30048 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 30048 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 29008 c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInUtil.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 29008 c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInUtil.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 29528 c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 29528 c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 29016 c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 29016 c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 17240 c:\windows\Microsoft.NET\Framework\v4.0.30319\Accessibility.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 17240 c:\windows\Microsoft.NET\Framework\v4.0.30319\Accessibility.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 11608 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\FileTrackerUI.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 11608 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\FileTrackerUI.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 10064 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\CvtResUI.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 10064 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\CvtResUI.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 24400 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\alinkui.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 24400 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\alinkui.dll
- 2011-10-22 03:20 . 2011-10-22 03:20 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
- 2011-10-22 03:20 . 2011-10-22 03:20 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 33144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 93576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.Design.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 24944 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Abstractions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 28024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.WasHosting\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 12168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.ServiceMoniker40\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.ServiceMoniker40.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 95592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 95592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Caching\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Caching.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 86888 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe
+ 2011-12-22 21:44 . 2011-12-22 21:44 21880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe
+ 2011-12-22 21:43 . 2011-12-22 21:43 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-22 03:19 . 2011-10-22 03:19 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 40304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\v4.0_2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 67968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Conversion.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v4.0.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-11-18 18:04 . 2011-11-18 18:04 39936 c:\windows\Installer\862437.msi
+ 2011-12-22 02:45 . 2011-12-22 02:45 27136 c:\windows\Installer\10004ec.msi
+ 2012-03-30 17:20 . 2012-03-30 17:20 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
+ 2012-03-23 16:33 . 2012-03-23 16:33 10134 c:\windows\Installer\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}\_90D87ABB6A7B1CFE463A2A.exe
+ 2012-03-23 19:48 . 2012-03-23 19:48 53248 c:\windows\Installer\{0F052922-4BCE-4763-A540-00857554336D}\ARPPRODUCTICON.exe
+ 2012-03-30 17:20 . 2012-03-30 17:20 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
+ 2012-03-23 16:33 . 2012-03-23 16:33 65536 c:\windows\Installer\{07FF08D2-C0CD-4B02-B9A6-E2E7E5762AA9}\NewShortcut1_9E64A938C044442B9C8C104AA62BD820.exe
+ 2012-03-23 16:33 . 2012-03-23 16:33 65536 c:\windows\Installer\{07FF08D2-C0CD-4B02-B9A6-E2E7E5762AA9}\NewShortcut1_011BB310849E4442B8017718F2C57FE0.exe
+ 2012-03-23 16:33 . 2012-03-23 16:33 65536 c:\windows\Installer\{07FF08D2-C0CD-4B02-B9A6-E2E7E5762AA9}\ARPPRODUCTICON.exe
+ 2012-01-18 01:30 . 2012-01-18 01:30 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-07-24 07:46 . 2012-03-19 05:52 3320 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-03-23 16:28 . 2012-03-23 16:28 9560 c:\windows\system32\NetworkList\Icons\{8F66CB41-67BA-462D-969C-62A6DCE11B69}_48.bin
+ 2012-03-23 16:28 . 2012-03-23 16:28 4280 c:\windows\system32\NetworkList\Icons\{8F66CB41-67BA-462D-969C-62A6DCE11B69}_32.bin
+ 2012-03-23 16:28 . 2012-03-23 16:28 2456 c:\windows\system32\NetworkList\Icons\{8F66CB41-67BA-462D-969C-62A6DCE11B69}_24.bin
- 2011-11-19 22:57 . 2011-11-19 22:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-06 16:22 . 2012-04-06 16:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-06 16:22 . 2012-04-06 16:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-19 22:57 . 2011-11-19 22:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.3082.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.3082.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.3076.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.3076.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.2070.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.2070.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8024 c:\windows\Microsoft.NET\NETFXRepair.2052.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8024 c:\windows\Microsoft.NET\NETFXRepair.2052.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1055.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1055.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1053.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1053.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1049.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1049.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1046.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1046.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1045.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1045.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1044.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1044.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1043.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1043.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1042.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1042.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1041.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1041.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1040.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1040.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1038.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1038.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1037.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1037.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1036.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1036.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1035.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1035.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1033.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1033.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1032.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 9048 c:\windows\Microsoft.NET\NETFXRepair.1032.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1031.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1031.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1030.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1030.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1029.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1029.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8024 c:\windows\Microsoft.NET\NETFXRepair.1028.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8024 c:\windows\Microsoft.NET\NETFXRepair.1028.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1025.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8536 c:\windows\Microsoft.NET\NETFXRepair.1025.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 8032 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelRegUI.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 8032 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelRegUI.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 8040 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 8040 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 8032 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 8032 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8032 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelRegUI.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8032 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelRegUI.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8040 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8040 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 8032 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 8032 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
+ 2010-12-19 22:36 . 2011-12-29 21:12 444952 c:\windows\SysWOW64\wrap_oal.dll
- 2010-12-19 22:36 . 2010-12-19 22:36 444952 c:\windows\SysWOW64\wrap_oal.dll
- 2010-07-24 00:10 . 2011-11-11 03:24 280904 c:\windows\SysWOW64\PnkBstrB.exe
+ 2010-07-24 00:10 . 2011-12-18 03:17 280904 c:\windows\SysWOW64\PnkBstrB.exe
- 2010-12-19 22:36 . 2010-12-19 22:36 109080 c:\windows\SysWOW64\OpenAL32.dll
+ 2010-12-19 22:36 . 2011-12-29 21:12 109080 c:\windows\SysWOW64\OpenAL32.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 771424 c:\windows\SysWOW64\msvcr100_clr0400.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 771424 c:\windows\SysWOW64\msvcr100_clr0400.dll
+ 2010-09-10 03:25 . 2012-03-21 01:12 257612 c:\windows\SysWOW64\mlfcache.dat
+ 2012-04-03 21:25 . 2012-04-03 21:25 353440 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_Plugin.exe
+ 2011-12-30 22:56 . 2011-12-30 22:56 247968 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
+ 2011-12-30 22:56 . 2011-12-30 22:56 335520 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.dll
+ 2012-04-03 21:25 . 2012-04-03 21:25 253600 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2011-08-31 01:22 . 2011-08-31 01:22 157472 c:\windows\SysWOW64\javaws.exe
+ 2011-12-30 22:57 . 2011-12-30 22:57 157472 c:\windows\SysWOW64\javaws.exe
+ 2011-12-30 22:57 . 2011-12-30 22:57 149280 c:\windows\SysWOW64\javaw.exe
+ 2011-12-30 22:57 . 2011-12-30 22:57 149280 c:\windows\SysWOW64\java.exe
+ 2011-08-31 04:05 . 2011-08-31 04:05 178536 c:\windows\SysWOW64\dnssdX.dll
- 2011-07-12 15:20 . 2011-07-12 15:20 178536 c:\windows\SysWOW64\dnssdX.dll
+ 2010-07-23 22:48 . 2011-12-30 22:57 472808 c:\windows\SysWOW64\deployJava1.dll
- 2010-07-23 22:48 . 2011-08-31 01:22 472808 c:\windows\SysWOW64\deployJava1.dll
- 2009-07-14 04:54 . 2011-11-19 22:45 294912 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-06 16:23 294912 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-06 16:23 950272 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-19 22:45 950272 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-11-22 13:19 . 2011-11-22 13:19 279992 c:\windows\SysWOW64\Adobe\Shockwave 11\SymCCIS.dll
+ 2011-11-22 13:34 . 2011-11-22 13:34 114176 c:\windows\SysWOW64\Adobe\Shockwave 11\SwInit.exe
+ 2011-11-22 13:36 . 2011-11-22 13:36 434176 c:\windows\SysWOW64\Adobe\Shockwave 11\Proj.dll
+ 2011-11-22 13:35 . 2011-11-22 13:35 365056 c:\windows\SysWOW64\Adobe\Shockwave 11\Plugin.dll
+ 2011-11-22 13:23 . 2011-11-22 13:23 990208 c:\windows\SysWOW64\Adobe\Shockwave 11\iml32.dll
+ 2011-11-22 13:19 . 2011-11-22 13:19 929792 c:\windows\SysWOW64\Adobe\Shockwave 11\gi.dll
+ 2011-11-22 13:34 . 2011-11-22 13:34 542720 c:\windows\SysWOW64\Adobe\Shockwave 11\Control.dll
+ 2011-11-22 13:42 . 2011-11-22 13:42 113080 c:\windows\SysWOW64\Adobe\Director\SWDNLD.EXE
+ 2011-11-22 13:42 . 2011-11-22 13:42 279480 c:\windows\SysWOW64\Adobe\Director\SwDir.dll
+ 2011-11-22 13:36 . 2011-11-22 13:36 145920 c:\windows\SysWOW64\Adobe\Director\np32dsw.dll
+ 2011-12-25 21:07 . 2011-12-25 21:07 185416 c:\windows\system32\wuwebv.dll
+ 2011-12-25 21:07 . 2011-12-25 21:07 700640 c:\windows\system32\wuapi.dll
+ 2010-12-19 22:36 . 2011-12-29 21:12 466456 c:\windows\system32\wrap_oal.dll
- 2010-12-19 22:36 . 2010-12-19 22:36 466456 c:\windows\system32\wrap_oal.dll
+ 2009-07-14 02:36 . 2012-04-04 03:18 737264 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-11-15 23:55 737264 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-11-15 23:55 150480 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-04-04 03:18 150480 c:\windows\system32\perfc009.dat
+ 2010-12-19 22:36 . 2011-12-29 21:12 122904 c:\windows\system32\OpenAL32.dll
- 2010-12-19 22:36 . 2010-12-19 22:36 122904 c:\windows\system32\OpenAL32.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 827744 c:\windows\system32\msvcr100_clr0400.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 827744 c:\windows\system32\msvcr100_clr0400.dll
+ 2011-02-19 04:52 . 2011-02-19 04:52 829264 c:\windows\system32\msvcr100.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 608080 c:\windows\system32\msvcp100.dll
+ 2012-04-03 21:25 . 2012-04-03 21:25 630432 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_228_Plugin.exe
+ 2011-12-30 22:56 . 2011-12-30 22:56 461984 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe
+ 2011-12-30 22:56 . 2011-12-30 22:56 376480 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.dll
- 2009-07-14 05:30 . 2011-10-09 02:08 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-03-23 16:29 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-03-23 16:29 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-10-09 02:07 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-06-27 15:39 . 2009-11-13 05:38 305152 c:\windows\system32\DriverStore\FileRepository\netr28ux.inf_amd64_neutral_86005164051984f0\RaCoInstx.dll
+ 2011-08-31 04:05 . 2011-08-31 04:05 212840 c:\windows\system32\dnssdX.dll
- 2011-07-12 15:34 . 2011-07-12 15:34 212840 c:\windows\system32\dnssdX.dll
+ 2010-07-24 01:25 . 2012-04-06 00:13 311296 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-06 00:13 983040 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-03-18 14:36 . 2010-03-18 14:36 158536 c:\windows\system32\atl100.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 158536 c:\windows\system32\atl100.dll
+ 2009-07-14 05:01 . 2012-04-01 06:26 582352 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-03-18 18:16 . 2010-03-18 18:16 114520 c:\windows\Microsoft.NET\NETFXRepair.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 114520 c:\windows\Microsoft.NET\NETFXRepair.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 142672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WsatConfig.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 142672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WsatConfig.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 350592 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\UIAutomationClientsideProviders.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 350592 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\UIAutomationClientsideProviders.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 163168 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\UIAutomationClient.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 163168 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\UIAutomationClient.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 675672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\System.Speech.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 675672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\System.Speech.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 335712 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\System.Printing.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 335712 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\System.Printing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 581464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\ReachFramework.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 581464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\ReachFramework.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 832856 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationUI.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 832856 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationUI.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 225640 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 225640 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 194424 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.Royale.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 194424 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.Royale.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 478576 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.Luna.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 478576 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.Luna.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 167288 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.Classic.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 167288 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.Classic.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 232304 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.Aero.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 232304 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.Aero.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 587624 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationBuildTasks.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 587624 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationBuildTasks.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 717136 c:\windows\Microsoft.NET\Framework64\v4.0.30319\webengine4.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 717136 c:\windows\Microsoft.NET\Framework64\v4.0.30319\webengine4.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 138592 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Linq.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 138592 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Linq.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 699224 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Xaml.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 699224 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Xaml.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 431984 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.WorkflowServices.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 431984 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.WorkflowServices.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 511344 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Workflow.Runtime.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 511344 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Workflow.Runtime.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 857960 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Services.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 857960 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Services.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 826208 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Mobile.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 826208 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Mobile.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 321912 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Extensions.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 321912 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Extensions.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 137568 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Entity.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 137568 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Entity.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 132464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Entity.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 132464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Entity.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 237928 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.DynamicData.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 237928 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.DynamicData.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 288616 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Transactions.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 288616 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Transactions.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 113512 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceProcess.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 113512 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceProcess.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 316272 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Web.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 316272 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Web.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 129912 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Routing.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 129912 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Routing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 390008 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Discovery.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 390008 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Discovery.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 505208 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Activities.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 505208 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Activities.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 170872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Activation.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 170872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.Activation.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 261472 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Security.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 261472 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Security.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 122264 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 122264 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 291184 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Remoting.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 291184 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Remoting.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 349568 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.DurableInstancing.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 349568 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.DurableInstancing.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 231760 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Net.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 231760 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Net.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 253280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Messaging.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 253280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Messaging.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 134528 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Management.Instrumentation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 134528 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Management.Instrumentation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 378720 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Management.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 378720 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Management.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 123736 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.IO.Log.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 123736 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.IO.Log.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 125816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.IdentityModel.Selectors.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 125816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.IdentityModel.Selectors.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 392552 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.IdentityModel.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 392552 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.IdentityModel.dll
- 2010-03-18 09:46 . 2010-03-18 09:46 125440 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.EnterpriseServices.Wrapper.dll
+ 2010-03-18 10:46 . 2010-03-18 10:46 125440 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.EnterpriseServices.Wrapper.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 237424 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.EnterpriseServices.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 237424 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.EnterpriseServices.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 120152 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Dynamic.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 120152 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Dynamic.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 607064 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 607064 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 182144 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.DirectoryServices.Protocols.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 182144 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.DirectoryServices.Protocols.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 395120 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.DirectoryServices.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 395120 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.DirectoryServices.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 285072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.DirectoryServices.AccountManagement.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 285072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.DirectoryServices.AccountManagement.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 829280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Deployment.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 829280 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Deployment.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 747360 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.SqlXml.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 747360 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.SqlXml.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 683368 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Services.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 683368 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Services.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 178040 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Services.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 178040 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Services.Design.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 436600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Services.Client.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 436600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Services.Client.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 512368 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.OracleClient.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 512368 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.OracleClient.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 683872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Linq.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 683872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Linq.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 804720 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Entity.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 804720 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Entity.Design.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 409448 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.configuration.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 409448 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.configuration.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 210816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ComponentModel.Composition.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 210816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ComponentModel.Composition.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 149848 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.AddIn.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 149848 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.AddIn.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 122248 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Activities.DurableInstancing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 122248 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Activities.DurableInstancing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 525704 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Activities.Core.Presentation.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 525704 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Activities.Core.Presentation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 112976 c:\windows\Microsoft.NET\Framework64\v4.0.30319\sysglobl.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 112976 c:\windows\Microsoft.NET\Framework64\v4.0.30319\sysglobl.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 597832 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 597832 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 124240 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 124240 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 235872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelReg.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 235872 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelReg.exe
- 2010-03-18 21:23 . 2010-03-18 21:23 222544 c:\windows\Microsoft.NET\Framework64\v4.0.30319\peverify.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 222544 c:\windows\Microsoft.NET\Framework64\v4.0.30319\peverify.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 130392 c:\windows\Microsoft.NET\Framework64\v4.0.30319\PerfCounter.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 130392 c:\windows\Microsoft.NET\Framework64\v4.0.30319\PerfCounter.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 168776 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 168776 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 138576 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 138576 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 543056 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvc.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 543056 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvc.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 114520 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsecimpl.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 114520 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsecimpl.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 372560 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 372560 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 183640 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorpehost.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 183640 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorpehost.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 578896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 578896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 132432 c:\windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe
+ 2010-03-18 22:23 . 2010-03-18 22:23 132432 c:\windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe
- 2010-03-18 21:23 . 2010-03-18 21:23 108880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\MmcAspExt.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 108880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\MmcAspExt.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 661352 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualBasic.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 661352 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualBasic.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 349576 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualBasic.Compatibility.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 349576 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualBasic.Compatibility.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 187776 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Transactions.Bridge.Dtc.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 187776 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Transactions.Bridge.Dtc.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 387960 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Transactions.Bridge.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 387960 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Transactions.Bridge.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 746336 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.JScript.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 746336 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.JScript.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 505184 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.CSharp.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 505184 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.CSharp.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 220024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Utilities.v4.0.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 220024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Utilities.v4.0.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 107376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Framework.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 107376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Framework.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 714600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Engine.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 714600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Engine.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 351560 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe
- 2010-03-18 21:23 . 2010-03-18 21:23 351560 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe
+ 2010-03-18 22:23 . 2010-03-18 22:23 221016 c:\windows\Microsoft.NET\Framework64\v4.0.30319\FileTracker.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 221016 c:\windows\Microsoft.NET\Framework64\v4.0.30319\FileTracker.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 794464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\EventLogMessages.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 794464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\EventLogMessages.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 939864 c:\windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 939864 c:\windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 123720 c:\windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 123720 c:\windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 138584 c:\windows\Microsoft.NET\Framework64\v4.0.30319\CORPerfMonExt.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 138584 c:\windows\Microsoft.NET\Framework64\v4.0.30319\CORPerfMonExt.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 163672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ComSvcConfig.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 163672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ComSvcConfig.exe
+ 2010-03-18 22:23 . 2010-03-18 22:23 155984 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clretwrc.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 155984 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clretwrc.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 498520 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AspNetMMCExt.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 498520 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AspNetMMCExt.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 102232 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regsql.exe
+ 2010-03-18 22:23 . 2010-03-18 22:23 102232 c:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regsql.exe
+ 2010-03-18 19:27 . 2010-03-18 19:27 105296 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AppLaunch.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 105296 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AppLaunch.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 134984 c:\windows\Microsoft.NET\Framework64\v4.0.30319\alink.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 134984 c:\windows\Microsoft.NET\Framework64\v4.0.30319\alink.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 166224 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AdoNetDiag.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 166224 c:\windows\Microsoft.NET\Framework64\v4.0.30319\AdoNetDiag.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 255304 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\vbc7ui.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 255304 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\vbc7ui.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 255896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\Microsoft.VisualBasic.Activities.CompilerUI.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 255896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\Microsoft.VisualBasic.Activities.CompilerUI.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 182088 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\cscui.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 182088 c:\windows\Microsoft.NET\Framework64\v4.0.30319\1033\cscui.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 142672 c:\windows\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 142672 c:\windows\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 350592 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationClientsideProviders.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 350592 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationClientsideProviders.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 163168 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationClient.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 163168 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationClient.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 675672 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Speech.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 675672 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Speech.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 334688 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Printing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 334688 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Printing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 581464 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\ReachFramework.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 581464 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\ReachFramework.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 832856 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationUI.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 832856 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationUI.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 801136 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 801136 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 181096 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 181096 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 194424 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Royale.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 194424 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Royale.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 478576 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Luna.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 478576 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Luna.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 167288 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Classic.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 167288 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Classic.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 232304 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Aero.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 232304 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Aero.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 587624 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationBuildTasks.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 587624 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationBuildTasks.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 807264 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NaturalLanguage6.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 807264 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NaturalLanguage6.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 492368 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine4.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 492368 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine4.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 138592 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Linq.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 138592 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Linq.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 699224 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xaml.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 699224 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xaml.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 431984 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.WorkflowServices.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 431984 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.WorkflowServices.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 511344 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Workflow.Runtime.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 511344 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Workflow.Runtime.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 857960 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Services.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 857960 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Services.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 826208 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Mobile.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 826208 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Mobile.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 321912 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Extensions.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 321912 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Extensions.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 137568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Entity.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 137568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Entity.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 132464 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Entity.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 132464 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Entity.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 237928 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DynamicData.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 237928 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DynamicData.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 269672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Transactions.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 269672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Transactions.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 113512 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceProcess.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 113512 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceProcess.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 316272 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Web.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 316272 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Web.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 129912 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Routing.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 129912 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Routing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 390008 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Discovery.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 390008 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Discovery.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 505208 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Activities.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 505208 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Activities.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 170872 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Activation.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 170872 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Activation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 261472 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Security.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 261472 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Security.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 122264 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 122264 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 291184 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Remoting.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 291184 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Remoting.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 349568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.DurableInstancing.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 349568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.DurableInstancing.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 231760 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 231760 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 253280 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Messaging.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 253280 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Messaging.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 134528 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Management.Instrumentation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 134528 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Management.Instrumentation.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 378720 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Management.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 378720 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Management.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 123736 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IO.Log.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 123736 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IO.Log.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 125816 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IdentityModel.Selectors.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 125816 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IdentityModel.Selectors.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 392552 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IdentityModel.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 392552 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IdentityModel.dll
- 2010-03-18 04:51 . 2010-03-18 04:51 109568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.Wrapper.dll
+ 2010-03-18 05:51 . 2010-03-18 05:51 109568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.Wrapper.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 246128 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 246128 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 120152 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Dynamic.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 120152 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Dynamic.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 607064 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 607064 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 182144 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.Protocols.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 182144 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.Protocols.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 395120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 395120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 285072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.AccountManagement.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 285072 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.AccountManagement.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 829280 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Deployment.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 829280 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Deployment.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 747360 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.SqlXml.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 747360 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.SqlXml.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 683368 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Services.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 683368 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Services.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 178040 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Services.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 178040 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Services.Design.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 436600 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Services.Client.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 436600 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Services.Client.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 495984 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.OracleClient.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 495984 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.OracleClient.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 683872 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Linq.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 683872 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Linq.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 804720 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Entity.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 804720 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Entity.Design.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 409448 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.configuration.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 409448 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.configuration.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 210816 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ComponentModel.Composition.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 210816 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ComponentModel.Composition.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 149848 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 149848 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 122248 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.DurableInstancing.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 122248 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.DurableInstancing.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 525704 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.Core.Presentation.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 525704 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.Core.Presentation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 112976 c:\windows\Microsoft.NET\Framework\v4.0.30319\sysglobl.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 112976 c:\windows\Microsoft.NET\Framework\v4.0.30319\sysglobl.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 124240 c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 124240 c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 173920 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 173920 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
- 2010-03-18 20:47 . 2010-03-18 20:47 181584 c:\windows\Microsoft.NET\Framework\v4.0.30319\peverify.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 181584 c:\windows\Microsoft.NET\Framework\v4.0.30319\peverify.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 121688 c:\windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 121688 c:\windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 150856 c:\windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 150856 c:\windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 130384 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 130384 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 335184 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvc.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 335184 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvc.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 110936 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 110936 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 372048 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 372048 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 145752 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorpehost.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 145752 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorpehost.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 413008 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 413008 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 955728 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 955728 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 132944 c:\windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 132944 c:\windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 661352 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 661352 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 349576 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Compatibility.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 349576 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Compatibility.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 170368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 170368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Transactions.Bridge.Dtc.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 387960 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Transactions.Bridge.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 387960 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Transactions.Bridge.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 746336 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.JScript.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 746336 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.JScript.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 505184 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.CSharp.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 505184 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.CSharp.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 220024 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Utilities.v4.0.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 220024 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Utilities.v4.0.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 107376 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Framework.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 107376 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Framework.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 714600 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Engine.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 714600 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Engine.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 294728 c:\windows\Microsoft.NET\Framework\v4.0.30319\ilasm.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 294728 c:\windows\Microsoft.NET\Framework\v4.0.30319\ilasm.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 173400 c:\windows\Microsoft.NET\Framework\v4.0.30319\FileTracker.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 173400 c:\windows\Microsoft.NET\Framework\v4.0.30319\FileTracker.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 794464 c:\windows\Microsoft.NET\Framework\v4.0.30319\EventLogMessages.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 794464 c:\windows\Microsoft.NET\Framework\v4.0.30319\EventLogMessages.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 688472 c:\windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 688472 c:\windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 129880 c:\windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 129880 c:\windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 163672 c:\windows\Microsoft.NET\Framework\v4.0.30319\ComSvcConfig.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 163672 c:\windows\Microsoft.NET\Framework\v4.0.30319\ComSvcConfig.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 155472 c:\windows\Microsoft.NET\Framework\v4.0.30319\clretwrc.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 155472 c:\windows\Microsoft.NET\Framework\v4.0.30319\clretwrc.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 498520 c:\windows\Microsoft.NET\Framework\v4.0.30319\AspNetMMCExt.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 498520 c:\windows\Microsoft.NET\Framework\v4.0.30319\AspNetMMCExt.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 102744 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regsql.exe
+ 2010-03-18 21:47 . 2010-03-18 21:47 102744 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regsql.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 105808 c:\windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 105808 c:\windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 105288 c:\windows\Microsoft.NET\Framework\v4.0.30319\alink.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 105288 c:\windows\Microsoft.NET\Framework\v4.0.30319\alink.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 139088 c:\windows\Microsoft.NET\Framework\v4.0.30319\AdoNetDiag.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 139088 c:\windows\Microsoft.NET\Framework\v4.0.30319\AdoNetDiag.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 255304 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\vbc7ui.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 255304 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\vbc7ui.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 255896 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\Microsoft.VisualBasic.Activities.CompilerUI.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 255896 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\Microsoft.VisualBasic.Activities.CompilerUI.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 182088 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\cscui.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 182088 c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\cscui.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 431984 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 511344 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Runtime\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 826208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Mobile\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 321912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 137568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 132464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 237928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 316272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 316272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 170872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 170872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 683368 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 178040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 804720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 804720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity.Design\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2011-10-22 03:20 . 2011-10-22 03:20 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 587624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationBuildTasks\v4.0_4.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 220024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Utilities.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v4.0.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 107376 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Framework\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 714600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Engine\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 498520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\AspNetMMCExt\v4.0_4.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 512368 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 512368 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 495984 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data.OracleClient\v4.0_4.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-02-20 02:57 . 2011-02-20 02:57 177664 c:\windows\Installer\878259.msi
+ 2011-12-30 22:56 . 2011-12-30 22:56 907264 c:\windows\Installer\8626c2.msi
+ 2007-11-07 13:53 . 2007-11-07 13:53 242176 c:\windows\Installer\230c60e.msi
+ 2012-01-22 01:48 . 2012-01-22 01:48 478432 c:\windows\Installer\{6033673D-2530-4587-8AD0-EB059FC263F9}\Crysis2Launcher.exe
+ 2012-03-11 19:20 . 2012-03-11 19:20 380928 c:\windows\Installer\{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}\iTunesIco.exe
+ 2012-02-15 15:02 . 2012-02-15 15:02 236904 c:\windows\Installer\$PatchCache$\Managed\A977DA8BAD2856347A0DDAD3FC5CC5FF\5.1.1\OutlookChangeNotifierAddIn_x64.dll
+ 2012-02-15 15:02 . 2012-02-15 15:02 227176 c:\windows\Installer\$PatchCache$\Managed\A977DA8BAD2856347A0DDAD3FC5CC5FF\5.1.1\OutlookChangeNotifierAddIn.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:53 . 2011-11-12 02:53 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2011-11-12 02:54 . 2011-11-12 02:54 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-05-19 15:36 . 2010-05-19 15:36 1328968 c:\windows\SysWOW64\msxml4.dll
+ 2003-03-19 01:12 . 2003-03-19 01:12 1047552 c:\windows\SysWOW64\mfc71u.dll
+ 2003-03-19 01:20 . 2003-03-19 01:20 1060864 c:\windows\SysWOW64\mfc71.dll
+ 2012-04-03 21:25 . 2012-04-03 21:25 8797344 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
- 2009-07-14 04:54 . 2011-11-19 22:45 3293184 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-06 16:23 3293184 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-22 13:42 . 2011-11-22 13:42 1040824 c:\windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1163633.exe
+ 2011-11-22 13:19 . 2011-11-22 13:19 2376368 c:\windows\SysWOW64\Adobe\Shockwave 11\gt.exe
+ 2011-11-22 13:24 . 2011-11-22 13:24 1742336 c:\windows\SysWOW64\Adobe\Shockwave 11\dirapi.dll
+ 2011-12-25 21:07 . 2011-12-25 21:07 2621440 c:\windows\system32\wucltux.dll
+ 2011-12-25 21:07 . 2011-12-25 21:07 2424024 c:\windows\system32\wuaueng.dll
- 2009-07-14 02:34 . 2011-11-12 16:54 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-04-06 00:26 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2011-02-20 02:51 . 2011-02-20 02:51 5601616 c:\windows\system32\mfc100u.dll
+ 2011-02-20 02:51 . 2011-02-20 02:51 5574472 c:\windows\system32\mfc100.dll
+ 2009-07-14 04:45 . 2012-03-31 21:11 5168296 c:\windows\system32\FNTCACHE.DAT
+ 2012-02-15 15:01 . 2012-02-15 15:01 4547944 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c111aaecb61e9a2b\usbaaplrc.dll
+ 2011-06-27 15:39 . 2009-11-13 05:45 1085952 c:\windows\system32\DriverStore\FileRepository\netr28ux.inf_amd64_neutral_86005164051984f0\netr28ux.sys
+ 2010-04-20 00:29 . 2010-04-20 00:29 1721576 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_dc2cbd989eec1514\wdfcoinstaller01009.dll
+ 2012-04-04 03:56 . 2012-04-06 00:13 2539520 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:45 . 2011-06-13 00:18 3897560 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-03-31 21:13 3897560 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-07-24 07:46 . 2012-04-06 16:22 1497848 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-07-30 06:51 . 2012-04-01 06:26 6426968 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2511343510-2362421710-3736614235-1001-12288.dat
+ 2010-03-18 19:27 . 2010-03-18 19:27 2153816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 2153816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1303896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsBase.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1303896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsBase.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 1098096 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 1098096 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 6346600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 6346600 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 3453792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationCore.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 3453792 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationCore.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 2650464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\NlsLexicons0009.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 2650464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\NlsLexicons0009.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 6353752 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\NlsData0009.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 6353752 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\NlsData0009.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 1367904 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\NaturalLanguage6.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 1367904 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\NaturalLanguage6.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 3170632 c:\windows\Microsoft.NET\Framework64\v4.0.30319\vbc.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 3170632 c:\windows\Microsoft.NET\Framework64\v4.0.30319\vbc.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 2207568 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.XML.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 2207568 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.XML.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1587064 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Workflow.ComponentModel.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1587064 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Workflow.ComponentModel.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1070960 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Workflow.Activities.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1070960 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Workflow.Activities.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 4982120 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 4982120 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1711496 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.DataVisualization.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1711496 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.DataVisualization.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1836904 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Extensions.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1836904 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.Extensions.dll
+ 2010-03-18 22:23 . 2010-03-18 22:23 5145936 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.dll
- 2010-03-18 21:23 . 2010-03-18 21:23 5145936 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1697144 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.DataVisualization.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1697144 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Web.DataVisualization.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 6067048 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 6067048 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1026936 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1026936 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 3481928 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 3481928 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 5078360 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Design.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 5078360 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Design.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 4464480 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Entity.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 4464480 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.Entity.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 3111768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 3111768 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1339736 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Core.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1339736 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Core.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1462648 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Activities.Presentation.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1462648 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Activities.Presentation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1199968 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Activities.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1199968 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Activities.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 4960080 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 4960080 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 1453392 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 1453392 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 1513304 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 1513304 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 3563408 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 3563408 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1064816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1064816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1327968 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1327968 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Build.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 2492232 c:\windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 2492232 c:\windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
- 2010-03-18 18:27 . 2010-03-18 18:27 1524552 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 1524552 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
+ 2010-03-18 19:27 . 2010-03-18 19:27 9798472 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
- 2010-03-18 18:27 . 2010-03-18 18:27 9798472 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1303896 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1303896 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 6346600 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 6346600 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 3545952 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 3545952 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 2650464 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NlsLexicons0009.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 2650464 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NlsLexicons0009.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 4881752 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NlsData0009.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 4881752 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NlsData0009.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 2199880 c:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 2199880 c:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
- 2010-03-18 17:16 . 2010-03-18 17:16 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1587064 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Workflow.ComponentModel.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1587064 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Workflow.ComponentModel.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1070960 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Workflow.Activities.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1070960 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Workflow.Activities.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 4982120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 4982120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1711496 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.DataVisualization.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1711496 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.DataVisualization.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1836904 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Extensions.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1836904 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Extensions.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 5174608 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 5174608 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1697144 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DataVisualization.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1697144 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.DataVisualization.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 6067048 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 6067048 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1026936 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1026936 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 3481928 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 3481928 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 5078360 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Design.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 5078360 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Design.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 4464480 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Entity.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 4464480 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Entity.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 2970968 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 2970968 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1339736 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1339736 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1462648 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.Presentation.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1462648 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.Presentation.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1199968 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1199968 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 5196112 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 5196112 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1141592 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 1141592 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2010-03-18 18:16 . 2010-03-18 18:16 2989456 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Activities.Compiler.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 2989456 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Activities.Compiler.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1064816 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1064816 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll
+ 2010-03-18 21:47 . 2010-03-18 21:47 1327968 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.dll
- 2010-03-18 20:47 . 2010-03-18 20:47 1327968 c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Build.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 1972552 c:\windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 1972552 c:\windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
+ 2010-03-18 18:16 . 2010-03-18 18:16 6730056 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
- 2010-03-18 17:16 . 2010-03-18 17:16 6730056 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 3481928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 3481928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 1587064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.ComponentModel\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 1587064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.ComponentModel\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 1070960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 1070960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Workflow.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 4982120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 4982120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 1836904 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 1836904 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 1697144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 1697144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DataVisualization.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 5078360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 5078360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Design\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 1327968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 1327968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 1064816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Tasks.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v4.0.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 1064816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Build.Tasks.v4.0\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v4.0.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 5145936 c:\windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 5145936 c:\windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 3111768 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 3111768 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 3453792 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 3453792 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 4960080 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 4960080 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-22 21:43 . 2011-12-22 21:43 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-12-22 21:44 . 2011-12-22 21:44 5174608 c:\windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-10-22 03:19 . 2011-10-22 03:19 5174608 c:\windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 5196112 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 5196112 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-22 21:42 . 2011-12-22 21:42 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2011-10-22 03:18 . 2011-10-22 03:18 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-04-16 04:14 . 2011-04-16 04:14 3186176 c:\windows\Installer\8aad1f.msi
+ 2011-09-16 21:12 . 2011-09-16 21:12 2259968 c:\windows\Installer\8aad18.msi
+ 2011-04-16 12:44 . 2011-04-16 12:44 2770944 c:\windows\Installer\878236.msi
+ 2012-03-05 18:04 . 2012-03-05 18:04 1997312 c:\windows\Installer\878218.msi
+ 2012-03-05 18:04 . 2012-03-05 18:04 2211328 c:\windows\Installer\878212.msi
+ 2012-03-23 19:48 . 2012-03-23 19:48 4866560 c:\windows\Installer\5febf.msi
+ 2012-03-23 16:33 . 2012-03-23 16:33 1904640 c:\windows\Installer\5aea1.msi
+ 2012-04-02 22:38 . 2012-04-02 22:38 8006656 c:\windows\Installer\4b2811.msi
+ 2012-01-04 07:05 . 2012-01-04 07:05 3979776 c:\windows\Installer\22b929a.msi
+ 2012-03-23 19:35 . 2012-03-23 19:35 9796608 c:\windows\Installer\1d38c4.msi
+ 2011-12-15 23:54 . 2011-12-15 23:54 2682368 c:\windows\Installer\1a6a5ee.msi
+ 2011-03-22 20:00 . 2011-03-22 20:00 5941760 c:\windows\Installer\1a688ac.msi
+ 2012-01-18 01:30 . 2012-01-18 01:30 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:53 . 2011-11-12 02:53 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-01-18 01:30 . 2012-01-18 01:30 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-11-12 02:53 . 2011-11-12 02:53 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-04-03 21:25 . 2012-04-03 21:25 11588768 c:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll
+ 2012-03-11 19:20 . 2012-03-11 19:20 11631616 c:\windows\Installer\ebd82.msi
+ 2012-03-11 19:17 . 2012-03-11 19:17 48986624 c:\windows\Installer\ebceb.msi
+ 2012-03-11 19:17 . 2012-03-11 19:17 11105280 c:\windows\Installer\eb101.msi
+ 2012-03-11 19:16 . 2012-03-11 19:16 20396032 c:\windows\Installer\eb097.msi
+ 2011-12-30 22:55 . 2011-12-30 22:55 52920320 c:\windows\Installer\86243f.msp
+ 2012-03-23 16:33 . 2012-03-23 16:33 25725952 c:\windows\Installer\5ae9b.msi
+ 2011-12-25 21:05 . 2011-12-25 21:05 15919104 c:\windows\Installer\1bbf7b.msi
+ 2011-12-15 23:55 . 2011-12-15 23:55 26820096 c:\windows\Installer\1a6a8a2.msi
+ 2011-11-26 20:52 . 2011-11-26 20:52 48607232 c:\windows\Installer\1021bc2.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"Akamai NetSession Interface"="c:\users\Zack\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-07 343168]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\Zack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Zack\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 253600]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-13 1436424]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 fsproflt;FSPro Filter Service;c:\windows\SysWOW64\fsproflt.exe [2010-01-06 142648]
S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-12-12 290832]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-02-07 375176]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
S2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacomd\amd64\novacomd.exe [2011-03-15 71168]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe [2011-12-01 206120]
S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe [2011-12-01 185640]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-10-09 493248]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 radpms;Driver for RADPMS Device;c:\windows\system32\DRIVERS\radpms.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 21:25]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2511343510-2362421710-3736614235-1001Core.job
- c:\users\Zack\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-23 23:11]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2511343510-2362421710-3736614235-1001UA.job
- c:\users\Zack\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-23 23:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SWNC5E00
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9FE176C4-A6CE-4CB1-971B-EE704D520D66}: NameServer = 8.8.8.8,8.8.4.4
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
FF - ProfilePath - c:\users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: [email protected] - %profile%\extensions\[email protected]
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
SafeBoot-40846701.sys
SafeBoot-41068170.sys
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2511343510-2362421710-3736614235-1001\Software\SecuROM\License information*]
"datasecu"=hex:39,68,37,d5,02,0b,c8,75,cc,ef,9a,ad,01,2b,34,d4,40,1f,1e,a7,5e,
08,ab,e8,8f,92,45,13,e7,4c,9c,4b,3c,dd,07,80,53,ce,63,b9,c6,0a,25,b7,38,09,\
"rkeysecu"=hex:c6,65,59,b9,d3,06,5a,42,d1,82,c7,9e,16,e5,47,64
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2012-04-06 12:28:42 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-06 16:28
ComboFix2.txt 2011-11-19 23:03
ComboFix3.txt 2011-11-15 22:40
ComboFix4.txt 2011-11-06 22:55
.
Pre-Run: 167,113,297,920 bytes free
Post-Run: 167,006,654,464 bytes free
.
- - End Of File - - 90F539243581BF753331817D03CABB4A



Here is the TDSSKiller log (No malacious items were found so I hit skip on the 5 items detected):

12:31:35.0159 0368 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
12:31:35.0179 0368 ============================================================
12:31:35.0179 0368 Current date / time: 2012/04/06 12:31:35.0179
12:31:35.0179 0368 SystemInfo:
12:31:35.0180 0368
12:31:35.0180 0368 OS Version: 6.1.7600 ServicePack: 0.0
12:31:35.0180 0368 Product type: Workstation
12:31:35.0180 0368 ComputerName: BADLANDS
12:31:35.0180 0368 UserName: Zack
12:31:35.0180 0368 Windows directory: C:\Windows
12:31:35.0180 0368 System windows directory: C:\Windows
12:31:35.0180 0368 Running under WOW64
12:31:35.0180 0368 Processor architecture: Intel x64
12:31:35.0180 0368 Number of processors: 2
12:31:35.0180 0368 Page size: 0x1000
12:31:35.0180 0368 Boot type: Normal boot
12:31:35.0180 0368 ============================================================
12:31:36.0086 0368 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:31:36.0090 0368 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
12:31:36.0095 0368 Drive \Device\Harddisk2\DR2 - Size: 0x1DE500000 (7.47 Gb), SectorSize: 0x200, Cylinders: 0x3CF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:31:36.0112 0368 \Device\Harddisk0\DR0:
12:31:36.0112 0368 MBR used
12:31:36.0112 0368 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
12:31:36.0113 0368 \Device\Harddisk1\DR1:
12:31:36.0113 0368 MBR used
12:31:36.0113 0368 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:31:36.0113 0368 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
12:31:36.0113 0368 \Device\Harddisk2\DR2:
12:31:36.0113 0368 MBR used
12:31:36.0113 0368 \Device\Harddisk2\DR2\Partition0: MBR, Type 0xB, StartLBA 0x78, BlocksNum 0xEF2788
12:31:36.0196 0368 Initialize success
12:31:36.0196 0368 ============================================================
12:31:50.0748 3688 ============================================================
12:31:50.0748 3688 Scan started
12:31:50.0748 3688 Mode: Manual; SigCheck; TDLFS;
12:31:50.0748 3688 ============================================================
12:31:52.0055 3688 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
12:31:52.0104 3688 1394ohci - ok
12:31:52.0170 3688 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
12:31:52.0182 3688 ACPI - ok
12:31:52.0217 3688 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
12:31:52.0280 3688 AcpiPmi - ok
12:31:52.0395 3688 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:31:52.0404 3688 AdobeFlashPlayerUpdateSvc - ok
12:31:52.0435 3688 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:31:52.0450 3688 adp94xx - ok
12:31:52.0475 3688 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:31:52.0487 3688 adpahci - ok
12:31:52.0509 3688 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:31:52.0518 3688 adpu320 - ok
12:31:52.0551 3688 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:31:52.0584 3688 AeLookupSvc - ok
12:31:52.0613 3688 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
12:31:52.0655 3688 AFD - ok
12:31:52.0674 3688 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
12:31:52.0682 3688 agp440 - ok
12:31:52.0820 3688 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll
12:31:52.0820 3688 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
12:31:52.0825 3688 Akamai ( HiddenFile.Multi.Generic ) - warning
12:31:52.0825 3688 Akamai - detected HiddenFile.Multi.Generic (1)
12:31:52.0847 3688 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:31:52.0896 3688 ALG - ok
12:31:52.0931 3688 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
12:31:52.0938 3688 aliide - ok
12:31:53.0006 3688 AMD External Events Utility (2164f98ffbebb17c17c9aa7057126a21) C:\Windows\system32\atiesrxx.exe
12:31:53.0070 3688 AMD External Events Utility - ok
12:31:53.0088 3688 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
12:31:53.0094 3688 amdide - ok
12:31:53.0125 3688 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:31:53.0159 3688 AmdK8 - ok
12:31:53.0361 3688 amdkmdag (43bd304bb9f43973a75b37c6d7c88a83) C:\Windows\system32\DRIVERS\atikmdag.sys
12:31:53.0598 3688 amdkmdag - ok
12:31:53.0624 3688 amdkmdap (783f10e1cb8503b556e5a9df0a264031) C:\Windows\system32\DRIVERS\atikmpag.sys
12:31:53.0648 3688 amdkmdap - ok
12:31:53.0661 3688 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:31:53.0683 3688 AmdPPM - ok
12:31:53.0702 3688 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
12:31:53.0711 3688 amdsata - ok
12:31:53.0723 3688 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:31:53.0733 3688 amdsbs - ok
12:31:53.0746 3688 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
12:31:53.0752 3688 amdxata - ok
12:31:53.0808 3688 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
12:31:53.0887 3688 AppID - ok
12:31:53.0915 3688 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:31:53.0953 3688 AppIDSvc - ok
12:31:53.0975 3688 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
12:31:54.0017 3688 Appinfo - ok
12:31:54.0106 3688 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:31:54.0111 3688 Apple Mobile Device - ok
12:31:54.0143 3688 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
12:31:54.0168 3688 AppMgmt - ok
12:31:54.0193 3688 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:31:54.0201 3688 arc - ok
12:31:54.0222 3688 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:31:54.0229 3688 arcsas - ok
12:31:54.0328 3688 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:31:54.0333 3688 aspnet_state - ok
12:31:54.0356 3688 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:31:54.0392 3688 AsyncMac - ok
12:31:54.0411 3688 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
12:31:54.0417 3688 atapi - ok
12:31:54.0469 3688 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
12:31:54.0477 3688 AtiHDAudioService - ok
12:31:54.0508 3688 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
12:31:54.0516 3688 AtiHdmiService - ok
12:31:54.0561 3688 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
12:31:54.0608 3688 AudioEndpointBuilder - ok
12:31:54.0618 3688 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
12:31:54.0647 3688 AudioSrv - ok
12:31:54.0683 3688 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
12:31:54.0736 3688 AxInstSV - ok
12:31:54.0770 3688 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:31:54.0804 3688 b06bdrv - ok
12:31:54.0833 3688 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:31:54.0860 3688 b57nd60a - ok
12:31:54.0895 3688 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:31:54.0928 3688 BDESVC - ok
12:31:54.0947 3688 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:31:54.0985 3688 Beep - ok
12:31:55.0027 3688 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
12:31:55.0079 3688 BFE - ok
12:31:55.0111 3688 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
12:31:55.0150 3688 BITS - ok
12:31:55.0173 3688 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:31:55.0191 3688 blbdrive - ok
12:31:55.0237 3688 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:31:55.0249 3688 Bonjour Service - ok
12:31:55.0275 3688 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
12:31:55.0301 3688 bowser - ok
12:31:55.0314 3688 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:31:55.0334 3688 BrFiltLo - ok
12:31:55.0356 3688 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:31:55.0366 3688 BrFiltUp - ok
12:31:55.0413 3688 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:31:55.0446 3688 BridgeMP - ok
12:31:55.0476 3688 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
12:31:55.0513 3688 Browser - ok
12:31:55.0537 3688 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:31:55.0558 3688 Brserid - ok
12:31:55.0586 3688 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:31:55.0596 3688 BrSerWdm - ok
12:31:55.0620 3688 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:31:55.0642 3688 BrUsbMdm - ok
12:31:55.0653 3688 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:31:55.0665 3688 BrUsbSer - ok
12:31:55.0682 3688 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:31:55.0703 3688 BTHMODEM - ok
12:31:55.0724 3688 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:31:55.0766 3688 bthserv - ok
12:31:55.0789 3688 catchme - ok
12:31:55.0820 3688 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:31:55.0846 3688 cdfs - ok
12:31:55.0880 3688 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
12:31:55.0899 3688 cdrom - ok
12:31:55.0933 3688 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
12:31:55.0976 3688 CertPropSvc - ok
12:31:55.0997 3688 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:31:56.0008 3688 circlass - ok
12:31:56.0036 3688 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:31:56.0048 3688 CLFS - ok
12:31:56.0092 3688 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:31:56.0101 3688 clr_optimization_v2.0.50727_32 - ok
12:31:56.0134 3688 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:31:56.0140 3688 clr_optimization_v2.0.50727_64 - ok
12:31:56.0237 3688 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:31:56.0246 3688 clr_optimization_v4.0.30319_32 - ok
12:31:56.0312 3688 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:31:56.0322 3688 clr_optimization_v4.0.30319_64 - ok
12:31:56.0342 3688 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:31:56.0359 3688 CmBatt - ok
12:31:56.0366 3688 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
12:31:56.0376 3688 cmdide - ok
12:31:56.0396 3688 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
12:31:56.0425 3688 CNG - ok
12:31:56.0443 3688 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:31:56.0450 3688 Compbatt - ok
12:31:56.0480 3688 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
12:31:56.0501 3688 CompositeBus - ok
12:31:56.0536 3688 COMSysApp - ok
12:31:56.0557 3688 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:31:56.0567 3688 crcdisk - ok
12:31:56.0613 3688 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
12:31:56.0665 3688 CryptSvc - ok
12:31:56.0697 3688 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
12:31:56.0743 3688 CSC - ok
12:31:56.0772 3688 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
12:31:56.0813 3688 CscService - ok
12:31:56.0860 3688 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
12:31:56.0870 3688 ctxusbm - ok
12:31:56.0956 3688 DAUpdaterSvc (80861969541971176e005d2c09dae851) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
12:31:56.0962 3688 DAUpdaterSvc - ok
12:31:57.0007 3688 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
12:31:57.0063 3688 DcomLaunch - ok
12:31:57.0105 3688 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:31:57.0149 3688 defragsvc - ok
12:31:57.0186 3688 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
12:31:57.0221 3688 DfsC - ok
12:31:57.0256 3688 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
12:31:57.0316 3688 Dhcp - ok
12:31:57.0341 3688 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:31:57.0390 3688 discache - ok
12:31:57.0429 3688 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:31:57.0442 3688 Disk - ok
12:31:57.0455 3688 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll
12:31:57.0499 3688 Dnscache - ok
12:31:57.0530 3688 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
12:31:57.0576 3688 dot3svc - ok
12:31:57.0593 3688 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
12:31:57.0621 3688 DPS - ok
12:31:57.0651 3688 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:31:57.0672 3688 drmkaud - ok
12:31:57.0700 3688 DXGKrnl (7cb7d2b73813ce05c7bc0f5f95d27cec) C:\Windows\System32\drivers\dxgkrnl.sys
12:31:57.0757 3688 DXGKrnl - ok
12:31:57.0778 3688 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:31:57.0805 3688 EapHost - ok
12:31:57.0880 3688 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:31:57.0988 3688 ebdrv - ok
12:31:58.0011 3688 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
12:31:58.0021 3688 EFS - ok
12:31:58.0069 3688 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\Windows\ehome\ehRecvr.exe
12:31:58.0126 3688 ehRecvr - ok
12:31:58.0139 3688 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:31:58.0153 3688 ehSched - ok
12:31:58.0195 3688 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:31:58.0210 3688 elxstor - ok
12:31:58.0229 3688 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
12:31:58.0247 3688 ErrDev - ok
12:31:58.0272 3688 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:31:58.0313 3688 EventSystem - ok
12:31:58.0331 3688 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:31:58.0358 3688 exfat - ok
12:31:58.0375 3688 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:31:58.0409 3688 fastfat - ok
12:31:58.0444 3688 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
12:31:58.0494 3688 Fax - ok
12:31:58.0510 3688 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:31:58.0530 3688 fdc - ok
12:31:58.0545 3688 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:31:58.0576 3688 fdPHost - ok
12:31:58.0589 3688 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:31:58.0615 3688 FDResPub - ok
12:31:58.0626 3688 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:31:58.0633 3688 FileInfo - ok
12:31:58.0647 3688 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:31:58.0687 3688 Filetrace - ok
12:31:58.0767 3688 FLEXnet Licensing Service 64 (a4297244d4f817278a6ae45b1899ca9c) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:31:58.0811 3688 FLEXnet Licensing Service 64 - ok
12:31:58.0830 3688 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:31:58.0838 3688 flpydisk - ok
12:31:58.0855 3688 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
12:31:58.0866 3688 FltMgr - ok
12:31:58.0896 3688 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll
12:31:58.0956 3688 FontCache - ok
12:31:58.0994 3688 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:31:59.0001 3688 FontCache3.0.0.0 - ok
12:31:59.0023 3688 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:31:59.0034 3688 FsDepends - ok
12:31:59.0088 3688 FSProFilter (bce299c96e94670680b72b1d4476eaa8) C:\Windows\system32\Drivers\FSPFltd.sys
12:31:59.0099 3688 FSProFilter - ok
12:31:59.0136 3688 fsproflt (b6911cb6436139af4b65f0c26c0f69ad) C:\Windows\SysWOW64\fsproflt.exe
12:31:59.0145 3688 fsproflt - ok
12:31:59.0158 3688 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:31:59.0167 3688 Fs_Rec - ok
12:31:59.0194 3688 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
12:31:59.0205 3688 fvevol - ok
12:31:59.0230 3688 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:31:59.0237 3688 gagp30kx - ok
12:31:59.0264 3688 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:31:59.0268 3688 GEARAspiWDM - ok
12:31:59.0301 3688 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
12:31:59.0335 3688 gpsvc - ok
12:31:59.0354 3688 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:31:59.0391 3688 hcw85cir - ok
12:31:59.0423 3688 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
12:31:59.0449 3688 HdAudAddService - ok
12:31:59.0470 3688 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:31:59.0495 3688 HDAudBus - ok
12:31:59.0514 3688 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:31:59.0532 3688 HidBatt - ok
12:31:59.0544 3688 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:31:59.0566 3688 HidBth - ok
12:31:59.0594 3688 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:31:59.0620 3688 HidIr - ok
12:31:59.0637 3688 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:31:59.0674 3688 hidserv - ok
12:31:59.0703 3688 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
12:31:59.0712 3688 HidUsb - ok
12:31:59.0741 3688 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
12:31:59.0786 3688 hkmsvc - ok
12:31:59.0807 3688 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
12:31:59.0832 3688 HomeGroupListener - ok
12:31:59.0853 3688 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
12:31:59.0875 3688 HomeGroupProvider - ok
12:31:59.0912 3688 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
12:31:59.0919 3688 HpSAMD - ok
12:31:59.0959 3688 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
12:32:00.0011 3688 HTTP - ok
12:32:00.0026 3688 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
12:32:00.0035 3688 hwpolicy - ok
12:32:00.0077 3688 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:32:00.0092 3688 i8042prt - ok
12:32:00.0118 3688 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
12:32:00.0136 3688 iaStorV - ok
12:32:00.0200 3688 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:32:00.0238 3688 idsvc - ok
12:32:00.0330 3688 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
12:32:00.0340 3688 IHA_MessageCenter - ok
12:32:00.0354 3688 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:32:00.0364 3688 iirsp - ok
12:32:00.0415 3688 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
12:32:00.0487 3688 IKEEXT - ok
12:32:00.0509 3688 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
12:32:00.0516 3688 intelide - ok
12:32:00.0542 3688 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:32:00.0559 3688 intelppm - ok
12:32:00.0584 3688 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:32:00.0611 3688 IPBusEnum - ok
12:32:00.0626 3688 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:32:00.0651 3688 IpFilterDriver - ok
12:32:00.0701 3688 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
12:32:00.0750 3688 iphlpsvc - ok
12:32:00.0761 3688 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:32:00.0770 3688 IPMIDRV - ok
12:32:00.0785 3688 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:32:00.0819 3688 IPNAT - ok
12:32:00.0892 3688 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
12:32:00.0933 3688 iPod Service - ok
12:32:00.0959 3688 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:32:00.0971 3688 IRENUM - ok
12:32:00.0986 3688 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
12:32:00.0993 3688 isapnp - ok
12:32:01.0016 3688 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
12:32:01.0026 3688 iScsiPrt - ok
12:32:01.0059 3688 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:32:01.0072 3688 kbdclass - ok
12:32:01.0101 3688 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
12:32:01.0122 3688 kbdhid - ok
12:32:01.0156 3688 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
12:32:01.0170 3688 KeyIso - ok
12:32:01.0183 3688 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
12:32:01.0193 3688 KSecDD - ok
12:32:01.0212 3688 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
12:32:01.0224 3688 KSecPkg - ok
12:32:01.0236 3688 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:32:01.0271 3688 ksthunk - ok
12:32:01.0307 3688 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:32:01.0366 3688 KtmRm - ok
12:32:01.0401 3688 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\System32\srvsvc.dll
12:32:01.0432 3688 LanmanServer - ok
12:32:01.0460 3688 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
12:32:01.0489 3688 LanmanWorkstation - ok
12:32:01.0520 3688 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:32:01.0545 3688 lltdio - ok
12:32:01.0565 3688 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:32:01.0595 3688 lltdsvc - ok
12:32:01.0615 3688 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:32:01.0641 3688 lmhosts - ok
12:32:01.0777 3688 LMIGuardianSvc (ad988709675d9e35a60b2616bef108e9) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
12:32:01.0788 3688 LMIGuardianSvc - ok
12:32:01.0831 3688 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
12:32:01.0839 3688 LMIInfo - ok
12:32:01.0894 3688 LMIMaint (bd043199fc0bf5f2810f54c8b374590b) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
12:32:01.0903 3688 LMIMaint - ok
12:32:01.0927 3688 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
12:32:01.0933 3688 lmimirr - ok
12:32:01.0955 3688 LMIRfsClientNP - ok
12:32:01.0983 3688 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
12:32:01.0989 3688 LMIRfsDriver - ok
12:32:02.0002 3688 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
12:32:02.0011 3688 LogMeIn - ok
12:32:02.0040 3688 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:32:02.0048 3688 LSI_FC - ok
12:32:02.0064 3688 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:32:02.0072 3688 LSI_SAS - ok
12:32:02.0088 3688 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:32:02.0096 3688 LSI_SAS2 - ok
12:32:02.0114 3688 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:32:02.0122 3688 LSI_SCSI - ok
12:32:02.0147 3688 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:32:02.0184 3688 luafv - ok
12:32:02.0224 3688 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
12:32:02.0246 3688 Mcx2Svc - ok
12:32:02.0265 3688 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:32:02.0272 3688 megasas - ok
12:32:02.0296 3688 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:32:02.0307 3688 MegaSR - ok
12:32:02.0408 3688 mi-raysat_3dsmax2011_64 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
12:32:02.0420 3688 mi-raysat_3dsmax2011_64 ( UnsignedFile.Multi.Generic ) - warning
12:32:02.0420 3688 mi-raysat_3dsmax2011_64 - detected UnsignedFile.Multi.Generic (1)
12:32:02.0501 3688 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:32:02.0509 3688 Microsoft Office Groove Audit Service - ok
12:32:02.0534 3688 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:32:02.0585 3688 MMCSS - ok
12:32:02.0606 3688 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:32:02.0649 3688 Modem - ok
12:32:02.0674 3688 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:32:02.0696 3688 monitor - ok
12:32:02.0721 3688 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:32:02.0728 3688 mouclass - ok
12:32:02.0756 3688 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:32:02.0764 3688 mouhid - ok
12:32:02.0776 3688 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
12:32:02.0783 3688 mountmgr - ok
12:32:02.0803 3688 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
12:32:02.0813 3688 mpio - ok
12:32:02.0841 3688 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:32:02.0867 3688 mpsdrv - ok
12:32:02.0945 3688 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
12:32:02.0995 3688 MpsSvc - ok
12:32:03.0027 3688 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
12:32:03.0066 3688 MRxDAV - ok
12:32:03.0087 3688 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:32:03.0126 3688 mrxsmb - ok
12:32:03.0146 3688 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:32:03.0175 3688 mrxsmb10 - ok
12:32:03.0189 3688 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:32:03.0215 3688 mrxsmb20 - ok
12:32:03.0229 3688 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
12:32:03.0236 3688 msahci - ok
12:32:03.0257 3688 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
12:32:03.0267 3688 msdsm - ok
12:32:03.0291 3688 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:32:03.0304 3688 MSDTC - ok
12:32:03.0319 3688 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:32:03.0344 3688 Msfs - ok
12:32:03.0359 3688 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:32:03.0387 3688 mshidkmdf - ok
12:32:03.0400 3688 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
12:32:03.0406 3688 msisadrv - ok
12:32:03.0452 3688 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:32:03.0502 3688 MSiSCSI - ok
12:32:03.0508 3688 msiserver - ok
12:32:03.0526 3688 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:32:03.0556 3688 MSKSSRV - ok
12:32:03.0573 3688 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:32:03.0597 3688 MSPCLOCK - ok
12:32:03.0610 3688 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:32:03.0644 3688 MSPQM - ok
12:32:03.0669 3688 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
12:32:03.0681 3688 MsRPC - ok
12:32:03.0692 3688 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
12:32:03.0698 3688 mssmbios - ok
12:32:03.0773 3688 MSSQL$SQLEXPRESS - ok
12:32:03.0818 3688 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
12:32:03.0826 3688 MSSQLServerADHelper100 - ok
12:32:03.0840 3688 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:32:03.0872 3688 MSTEE - ok
12:32:04.0090 3688 msvsmon90 (cb4a082af58d1a0969f931816d5cfb05) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
12:32:04.0212 3688 msvsmon90 - ok
12:32:04.0226 3688 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:32:04.0243 3688 MTConfig - ok
12:32:04.0263 3688 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:32:04.0270 3688 Mup - ok
12:32:04.0310 3688 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
12:32:04.0364 3688 napagent - ok
12:32:04.0400 3688 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:32:04.0425 3688 NativeWifiP - ok
12:32:04.0461 3688 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
12:32:04.0477 3688 NDIS - ok
12:32:04.0493 3688 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:32:04.0519 3688 NdisCap - ok
12:32:04.0544 3688 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:32:04.0583 3688 NdisTapi - ok
12:32:04.0595 3688 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
12:32:04.0625 3688 Ndisuio - ok
12:32:04.0644 3688 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:32:04.0685 3688 NdisWan - ok
12:32:04.0699 3688 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
12:32:04.0725 3688 NDProxy - ok
12:32:04.0739 3688 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:32:04.0765 3688 NetBIOS - ok
12:32:04.0780 3688 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
12:32:04.0818 3688 NetBT - ok
12:32:04.0841 3688 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
12:32:04.0851 3688 Netlogon - ok
12:32:04.0886 3688 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:32:04.0927 3688 Netman - ok
12:32:05.0008 3688 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:32:05.0017 3688 NetMsmqActivator - ok
12:32:05.0026 3688 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:32:05.0034 3688 NetPipeActivator - ok
12:32:05.0047 3688 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:32:05.0081 3688 netprofm - ok
12:32:05.0090 3688 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:32:05.0096 3688 NetTcpActivator - ok
12:32:05.0099 3688 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:32:05.0105 3688 NetTcpPortSharing - ok
12:32:05.0122 3688 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:32:05.0129 3688 nfrd960 - ok
12:32:05.0151 3688 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
12:32:05.0193 3688 NlaSvc - ok
12:32:05.0266 3688 NovacomD (1e8281a0bc4358cf816754e0a195d329) C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe
12:32:05.0282 3688 NovacomD ( UnsignedFile.Multi.Generic ) - warning
12:32:05.0282 3688 NovacomD - detected UnsignedFile.Multi.Generic (1)
12:32:05.0304 3688 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:32:05.0341 3688 Npfs - ok
12:32:05.0353 3688 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:32:05.0391 3688 nsi - ok
12:32:05.0411 3688 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:32:05.0448 3688 nsiproxy - ok
12:32:05.0490 3688 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
12:32:05.0514 3688 Ntfs - ok
12:32:05.0525 3688 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:32:05.0558 3688 Null - ok
12:32:05.0577 3688 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
12:32:05.0586 3688 nvraid - ok
12:32:05.0604 3688 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
12:32:05.0613 3688 nvstor - ok
12:32:05.0629 3688 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
12:32:05.0637 3688 nv_agp - ok
12:32:05.0728 3688 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:32:05.0739 3688 odserv - ok
12:32:05.0757 3688 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
12:32:05.0766 3688 ohci1394 - ok
12:32:05.0834 3688 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:32:05.0844 3688 ose - ok
12:32:06.0017 3688 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:32:06.0157 3688 osppsvc - ok
12:32:06.0201 3688 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:32:06.0227 3688 p2pimsvc - ok
12:32:06.0248 3688 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:32:06.0265 3688 p2psvc - ok
12:32:06.0292 3688 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:32:06.0302 3688 Parport - ok
12:32:06.0318 3688 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
12:32:06.0325 3688 partmgr - ok
12:32:06.0343 3688 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:32:06.0369 3688 PcaSvc - ok
12:32:06.0383 3688 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
12:32:06.0392 3688 pci - ok
12:32:06.0402 3688 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
12:32:06.0408 3688 pciide - ok
12:32:06.0434 3688 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:32:06.0444 3688 pcmcia - ok
12:32:06.0461 3688 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:32:06.0468 3688 pcw - ok
12:32:06.0492 3688 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:32:06.0532 3688 PEAUTH - ok
12:32:06.0570 3688 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
12:32:06.0631 3688 PeerDistSvc - ok
12:32:06.0684 3688 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:32:06.0708 3688 PerfHost - ok
12:32:06.0749 3688 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
12:32:06.0818 3688 pla - ok
12:32:06.0846 3688 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll
12:32:06.0885 3688 PlugPlay - ok
12:32:06.0911 3688 PnkBstrA - ok
12:32:06.0930 3688 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:32:06.0960 3688 PNRPAutoReg - ok
12:32:06.0981 3688 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:32:06.0993 3688 PNRPsvc - ok
12:32:07.0025 3688 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
12:32:07.0086 3688 PolicyAgent - ok
12:32:07.0112 3688 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:32:07.0149 3688 Power - ok
12:32:07.0210 3688 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
12:32:07.0251 3688 PptpMiniport - ok
12:32:07.0267 3688 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:32:07.0283 3688 Processor - ok
12:32:07.0298 3688 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
12:32:07.0341 3688 ProfSvc - ok
12:32:07.0354 3688 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
12:32:07.0364 3688 ProtectedStorage - ok
12:32:07.0396 3688 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
12:32:07.0422 3688 Psched - ok
12:32:07.0470 3688 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:32:07.0527 3688 ql2300 - ok
12:32:07.0557 3688 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:32:07.0566 3688 ql40xx - ok
12:32:07.0587 3688 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:32:07.0603 3688 QWAVE - ok
12:32:07.0626 3688 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:32:07.0650 3688 QWAVEdrv - ok
12:32:07.0697 3688 radpms (58435613c2537715a9423597ec6635cc) C:\Windows\system32\DRIVERS\radpms.sys
12:32:07.0703 3688 radpms - ok
12:32:07.0719 3688 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:32:07.0757 3688 RasAcd - ok
12:32:07.0790 3688 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:32:07.0815 3688 RasAgileVpn - ok
12:32:07.0837 3688 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:32:07.0865 3688 RasAuto - ok
12:32:07.0880 3688 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:32:07.0907 3688 Rasl2tp - ok
12:32:07.0930 3688 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
12:32:07.0963 3688 RasMan - ok
12:32:07.0982 3688 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:32:08.0019 3688 RasPppoe - ok
12:32:08.0036 3688 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:32:08.0070 3688 RasSstp - ok
12:32:08.0088 3688 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
12:32:08.0123 3688 rdbss - ok
12:32:08.0140 3688 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:32:08.0151 3688 rdpbus - ok
12:32:08.0167 3688 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:32:08.0191 3688 RDPCDD - ok
12:32:08.0224 3688 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
12:32:08.0253 3688 RDPDR - ok
12:32:08.0279 3688 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:32:08.0304 3688 RDPENCDD - ok
12:32:08.0321 3688 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:32:08.0345 3688 RDPREFMP - ok
12:32:08.0369 3688 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
12:32:08.0420 3688 RDPWD - ok
12:32:08.0437 3688 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
12:32:08.0446 3688 rdyboost - ok
12:32:08.0482 3688 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:32:08.0516 3688 RemoteAccess - ok
12:32:08.0551 3688 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:32:08.0579 3688 RemoteRegistry - ok
12:32:08.0613 3688 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:32:08.0634 3688 RimUsb - ok
12:32:08.0681 3688 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:32:08.0700 3688 RimVSerPort - ok
12:32:08.0717 3688 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
12:32:08.0742 3688 ROOTMODEM - ok
12:32:08.0756 3688 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:32:08.0790 3688 RpcEptMapper - ok
12:32:08.0812 3688 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:32:08.0834 3688 RpcLocator - ok
12:32:08.0856 3688 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\System32\rpcss.dll
12:32:08.0886 3688 RpcSs - ok
12:32:08.0897 3688 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:32:08.0932 3688 rspndr - ok
12:32:08.0967 3688 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:32:08.0978 3688 RTL8167 - ok
12:32:09.0008 3688 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
12:32:09.0039 3688 s3cap - ok
12:32:09.0055 3688 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
12:32:09.0070 3688 SamSs - ok
12:32:09.0089 3688 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
12:32:09.0097 3688 sbp2port - ok
12:32:09.0160 3688 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:32:09.0201 3688 SBSDWSCService - ok
12:32:09.0223 3688 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:32:09.0276 3688 SCardSvr - ok
12:32:09.0294 3688 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
12:32:09.0330 3688 scfilter - ok
12:32:09.0365 3688 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\Windows\system32\schedsvc.dll
12:32:09.0400 3688 Schedule - ok
12:32:09.0434 3688 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
12:32:09.0459 3688 SCPolicySvc - ok
12:32:09.0489 3688 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
12:32:09.0522 3688 SDRSVC - ok
12:32:09.0545 3688 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:32:09.0577 3688 secdrv - ok
12:32:09.0592 3688 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
12:32:09.0630 3688 seclogon - ok
12:32:09.0647 3688 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:32:09.0676 3688 SENS - ok
12:32:09.0689 3688 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:32:09.0710 3688 SensrSvc - ok
12:32:09.0739 3688 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:32:09.0748 3688 Serenum - ok
12:32:09.0761 3688 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:32:09.0784 3688 Serial - ok
12:32:09.0799 3688 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:32:09.0822 3688 sermouse - ok
12:32:09.0843 3688 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
12:32:09.0872 3688 SessionEnv - ok
12:32:09.0893 3688 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
12:32:09.0921 3688 sffdisk - ok
12:32:09.0933 3688 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:32:09.0956 3688 sffp_mmc - ok
12:32:09.0971 3688 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:32:09.0981 3688 sffp_sd - ok
12:32:10.0009 3688 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:32:10.0017 3688 sfloppy - ok
12:32:10.0067 3688 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:32:10.0099 3688 SharedAccess - ok
12:32:10.0118 3688 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
12:32:10.0145 3688 ShellHWDetection - ok
12:32:10.0176 3688 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:32:10.0183 3688 SiSRaid2 - ok
12:32:10.0205 3688 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:32:10.0213 3688 SiSRaid4 - ok
12:32:10.0240 3688 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:32:10.0267 3688 Smb - ok
12:32:10.0292 3688 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:32:10.0304 3688 SNMPTRAP - ok
12:32:10.0320 3688 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:32:10.0327 3688 spldr - ok
12:32:10.0356 3688 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\Windows\System32\spoolsv.exe
12:32:10.0371 3688 Spooler - ok
12:32:10.0441 3688 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
12:32:10.0543 3688 sppsvc - ok
12:32:10.0567 3688 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:32:10.0595 3688 sppuinotify - ok
12:32:10.0656 3688 sprtsvc_verizondm - ok
12:32:10.0760 3688 SQLAgent$SQLEXPRESS (eb2fd937449b7aceb39372f875eb8e78) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
12:32:10.0771 3688 SQLAgent$SQLEXPRESS - ok
12:32:10.0828 3688 SQLBrowser (99de6acfa5ca83fad6a765c81c6f129f) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:32:10.0837 3688 SQLBrowser - ok
12:32:10.0920 3688 SQLWriter (6d65985945b03ca59b67d0b73702fc7b) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:32:10.0927 3688 SQLWriter - ok
12:32:10.0970 3688 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys
12:32:11.0002 3688 srv - ok
12:32:11.0023 3688 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
12:32:11.0061 3688 srv2 - ok
12:32:11.0076 3688 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys
12:32:11.0121 3688 srvnet - ok
12:32:11.0151 3688 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:32:11.0185 3688 SSDPSRV - ok
12:32:11.0198 3688 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:32:11.0226 3688 SstpSvc - ok
12:32:11.0263 3688 Steam Client Service - ok
12:32:11.0279 3688 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:32:11.0285 3688 stexstor - ok
12:32:11.0323 3688 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
12:32:11.0360 3688 stisvc - ok
12:32:11.0381 3688 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
12:32:11.0387 3688 storflt - ok
12:32:11.0412 3688 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
12:32:11.0435 3688 StorSvc - ok
12:32:11.0460 3688 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
12:32:11.0466 3688 storvsc - ok
12:32:11.0489 3688 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
12:32:11.0495 3688 swenum - ok
12:32:11.0627 3688 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:32:11.0642 3688 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
12:32:11.0643 3688 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
12:32:11.0668 3688 SWNC5E00 - ok
12:32:11.0704 3688 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:32:11.0745 3688 swprv - ok
12:32:11.0795 3688 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
12:32:11.0856 3688 SysMain - ok
12:32:11.0877 3688 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
12:32:11.0904 3688 TabletInputService - ok
12:32:11.0922 3688 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
12:32:11.0960 3688 TapiSrv - ok
12:32:11.0976 3688 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:32:12.0004 3688 TBS - ok
12:32:12.0053 3688 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys
12:32:12.0081 3688 Tcpip - ok
12:32:12.0168 3688 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys
12:32:12.0194 3688 TCPIP6 - ok
12:32:12.0212 3688 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
12:32:12.0238 3688 tcpipreg - ok
12:32:12.0259 3688 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:32:12.0308 3688 TDPIPE - ok
12:32:12.0334 3688 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
12:32:12.0361 3688 TDTCP - ok
12:32:12.0387 3688 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
12:32:12.0412 3688 tdx - ok
12:32:12.0423 3688 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
12:32:12.0430 3688 TermDD - ok
12:32:12.0464 3688 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
12:32:12.0501 3688 TermService - ok
12:32:12.0556 3688 tgsrvc_verizondm - ok
12:32:12.0566 3688 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:32:12.0582 3688 Themes - ok
12:32:12.0608 3688 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:32:12.0634 3688 THREADORDER - ok
12:32:12.0647 3688 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:32:12.0682 3688 TrkWks - ok
12:32:12.0716 3688 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
12:32:12.0727 3688 TrustedInstaller - ok
12:32:12.0749 3688 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:32:12.0793 3688 tssecsrv - ok
12:32:12.0820 3688 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
12:32:12.0860 3688 tunnel - ok
12:32:12.0873 3688 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:32:12.0881 3688 uagp35 - ok
12:32:12.0899 3688 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
12:32:12.0938 3688 udfs - ok
12:32:12.0961 3688 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:32:12.0973 3688 UI0Detect - ok
12:32:12.0996 3688 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
12:32:13.0005 3688 uliagpkx - ok
12:32:13.0019 3688 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
12:32:13.0028 3688 umbus - ok
12:32:13.0041 3688 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:32:13.0053 3688 UmPass - ok
12:32:13.0093 3688 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
12:32:13.0115 3688 UmRdpService - ok
12:32:13.0150 3688 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:32:13.0183 3688 upnphost - ok
12:32:13.0227 3688 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
12:32:13.0259 3688 USBAAPL64 - ok
12:32:13.0319 3688 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
12:32:13.0344 3688 usbaudio - ok
12:32:13.0363 3688 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
12:32:13.0385 3688 usbccgp - ok
12:32:13.0414 3688 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
12:32:13.0425 3688 usbcir - ok
12:32:13.0440 3688 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
12:32:13.0449 3688 usbehci - ok
12:32:13.0479 3688 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
12:32:13.0499 3688 usbhub - ok
12:32:13.0514 3688 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
12:32:13.0523 3688 usbohci - ok
12:32:13.0534 3688 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:32:13.0551 3688 usbprint - ok
12:32:13.0564 3688 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:32:13.0580 3688 USBSTOR - ok
12:32:13.0593 3688 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
12:32:13.0602 3688 usbuhci - ok
12:32:13.0656 3688 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
12:32:13.0669 3688 usbvideo - ok
12:32:13.0699 3688 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:32:13.0727 3688 UxSms - ok
12:32:13.0752 3688 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
12:32:13.0762 3688 VaultSvc - ok
12:32:13.0791 3688 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
12:32:13.0797 3688 vdrvroot - ok
12:32:13.0828 3688 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
12:32:13.0854 3688 vds - ok
12:32:13.0865 3688 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:32:13.0875 3688 vga - ok
12:32:13.0891 3688 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:32:13.0925 3688 VgaSave - ok
12:32:13.0945 3688 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
12:32:13.0956 3688 vhdmp - ok
12:32:13.0972 3688 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
12:32:13.0979 3688 viaide - ok
12:32:14.0012 3688 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
12:32:14.0022 3688 vmbus - ok
12:32:14.0047 3688 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
12:32:14.0067 3688 VMBusHID - ok
12:32:14.0088 3688 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
12:32:14.0095 3688 volmgr - ok
12:32:14.0119 3688 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
12:32:14.0131 3688 volmgrx - ok
12:32:14.0150 3688 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
12:32:14.0161 3688 volsnap - ok
12:32:14.0223 3688 vpnagent (e4d2305ebb9de0871a1e13294d0f349b) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
12:32:14.0236 3688 vpnagent - ok
12:32:14.0275 3688 vpnva (0e4df91e83da5739ffb18535d4db10aa) C:\Windows\system32\DRIVERS\vpnva64.sys
12:32:14.0279 3688 vpnva - ok
12:32:14.0324 3688 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:32:14.0333 3688 vsmraid - ok
12:32:14.0384 3688 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
12:32:14.0431 3688 VSS - ok
12:32:14.0448 3688 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
12:32:14.0458 3688 vwifibus - ok
12:32:14.0484 3688 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:32:14.0517 3688 W32Time - ok
12:32:14.0531 3688 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:32:14.0540 3688 WacomPen - ok
12:32:14.0569 3688 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:32:14.0595 3688 WANARP - ok
12:32:14.0606 3688 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:32:14.0631 3688 Wanarpv6 - ok
12:32:14.0674 3688 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
12:32:14.0729 3688 wbengine - ok
12:32:14.0739 3688 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:32:14.0755 3688 WbioSrvc - ok
12:32:14.0765 3688 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
12:32:14.0784 3688 wcncsvc - ok
12:32:14.0804 3688 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:32:14.0840 3688 WcsPlugInService - ok
12:32:14.0855 3688 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:32:14.0862 3688 Wd - ok
12:32:14.0895 3688 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:32:14.0919 3688 Wdf01000 - ok
12:32:14.0937 3688 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:32:14.0962 3688 WdiServiceHost - ok
12:32:14.0965 3688 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:32:14.0980 3688 WdiSystemHost - ok
12:32:14.0997 3688 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
12:32:15.0019 3688 WebClient - ok
12:32:15.0037 3688 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:32:15.0071 3688 Wecsvc - ok
12:32:15.0091 3688 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:32:15.0125 3688 wercplsupport - ok
12:32:15.0149 3688 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:32:15.0178 3688 WerSvc - ok
12:32:15.0202 3688 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:32:15.0227 3688 WfpLwf - ok
12:32:15.0243 3688 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:32:15.0250 3688 WIMMount - ok
12:32:15.0284 3688 WinDefend - ok
12:32:15.0290 3688 WinHttpAutoProxySvc - ok
12:32:15.0330 3688 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:32:15.0358 3688 Winmgmt - ok
12:32:15.0409 3688 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
12:32:15.0485 3688 WinRM - ok
12:32:15.0538 3688 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
12:32:15.0548 3688 WinUsb - ok
12:32:15.0591 3688 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:32:15.0634 3688 Wlansvc - ok
12:32:15.0770 3688 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:32:15.0830 3688 wlidsvc - ok
12:32:15.0860 3688 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:32:15.0869 3688 WmiAcpi - ok
12:32:15.0928 3688 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:32:15.0960 3688 wmiApSrv - ok
12:32:15.0989 3688 WMPNetworkSvc - ok
12:32:16.0012 3688 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:32:16.0035 3688 WPCSvc - ok
12:32:16.0058 3688 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
12:32:16.0080 3688 WPDBusEnum - ok
12:32:16.0099 3688 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:32:16.0124 3688 ws2ifsl - ok
12:32:16.0151 3688 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
12:32:16.0173 3688 wscsvc - ok
12:32:16.0222 3688 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
12:32:16.0237 3688 WSDPrintDevice - ok
12:32:16.0244 3688 WSearch - ok
12:32:16.0328 3688 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
12:32:16.0404 3688 wuauserv - ok
12:32:16.0422 3688 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
12:32:16.0448 3688 WudfPf - ok
12:32:16.0469 3688 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:32:16.0509 3688 WUDFRd - ok
12:32:16.0528 3688 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
12:32:16.0568 3688 wudfsvc - ok
12:32:16.0596 3688 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:32:16.0614 3688 WwanSvc - ok
12:32:16.0654 3688 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
12:32:16.0660 3688 xusb21 - ok
12:32:16.0665 3688 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:32:16.0711 3688 \Device\Harddisk0\DR0 - ok
12:32:16.0726 3688 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
12:32:16.0824 3688 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
12:32:16.0824 3688 \Device\Harddisk1\DR1 - detected TDSS File System (1)
12:32:16.0829 3688 MBR (0x1B8) (66d0b28c8b44e531d0c19f436252abaa) \Device\Harddisk2\DR2
12:32:16.0940 3688 \Device\Harddisk2\DR2 - ok
12:32:16.0943 3688 Boot (0x1200) (c0dabd21efb7b34a86f3a560173d810a) \Device\Harddisk0\DR0\Partition0
12:32:16.0944 3688 \Device\Harddisk0\DR0\Partition0 - ok
12:32:16.0947 3688 Boot (0x1200) (b2a15a13923c019ca85488675415f8f3) \Device\Harddisk1\DR1\Partition0
12:32:16.0948 3688 \Device\Harddisk1\DR1\Partition0 - ok
12:32:16.0981 3688 Boot (0x1200) (75ca61066c3a2a018f1a06d6fd821e34) \Device\Harddisk1\DR1\Partition1
12:32:16.0982 3688 \Device\Harddisk1\DR1\Partition1 - ok
12:32:16.0986 3688 Boot (0x1200) (bf831a457f51b2f106aafe0142d26211) \Device\Harddisk2\DR2\Partition0
12:32:16.0987 3688 \Device\Harddisk2\DR2\Partition0 - ok
12:32:16.0987 3688 ============================================================
12:32:16.0987 3688 Scan finished
12:32:16.0987 3688 ============================================================
12:32:16.0995 1244 Detected object count: 5
12:32:16.0995 1244 Actual detected object count: 5
12:32:55.0834 1244 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
12:32:55.0834 1244 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
12:32:55.0835 1244 mi-raysat_3dsmax2011_64 ( UnsignedFile.Multi.Generic ) - skipped by user
12:32:55.0835 1244 mi-raysat_3dsmax2011_64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:32:55.0836 1244 NovacomD ( UnsignedFile.Multi.Generic ) - skipped by user
12:32:55.0836 1244 NovacomD ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:32:55.0837 1244 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
12:32:55.0837 1244 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:32:55.0837 1244 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
12:32:55.0837 1244 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
12:33:10.0847 0940 Deinitialize success

Thank you.
  • 0

#9
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)


Step 1

Run TDSSKiller using the same instructions as before and when you get to the following screen, the TDSS File System needs to be changed from Skip to Delete. You must leave all of the other items as Skip and then click Continue to remove the TDSS File System.

Posted Image

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.


Step 2

1. Close any open browsers.

2. Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

File:: 
c:\windows\SysWow64\dxdition.dll
c:\windows\SysWOW64\ykkcr.exe

Folder:: 
c:\windows\system32\%APPDATA%
c:\users\Zack\AppData\Local\af0bcd22

Rootkit::
c:\windows\system32\dds_log_ad13.cmd

DDS:
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>

Firefox::
FF - ProfilePath - c:\users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}


Save this as CFScript.txt, in the same location as ComboFix.exe.


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe.

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.


Things I want to see in your next reply

  • TDSSKiller.[Version]_[Date]_[Time]_log.txt
  • ComboFix.txt

  • 0

#10
klose

klose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
TDSSKiller Log:

16:33:01.0486 1368 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
16:33:01.0486 1368 ============================================================
16:33:01.0486 1368 Current date / time: 2012/04/06 16:33:01.0486
16:33:01.0486 1368 SystemInfo:
16:33:01.0486 1368
16:33:01.0486 1368 OS Version: 6.1.7600 ServicePack: 0.0
16:33:01.0486 1368 Product type: Workstation
16:33:01.0486 1368 ComputerName: BADLANDS
16:33:01.0486 1368 UserName: Zack
16:33:01.0486 1368 Windows directory: C:\Windows
16:33:01.0486 1368 System windows directory: C:\Windows
16:33:01.0486 1368 Running under WOW64
16:33:01.0486 1368 Processor architecture: Intel x64
16:33:01.0486 1368 Number of processors: 2
16:33:01.0486 1368 Page size: 0x1000
16:33:01.0486 1368 Boot type: Normal boot
16:33:01.0486 1368 ============================================================
16:33:07.0071 1368 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:33:07.0071 1368 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
16:33:07.0102 1368 \Device\Harddisk0\DR0:
16:33:07.0102 1368 MBR used
16:33:07.0102 1368 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
16:33:07.0102 1368 \Device\Harddisk1\DR1:
16:33:07.0102 1368 MBR used
16:33:07.0102 1368 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:33:07.0102 1368 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:33:07.0133 1368 Initialize success
16:33:07.0133 1368 ============================================================
16:33:12.0499 2508 ============================================================
16:33:12.0499 2508 Scan started
16:33:12.0499 2508 Mode: Manual; SigCheck; TDLFS;
16:33:12.0499 2508 ============================================================
16:33:12.0905 2508 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:33:12.0952 2508 1394ohci - ok
16:33:12.0967 2508 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:33:12.0983 2508 ACPI - ok
16:33:12.0999 2508 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:33:13.0014 2508 AcpiPmi - ok
16:33:13.0108 2508 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:33:13.0108 2508 AdobeFlashPlayerUpdateSvc - ok
16:33:13.0155 2508 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:33:13.0170 2508 adp94xx - ok
16:33:13.0186 2508 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:33:13.0186 2508 adpahci - ok
16:33:13.0201 2508 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:33:13.0217 2508 adpu320 - ok
16:33:13.0248 2508 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:33:13.0279 2508 AeLookupSvc - ok
16:33:13.0295 2508 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
16:33:13.0326 2508 AFD - ok
16:33:13.0342 2508 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:33:13.0357 2508 agp440 - ok
16:33:13.0482 2508 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll
16:33:13.0482 2508 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
16:33:13.0498 2508 Akamai ( HiddenFile.Multi.Generic ) - warning
16:33:13.0498 2508 Akamai - detected HiddenFile.Multi.Generic (1)
16:33:13.0513 2508 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:33:13.0529 2508 ALG - ok
16:33:13.0545 2508 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:33:13.0545 2508 aliide - ok
16:33:13.0591 2508 AMD External Events Utility (2164f98ffbebb17c17c9aa7057126a21) C:\Windows\system32\atiesrxx.exe
16:33:13.0623 2508 AMD External Events Utility - ok
16:33:13.0623 2508 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:33:13.0638 2508 amdide - ok
16:33:13.0654 2508 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:33:13.0669 2508 AmdK8 - ok
16:33:13.0857 2508 amdkmdag (43bd304bb9f43973a75b37c6d7c88a83) C:\Windows\system32\DRIVERS\atikmdag.sys
16:33:13.0950 2508 amdkmdag - ok
16:33:13.0966 2508 amdkmdap (783f10e1cb8503b556e5a9df0a264031) C:\Windows\system32\DRIVERS\atikmpag.sys
16:33:13.0981 2508 amdkmdap - ok
16:33:13.0997 2508 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:33:13.0997 2508 AmdPPM - ok
16:33:14.0028 2508 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
16:33:14.0028 2508 amdsata - ok
16:33:14.0044 2508 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:33:14.0059 2508 amdsbs - ok
16:33:14.0059 2508 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
16:33:14.0059 2508 amdxata - ok
16:33:14.0106 2508 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:33:14.0122 2508 AppID - ok
16:33:14.0137 2508 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:33:14.0169 2508 AppIDSvc - ok
16:33:14.0215 2508 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:33:14.0247 2508 Appinfo - ok
16:33:14.0340 2508 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:33:14.0340 2508 Apple Mobile Device - ok
16:33:14.0387 2508 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
16:33:14.0387 2508 AppMgmt - ok
16:33:14.0418 2508 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:33:14.0418 2508 arc - ok
16:33:14.0434 2508 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:33:14.0449 2508 arcsas - ok
16:33:14.0543 2508 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:33:14.0559 2508 aspnet_state - ok
16:33:14.0574 2508 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:33:14.0605 2508 AsyncMac - ok
16:33:14.0621 2508 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:33:14.0621 2508 atapi - ok
16:33:14.0668 2508 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
16:33:14.0683 2508 AtiHDAudioService - ok
16:33:14.0715 2508 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
16:33:14.0730 2508 AtiHdmiService - ok
16:33:14.0761 2508 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:33:14.0793 2508 AudioEndpointBuilder - ok
16:33:14.0824 2508 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:33:14.0839 2508 AudioSrv - ok
16:33:14.0871 2508 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:33:14.0886 2508 AxInstSV - ok
16:33:14.0917 2508 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:33:14.0933 2508 b06bdrv - ok
16:33:14.0964 2508 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:33:14.0980 2508 b57nd60a - ok
16:33:14.0995 2508 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:33:15.0011 2508 BDESVC - ok
16:33:15.0027 2508 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:33:15.0042 2508 Beep - ok
16:33:15.0089 2508 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
16:33:15.0120 2508 BFE - ok
16:33:15.0151 2508 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
16:33:15.0198 2508 BITS - ok
16:33:15.0214 2508 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:33:15.0214 2508 blbdrive - ok
16:33:15.0276 2508 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:33:15.0276 2508 Bonjour Service - ok
16:33:15.0307 2508 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
16:33:15.0354 2508 bowser - ok
16:33:15.0354 2508 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:33:15.0370 2508 BrFiltLo - ok
16:33:15.0385 2508 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:33:15.0385 2508 BrFiltUp - ok
16:33:15.0432 2508 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:33:15.0463 2508 BridgeMP - ok
16:33:15.0479 2508 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:33:15.0495 2508 Browser - ok
16:33:15.0526 2508 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:33:15.0526 2508 Brserid - ok
16:33:15.0541 2508 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:33:15.0557 2508 BrSerWdm - ok
16:33:15.0557 2508 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:33:15.0573 2508 BrUsbMdm - ok
16:33:15.0588 2508 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:33:15.0588 2508 BrUsbSer - ok
16:33:15.0604 2508 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:33:15.0619 2508 BTHMODEM - ok
16:33:15.0635 2508 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:33:15.0651 2508 bthserv - ok
16:33:15.0682 2508 catchme - ok
16:33:15.0697 2508 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:33:15.0729 2508 cdfs - ok
16:33:15.0760 2508 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:33:15.0760 2508 cdrom - ok
16:33:15.0791 2508 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:33:15.0807 2508 CertPropSvc - ok
16:33:15.0822 2508 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:33:15.0838 2508 circlass - ok
16:33:15.0853 2508 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:33:15.0869 2508 CLFS - ok
16:33:15.0900 2508 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:33:15.0916 2508 clr_optimization_v2.0.50727_32 - ok
16:33:15.0963 2508 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:33:15.0963 2508 clr_optimization_v2.0.50727_64 - ok
16:33:16.0072 2508 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:33:16.0072 2508 clr_optimization_v4.0.30319_32 - ok
16:33:16.0150 2508 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:33:16.0150 2508 clr_optimization_v4.0.30319_64 - ok
16:33:16.0181 2508 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:33:16.0197 2508 CmBatt - ok
16:33:16.0197 2508 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:33:16.0212 2508 cmdide - ok
16:33:16.0243 2508 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
16:33:16.0243 2508 CNG - ok
16:33:16.0259 2508 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:33:16.0259 2508 Compbatt - ok
16:33:16.0290 2508 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:33:16.0290 2508 CompositeBus - ok
16:33:16.0337 2508 COMSysApp - ok
16:33:16.0353 2508 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:33:16.0353 2508 crcdisk - ok
16:33:16.0399 2508 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
16:33:16.0431 2508 CryptSvc - ok
16:33:16.0446 2508 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
16:33:16.0462 2508 CSC - ok
16:33:16.0493 2508 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
16:33:16.0493 2508 CscService - ok
16:33:16.0555 2508 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
16:33:16.0555 2508 ctxusbm - ok
16:33:16.0649 2508 DAUpdaterSvc (80861969541971176e005d2c09dae851) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
16:33:16.0649 2508 DAUpdaterSvc - ok
16:33:16.0727 2508 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:33:16.0758 2508 DcomLaunch - ok
16:33:16.0774 2508 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:33:16.0805 2508 defragsvc - ok
16:33:16.0821 2508 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
16:33:16.0852 2508 DfsC - ok
16:33:16.0867 2508 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:33:16.0883 2508 Dhcp - ok
16:33:16.0899 2508 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:33:16.0930 2508 discache - ok
16:33:16.0977 2508 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:33:16.0977 2508 Disk - ok
16:33:16.0992 2508 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll
16:33:17.0039 2508 Dnscache - ok
16:33:17.0055 2508 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:33:17.0086 2508 dot3svc - ok
16:33:17.0101 2508 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:33:17.0133 2508 DPS - ok
16:33:17.0164 2508 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:33:17.0179 2508 drmkaud - ok
16:33:17.0195 2508 DXGKrnl (7cb7d2b73813ce05c7bc0f5f95d27cec) C:\Windows\System32\drivers\dxgkrnl.sys
16:33:17.0226 2508 DXGKrnl - ok
16:33:17.0242 2508 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:33:17.0273 2508 EapHost - ok
16:33:17.0351 2508 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:33:17.0382 2508 ebdrv - ok
16:33:17.0413 2508 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
16:33:17.0429 2508 EFS - ok
16:33:17.0476 2508 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\Windows\ehome\ehRecvr.exe
16:33:17.0491 2508 ehRecvr - ok
16:33:17.0507 2508 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:33:17.0523 2508 ehSched - ok
16:33:17.0554 2508 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:33:17.0569 2508 elxstor - ok
16:33:17.0585 2508 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:33:17.0585 2508 ErrDev - ok
16:33:17.0616 2508 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:33:17.0647 2508 EventSystem - ok
16:33:17.0663 2508 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:33:17.0694 2508 exfat - ok
16:33:17.0694 2508 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:33:17.0725 2508 fastfat - ok
16:33:17.0757 2508 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:33:17.0772 2508 Fax - ok
16:33:17.0788 2508 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:33:17.0788 2508 fdc - ok
16:33:17.0803 2508 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:33:17.0835 2508 fdPHost - ok
16:33:17.0835 2508 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:33:17.0866 2508 FDResPub - ok
16:33:17.0881 2508 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:33:17.0881 2508 FileInfo - ok
16:33:17.0897 2508 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:33:17.0928 2508 Filetrace - ok
16:33:18.0006 2508 FLEXnet Licensing Service 64 (a4297244d4f817278a6ae45b1899ca9c) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
16:33:18.0037 2508 FLEXnet Licensing Service 64 - ok
16:33:18.0053 2508 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:33:18.0069 2508 flpydisk - ok
16:33:18.0084 2508 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:33:18.0084 2508 FltMgr - ok
16:33:18.0131 2508 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll
16:33:18.0162 2508 FontCache - ok
16:33:18.0209 2508 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:33:18.0225 2508 FontCache3.0.0.0 - ok
16:33:18.0240 2508 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:33:18.0256 2508 FsDepends - ok
16:33:18.0303 2508 FSProFilter (bce299c96e94670680b72b1d4476eaa8) C:\Windows\system32\Drivers\FSPFltd.sys
16:33:18.0318 2508 FSProFilter - ok
16:33:18.0349 2508 fsproflt (b6911cb6436139af4b65f0c26c0f69ad) C:\Windows\SysWOW64\fsproflt.exe
16:33:18.0365 2508 fsproflt - ok
16:33:18.0381 2508 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:33:18.0381 2508 Fs_Rec - ok
16:33:18.0413 2508 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
16:33:18.0428 2508 fvevol - ok
16:33:18.0460 2508 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:33:18.0460 2508 gagp30kx - ok
16:33:18.0491 2508 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:33:18.0491 2508 GEARAspiWDM - ok
16:33:18.0522 2508 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:33:18.0538 2508 gpsvc - ok
16:33:18.0553 2508 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:33:18.0569 2508 hcw85cir - ok
16:33:18.0616 2508 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:33:18.0616 2508 HdAudAddService - ok
16:33:18.0647 2508 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:33:18.0662 2508 HDAudBus - ok
16:33:18.0678 2508 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:33:18.0694 2508 HidBatt - ok
16:33:18.0709 2508 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:33:18.0725 2508 HidBth - ok
16:33:18.0740 2508 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:33:18.0756 2508 HidIr - ok
16:33:18.0772 2508 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:33:18.0803 2508 hidserv - ok
16:33:18.0834 2508 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:33:18.0834 2508 HidUsb - ok
16:33:18.0865 2508 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:33:18.0896 2508 hkmsvc - ok
16:33:18.0912 2508 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:33:18.0928 2508 HomeGroupListener - ok
16:33:18.0959 2508 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:33:18.0959 2508 HomeGroupProvider - ok
16:33:19.0006 2508 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:33:19.0006 2508 HpSAMD - ok
16:33:19.0052 2508 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:33:19.0084 2508 HTTP - ok
16:33:19.0099 2508 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:33:19.0115 2508 hwpolicy - ok
16:33:19.0146 2508 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:33:19.0162 2508 i8042prt - ok
16:33:19.0193 2508 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
16:33:19.0193 2508 iaStorV - ok
16:33:19.0255 2508 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:33:19.0271 2508 idsvc - ok
16:33:19.0364 2508 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
16:33:19.0380 2508 IHA_MessageCenter - ok
16:33:19.0396 2508 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:33:19.0396 2508 iirsp - ok
16:33:19.0458 2508 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:33:19.0489 2508 IKEEXT - ok
16:33:19.0505 2508 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:33:19.0520 2508 intelide - ok
16:33:19.0552 2508 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:33:19.0552 2508 intelppm - ok
16:33:19.0583 2508 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:33:19.0598 2508 IPBusEnum - ok
16:33:19.0645 2508 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:33:19.0676 2508 IpFilterDriver - ok
16:33:19.0723 2508 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
16:33:19.0754 2508 iphlpsvc - ok
16:33:19.0786 2508 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:33:19.0786 2508 IPMIDRV - ok
16:33:19.0817 2508 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:33:19.0832 2508 IPNAT - ok
16:33:19.0910 2508 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
16:33:19.0926 2508 iPod Service - ok
16:33:19.0957 2508 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:33:19.0973 2508 IRENUM - ok
16:33:19.0988 2508 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:33:20.0004 2508 isapnp - ok
16:33:20.0020 2508 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:33:20.0035 2508 iScsiPrt - ok
16:33:20.0066 2508 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:33:20.0066 2508 kbdclass - ok
16:33:20.0082 2508 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:33:20.0098 2508 kbdhid - ok
16:33:20.0129 2508 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:33:20.0129 2508 KeyIso - ok
16:33:20.0160 2508 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
16:33:20.0160 2508 KSecDD - ok
16:33:20.0176 2508 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
16:33:20.0176 2508 KSecPkg - ok
16:33:20.0191 2508 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:33:20.0222 2508 ksthunk - ok
16:33:20.0254 2508 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:33:20.0285 2508 KtmRm - ok
16:33:20.0316 2508 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\System32\srvsvc.dll
16:33:20.0363 2508 LanmanServer - ok
16:33:20.0394 2508 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:33:20.0410 2508 LanmanWorkstation - ok
16:33:20.0441 2508 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:33:20.0472 2508 lltdio - ok
16:33:20.0488 2508 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:33:20.0519 2508 lltdsvc - ok
16:33:20.0534 2508 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:33:20.0566 2508 lmhosts - ok
16:33:20.0675 2508 LMIGuardianSvc (ad988709675d9e35a60b2616bef108e9) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
16:33:20.0690 2508 LMIGuardianSvc - ok
16:33:20.0737 2508 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
16:33:20.0753 2508 LMIInfo - ok
16:33:20.0784 2508 LMIMaint (bd043199fc0bf5f2810f54c8b374590b) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
16:33:20.0800 2508 LMIMaint - ok
16:33:20.0815 2508 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
16:33:20.0831 2508 lmimirr - ok
16:33:20.0846 2508 LMIRfsClientNP - ok
16:33:20.0878 2508 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
16:33:20.0893 2508 LMIRfsDriver - ok
16:33:20.0909 2508 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
16:33:20.0909 2508 LogMeIn - ok
16:33:20.0940 2508 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:33:20.0956 2508 LSI_FC - ok
16:33:20.0971 2508 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:33:20.0971 2508 LSI_SAS - ok
16:33:20.0987 2508 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:33:21.0002 2508 LSI_SAS2 - ok
16:33:21.0018 2508 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:33:21.0018 2508 LSI_SCSI - ok
16:33:21.0049 2508 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:33:21.0080 2508 luafv - ok
16:33:21.0096 2508 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:33:21.0112 2508 Mcx2Svc - ok
16:33:21.0127 2508 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:33:21.0143 2508 megasas - ok
16:33:21.0158 2508 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:33:21.0174 2508 MegaSR - ok
16:33:21.0283 2508 mi-raysat_3dsmax2011_64 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
16:33:21.0283 2508 mi-raysat_3dsmax2011_64 ( UnsignedFile.Multi.Generic ) - warning
16:33:21.0283 2508 mi-raysat_3dsmax2011_64 - detected UnsignedFile.Multi.Generic (1)
16:33:21.0361 2508 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:33:21.0361 2508 Microsoft Office Groove Audit Service - ok
16:33:21.0392 2508 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:33:21.0408 2508 MMCSS - ok
16:33:21.0424 2508 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:33:21.0455 2508 Modem - ok
16:33:21.0470 2508 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:33:21.0486 2508 monitor - ok
16:33:21.0517 2508 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:33:21.0517 2508 mouclass - ok
16:33:21.0548 2508 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:33:21.0564 2508 mouhid - ok
16:33:21.0580 2508 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:33:21.0580 2508 mountmgr - ok
16:33:21.0611 2508 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:33:21.0611 2508 mpio - ok
16:33:21.0642 2508 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:33:21.0658 2508 mpsdrv - ok
16:33:21.0736 2508 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
16:33:21.0767 2508 MpsSvc - ok
16:33:21.0798 2508 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:33:21.0814 2508 MRxDAV - ok
16:33:21.0845 2508 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:33:21.0860 2508 mrxsmb - ok
16:33:21.0876 2508 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:33:21.0923 2508 mrxsmb10 - ok
16:33:21.0938 2508 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:33:21.0954 2508 mrxsmb20 - ok
16:33:21.0970 2508 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:33:21.0985 2508 msahci - ok
16:33:22.0001 2508 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:33:22.0001 2508 msdsm - ok
16:33:22.0016 2508 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:33:22.0032 2508 MSDTC - ok
16:33:22.0048 2508 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:33:22.0079 2508 Msfs - ok
16:33:22.0094 2508 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:33:22.0110 2508 mshidkmdf - ok
16:33:22.0126 2508 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:33:22.0141 2508 msisadrv - ok
16:33:22.0188 2508 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:33:22.0204 2508 MSiSCSI - ok
16:33:22.0219 2508 msiserver - ok
16:33:22.0266 2508 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:33:22.0297 2508 MSKSSRV - ok
16:33:22.0313 2508 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:33:22.0328 2508 MSPCLOCK - ok
16:33:22.0344 2508 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:33:22.0375 2508 MSPQM - ok
16:33:22.0391 2508 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:33:22.0406 2508 MsRPC - ok
16:33:22.0422 2508 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:33:22.0422 2508 mssmbios - ok
16:33:22.0500 2508 MSSQL$SQLEXPRESS - ok
16:33:22.0547 2508 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:33:22.0547 2508 MSSQLServerADHelper100 - ok
16:33:22.0562 2508 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:33:22.0594 2508 MSTEE - ok
16:33:22.0781 2508 msvsmon90 (cb4a082af58d1a0969f931816d5cfb05) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
16:33:22.0828 2508 msvsmon90 - ok
16:33:22.0843 2508 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:33:22.0859 2508 MTConfig - ok
16:33:22.0890 2508 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:33:22.0890 2508 Mup - ok
16:33:22.0937 2508 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:33:22.0968 2508 napagent - ok
16:33:22.0999 2508 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:33:23.0015 2508 NativeWifiP - ok
16:33:23.0046 2508 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:33:23.0062 2508 NDIS - ok
16:33:23.0077 2508 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:33:23.0108 2508 NdisCap - ok
16:33:23.0140 2508 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:33:23.0171 2508 NdisTapi - ok
16:33:23.0186 2508 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:33:23.0218 2508 Ndisuio - ok
16:33:23.0233 2508 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:33:23.0264 2508 NdisWan - ok
16:33:23.0280 2508 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:33:23.0296 2508 NDProxy - ok
16:33:23.0311 2508 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:33:23.0342 2508 NetBIOS - ok
16:33:23.0358 2508 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:33:23.0389 2508 NetBT - ok
16:33:23.0405 2508 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:33:23.0420 2508 Netlogon - ok
16:33:23.0452 2508 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:33:23.0483 2508 Netman - ok
16:33:23.0576 2508 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:33:23.0576 2508 NetMsmqActivator - ok
16:33:23.0592 2508 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:33:23.0592 2508 NetPipeActivator - ok
16:33:23.0608 2508 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:33:23.0639 2508 netprofm - ok
16:33:23.0654 2508 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:33:23.0654 2508 NetTcpActivator - ok
16:33:23.0654 2508 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:33:23.0670 2508 NetTcpPortSharing - ok
16:33:23.0686 2508 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:33:23.0701 2508 nfrd960 - ok
16:33:23.0717 2508 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:33:23.0748 2508 NlaSvc - ok
16:33:23.0810 2508 NovacomD (1e8281a0bc4358cf816754e0a195d329) C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe
16:33:23.0810 2508 NovacomD ( UnsignedFile.Multi.Generic ) - warning
16:33:23.0810 2508 NovacomD - detected UnsignedFile.Multi.Generic (1)
16:33:23.0826 2508 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:33:23.0857 2508 Npfs - ok
16:33:23.0873 2508 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:33:23.0904 2508 nsi - ok
16:33:23.0920 2508 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:33:23.0935 2508 nsiproxy - ok
16:33:23.0982 2508 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
16:33:23.0998 2508 Ntfs - ok
16:33:24.0013 2508 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:33:24.0044 2508 Null - ok
16:33:24.0060 2508 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
16:33:24.0076 2508 nvraid - ok
16:33:24.0091 2508 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
16:33:24.0107 2508 nvstor - ok
16:33:24.0122 2508 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:33:24.0122 2508 nv_agp - ok
16:33:24.0216 2508 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:33:24.0216 2508 odserv - ok
16:33:24.0247 2508 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:33:24.0247 2508 ohci1394 - ok
16:33:24.0310 2508 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:33:24.0310 2508 ose - ok
16:33:24.0481 2508 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:33:24.0544 2508 osppsvc - ok
16:33:24.0575 2508 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:33:24.0590 2508 p2pimsvc - ok
16:33:24.0606 2508 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:33:24.0622 2508 p2psvc - ok
16:33:24.0653 2508 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:33:24.0653 2508 Parport - ok
16:33:24.0668 2508 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:33:24.0684 2508 partmgr - ok
16:33:24.0700 2508 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:33:24.0715 2508 PcaSvc - ok
16:33:24.0731 2508 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:33:24.0731 2508 pci - ok
16:33:24.0746 2508 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:33:24.0762 2508 pciide - ok
16:33:24.0778 2508 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:33:24.0793 2508 pcmcia - ok
16:33:24.0809 2508 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:33:24.0809 2508 pcw - ok
16:33:24.0840 2508 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:33:24.0871 2508 PEAUTH - ok
16:33:24.0902 2508 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
16:33:24.0934 2508 PeerDistSvc - ok
16:33:24.0980 2508 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:33:24.0996 2508 PerfHost - ok
16:33:25.0043 2508 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:33:25.0090 2508 pla - ok
16:33:25.0121 2508 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll
16:33:25.0152 2508 PlugPlay - ok
16:33:25.0183 2508 PnkBstrA - ok
16:33:25.0199 2508 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:33:25.0199 2508 PNRPAutoReg - ok
16:33:25.0230 2508 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:33:25.0246 2508 PNRPsvc - ok
16:33:25.0277 2508 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:33:25.0308 2508 PolicyAgent - ok
16:33:25.0324 2508 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:33:25.0355 2508 Power - ok
16:33:25.0370 2508 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:33:25.0402 2508 PptpMiniport - ok
16:33:25.0417 2508 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:33:25.0433 2508 Processor - ok
16:33:25.0448 2508 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
16:33:25.0480 2508 ProfSvc - ok
16:33:25.0495 2508 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:33:25.0511 2508 ProtectedStorage - ok
16:33:25.0542 2508 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:33:25.0558 2508 Psched - ok
16:33:25.0620 2508 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:33:25.0636 2508 ql2300 - ok
16:33:25.0667 2508 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:33:25.0667 2508 ql40xx - ok
16:33:25.0698 2508 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:33:25.0714 2508 QWAVE - ok
16:33:25.0729 2508 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:33:25.0745 2508 QWAVEdrv - ok
16:33:25.0792 2508 radpms (58435613c2537715a9423597ec6635cc) C:\Windows\system32\DRIVERS\radpms.sys
16:33:25.0807 2508 radpms - ok
16:33:25.0823 2508 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:33:25.0854 2508 RasAcd - ok
16:33:25.0885 2508 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:33:25.0916 2508 RasAgileVpn - ok
16:33:25.0932 2508 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:33:25.0963 2508 RasAuto - ok
16:33:25.0979 2508 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:33:26.0010 2508 Rasl2tp - ok
16:33:26.0026 2508 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:33:26.0057 2508 RasMan - ok
16:33:26.0057 2508 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:33:26.0088 2508 RasPppoe - ok
16:33:26.0104 2508 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:33:26.0135 2508 RasSstp - ok
16:33:26.0150 2508 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:33:26.0182 2508 rdbss - ok
16:33:26.0197 2508 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:33:26.0213 2508 rdpbus - ok
16:33:26.0228 2508 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:33:26.0244 2508 RDPCDD - ok
16:33:26.0275 2508 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
16:33:26.0291 2508 RDPDR - ok
16:33:26.0322 2508 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:33:26.0338 2508 RDPENCDD - ok
16:33:26.0369 2508 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:33:26.0384 2508 RDPREFMP - ok
16:33:26.0416 2508 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:33:26.0431 2508 RDPWD - ok
16:33:26.0462 2508 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:33:26.0462 2508 rdyboost - ok
16:33:26.0509 2508 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:33:26.0540 2508 RemoteAccess - ok
16:33:26.0587 2508 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:33:26.0618 2508 RemoteRegistry - ok
16:33:26.0650 2508 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:33:26.0650 2508 RimUsb - ok
16:33:26.0696 2508 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:33:26.0712 2508 RimVSerPort - ok
16:33:26.0728 2508 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:33:26.0743 2508 ROOTMODEM - ok
16:33:26.0759 2508 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:33:26.0790 2508 RpcEptMapper - ok
16:33:26.0821 2508 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:33:26.0821 2508 RpcLocator - ok
16:33:26.0852 2508 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\System32\rpcss.dll
16:33:26.0884 2508 RpcSs - ok
16:33:26.0884 2508 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:33:26.0915 2508 rspndr - ok
16:33:26.0946 2508 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:33:26.0962 2508 RTL8167 - ok
16:33:26.0993 2508 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
16:33:26.0993 2508 s3cap - ok
16:33:27.0008 2508 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:33:27.0024 2508 SamSs - ok
16:33:27.0040 2508 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:33:27.0055 2508 sbp2port - ok
16:33:27.0118 2508 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:33:27.0133 2508 SBSDWSCService - ok
16:33:27.0164 2508 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:33:27.0196 2508 SCardSvr - ok
16:33:27.0211 2508 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:33:27.0242 2508 scfilter - ok
16:33:27.0274 2508 Schedule (ec56b171f85c7e855e7b0588ac503eea) C:\Windows\system32\schedsvc.dll
16:33:27.0336 2508 Schedule - ok
16:33:27.0352 2508 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:33:27.0383 2508 SCPolicySvc - ok
16:33:27.0414 2508 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:33:27.0430 2508 SDRSVC - ok
16:33:27.0445 2508 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:33:27.0476 2508 secdrv - ok
16:33:27.0476 2508 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:33:27.0508 2508 seclogon - ok
16:33:27.0523 2508 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:33:27.0554 2508 SENS - ok
16:33:27.0570 2508 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:33:27.0570 2508 SensrSvc - ok
16:33:27.0601 2508 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:33:27.0617 2508 Serenum - ok
16:33:27.0632 2508 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:33:27.0632 2508 Serial - ok
16:33:27.0664 2508 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:33:27.0664 2508 sermouse - ok
16:33:27.0679 2508 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:33:27.0710 2508 SessionEnv - ok
16:33:27.0742 2508 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:33:27.0742 2508 sffdisk - ok
16:33:27.0773 2508 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:33:27.0773 2508 sffp_mmc - ok
16:33:27.0788 2508 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:33:27.0804 2508 sffp_sd - ok
16:33:27.0820 2508 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:33:27.0835 2508 sfloppy - ok
16:33:27.0882 2508 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:33:27.0913 2508 SharedAccess - ok
16:33:27.0929 2508 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:33:27.0944 2508 ShellHWDetection - ok
16:33:27.0991 2508 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:33:27.0991 2508 SiSRaid2 - ok
16:33:28.0007 2508 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:33:28.0022 2508 SiSRaid4 - ok
16:33:28.0054 2508 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:33:28.0069 2508 Smb - ok
16:33:28.0100 2508 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:33:28.0116 2508 SNMPTRAP - ok
16:33:28.0116 2508 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:33:28.0132 2508 spldr - ok
16:33:28.0163 2508 Spooler (89e8550c5862999fcf482ea562b0e98e) C:\Windows\System32\spoolsv.exe
16:33:28.0178 2508 Spooler - ok
16:33:28.0256 2508 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:33:28.0303 2508 sppsvc - ok
16:33:28.0334 2508 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:33:28.0366 2508 sppuinotify - ok
16:33:28.0428 2508 sprtsvc_verizondm - ok
16:33:28.0522 2508 SQLAgent$SQLEXPRESS (eb2fd937449b7aceb39372f875eb8e78) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:33:28.0537 2508 SQLAgent$SQLEXPRESS - ok
16:33:28.0600 2508 SQLBrowser (99de6acfa5ca83fad6a765c81c6f129f) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:33:28.0600 2508 SQLBrowser - ok
16:33:28.0678 2508 SQLWriter (6d65985945b03ca59b67d0b73702fc7b) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:33:28.0693 2508 SQLWriter - ok
16:33:28.0709 2508 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys
16:33:28.0756 2508 srv - ok
16:33:28.0771 2508 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
16:33:28.0802 2508 srv2 - ok
16:33:28.0818 2508 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys
16:33:28.0849 2508 srvnet - ok
16:33:28.0880 2508 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:33:28.0912 2508 SSDPSRV - ok
16:33:28.0912 2508 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:33:28.0943 2508 SstpSvc - ok
16:33:28.0974 2508 Steam Client Service - ok
16:33:28.0990 2508 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:33:29.0005 2508 stexstor - ok
16:33:29.0036 2508 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:33:29.0052 2508 stisvc - ok
16:33:29.0083 2508 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
16:33:29.0083 2508 storflt - ok
16:33:29.0114 2508 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
16:33:29.0130 2508 StorSvc - ok
16:33:29.0146 2508 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
16:33:29.0146 2508 storvsc - ok
16:33:29.0177 2508 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:33:29.0177 2508 swenum - ok
16:33:29.0317 2508 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:33:29.0333 2508 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
16:33:29.0333 2508 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
16:33:29.0364 2508 SWNC5E00 - ok
16:33:29.0395 2508 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:33:29.0426 2508 swprv - ok
16:33:29.0473 2508 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:33:29.0504 2508 SysMain - ok
16:33:29.0536 2508 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:33:29.0551 2508 TabletInputService - ok
16:33:29.0567 2508 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:33:29.0598 2508 TapiSrv - ok
16:33:29.0614 2508 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:33:29.0645 2508 TBS - ok
16:33:29.0692 2508 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys
16:33:29.0723 2508 Tcpip - ok
16:33:29.0785 2508 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys
16:33:29.0816 2508 TCPIP6 - ok
16:33:29.0832 2508 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:33:29.0863 2508 tcpipreg - ok
16:33:29.0879 2508 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:33:29.0910 2508 TDPIPE - ok
16:33:29.0941 2508 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:33:29.0957 2508 TDTCP - ok
16:33:29.0988 2508 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:33:30.0019 2508 tdx - ok
16:33:30.0019 2508 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:33:30.0035 2508 TermDD - ok
16:33:30.0066 2508 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:33:30.0097 2508 TermService - ok
16:33:30.0160 2508 tgsrvc_verizondm - ok
16:33:30.0175 2508 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:33:30.0191 2508 Themes - ok
16:33:30.0222 2508 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:33:30.0238 2508 THREADORDER - ok
16:33:30.0253 2508 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:33:30.0284 2508 TrkWks - ok
16:33:30.0316 2508 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:33:30.0316 2508 TrustedInstaller - ok
16:33:30.0347 2508 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:33:30.0362 2508 tssecsrv - ok
16:33:30.0394 2508 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:33:30.0440 2508 tunnel - ok
16:33:30.0456 2508 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:33:30.0456 2508 uagp35 - ok
16:33:30.0472 2508 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:33:30.0503 2508 udfs - ok
16:33:30.0518 2508 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:33:30.0534 2508 UI0Detect - ok
16:33:30.0550 2508 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:33:30.0565 2508 uliagpkx - ok
16:33:30.0565 2508 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:33:30.0581 2508 umbus - ok
16:33:30.0596 2508 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:33:30.0596 2508 UmPass - ok
16:33:30.0628 2508 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
16:33:30.0643 2508 UmRdpService - ok
16:33:30.0674 2508 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:33:30.0706 2508 upnphost - ok
16:33:30.0737 2508 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:33:30.0752 2508 USBAAPL64 - ok
16:33:30.0799 2508 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:33:30.0815 2508 usbaudio - ok
16:33:30.0830 2508 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
16:33:30.0846 2508 usbccgp - ok
16:33:30.0877 2508 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:33:30.0877 2508 usbcir - ok
16:33:30.0893 2508 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
16:33:30.0908 2508 usbehci - ok
16:33:30.0940 2508 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
16:33:30.0955 2508 usbhub - ok
16:33:30.0971 2508 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
16:33:30.0971 2508 usbohci - ok
16:33:30.0986 2508 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:33:31.0002 2508 usbprint - ok
16:33:31.0018 2508 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:33:31.0033 2508 USBSTOR - ok
16:33:31.0049 2508 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:33:31.0049 2508 usbuhci - ok
16:33:31.0111 2508 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
16:33:31.0127 2508 usbvideo - ok
16:33:31.0158 2508 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:33:31.0189 2508 UxSms - ok
16:33:31.0205 2508 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
16:33:31.0220 2508 VaultSvc - ok
16:33:31.0252 2508 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:33:31.0252 2508 vdrvroot - ok
16:33:31.0283 2508 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:33:31.0298 2508 vds - ok
16:33:31.0314 2508 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:33:31.0330 2508 vga - ok
16:33:31.0345 2508 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:33:31.0361 2508 VgaSave - ok
16:33:31.0392 2508 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:33:31.0392 2508 vhdmp - ok
16:33:31.0408 2508 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:33:31.0423 2508 viaide - ok
16:33:31.0454 2508 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
16:33:31.0470 2508 vmbus - ok
16:33:31.0486 2508 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
16:33:31.0486 2508 VMBusHID - ok
16:33:31.0501 2508 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:33:31.0517 2508 volmgr - ok
16:33:31.0532 2508 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:33:31.0532 2508 volmgrx - ok
16:33:31.0564 2508 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:33:31.0564 2508 volsnap - ok
16:33:31.0626 2508 vpnagent (e4d2305ebb9de0871a1e13294d0f349b) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
16:33:31.0642 2508 vpnagent - ok
16:33:31.0657 2508 vpnva (0e4df91e83da5739ffb18535d4db10aa) C:\Windows\system32\DRIVERS\vpnva64.sys
16:33:31.0657 2508 vpnva - ok
16:33:31.0704 2508 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:33:31.0720 2508 vsmraid - ok
16:33:31.0766 2508 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:33:31.0798 2508 VSS - ok
16:33:31.0829 2508 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:33:31.0829 2508 vwifibus - ok
16:33:31.0860 2508 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:33:31.0891 2508 W32Time - ok
16:33:31.0907 2508 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:33:31.0922 2508 WacomPen - ok
16:33:31.0954 2508 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:33:31.0969 2508 WANARP - ok
16:33:31.0969 2508 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:33:32.0000 2508 Wanarpv6 - ok
16:33:32.0063 2508 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:33:32.0094 2508 wbengine - ok
16:33:32.0125 2508 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:33:32.0141 2508 WbioSrvc - ok
16:33:32.0156 2508 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
16:33:32.0172 2508 wcncsvc - ok
16:33:32.0203 2508 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:33:32.0219 2508 WcsPlugInService - ok
16:33:32.0250 2508 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:33:32.0266 2508 Wd - ok
16:33:32.0297 2508 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:33:32.0312 2508 Wdf01000 - ok
16:33:32.0359 2508 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:33:32.0375 2508 WdiServiceHost - ok
16:33:32.0375 2508 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:33:32.0390 2508 WdiSystemHost - ok
16:33:32.0406 2508 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
16:33:32.0422 2508 WebClient - ok
16:33:32.0437 2508 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:33:32.0468 2508 Wecsvc - ok
16:33:32.0500 2508 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:33:32.0515 2508 wercplsupport - ok
16:33:32.0546 2508 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:33:32.0578 2508 WerSvc - ok
16:33:32.0593 2508 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:33:32.0609 2508 WfpLwf - ok
16:33:32.0624 2508 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:33:32.0640 2508 WIMMount - ok
16:33:32.0671 2508 WinDefend - ok
16:33:32.0687 2508 WinHttpAutoProxySvc - ok
16:33:32.0734 2508 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:33:32.0780 2508 Winmgmt - ok
16:33:32.0827 2508 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:33:32.0874 2508 WinRM - ok
16:33:32.0936 2508 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:33:32.0952 2508 WinUsb - ok
16:33:32.0999 2508 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:33:33.0014 2508 Wlansvc - ok
16:33:33.0139 2508 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:33:33.0170 2508 wlidsvc - ok
16:33:33.0202 2508 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:33:33.0217 2508 WmiAcpi - ok
16:33:33.0233 2508 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:33:33.0248 2508 wmiApSrv - ok
16:33:33.0264 2508 WMPNetworkSvc - ok
16:33:33.0280 2508 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:33:33.0295 2508 WPCSvc - ok
16:33:33.0311 2508 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:33:33.0326 2508 WPDBusEnum - ok
16:33:33.0342 2508 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:33:33.0358 2508 ws2ifsl - ok
16:33:33.0389 2508 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
16:33:33.0404 2508 wscsvc - ok
16:33:33.0436 2508 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
16:33:33.0451 2508 WSDPrintDevice - ok
16:33:33.0467 2508 WSearch - ok
16:33:33.0545 2508 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
16:33:33.0576 2508 wuauserv - ok
16:33:33.0592 2508 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:33:33.0623 2508 WudfPf - ok
16:33:33.0638 2508 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:33:33.0670 2508 WUDFRd - ok
16:33:33.0685 2508 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
16:33:33.0716 2508 wudfsvc - ok
16:33:33.0732 2508 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:33:33.0748 2508 WwanSvc - ok
16:33:33.0794 2508 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
16:33:33.0794 2508 xusb21 - ok
16:33:33.0810 2508 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:33:33.0857 2508 \Device\Harddisk0\DR0 - ok
16:33:33.0872 2508 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
16:33:33.0966 2508 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
16:33:33.0966 2508 \Device\Harddisk1\DR1 - detected TDSS File System (1)
16:33:33.0966 2508 Boot (0x1200) (c0dabd21efb7b34a86f3a560173d810a) \Device\Harddisk0\DR0\Partition0
16:33:33.0966 2508 \Device\Harddisk0\DR0\Partition0 - ok
16:33:33.0982 2508 Boot (0x1200) (b2a15a13923c019ca85488675415f8f3) \Device\Harddisk1\DR1\Partition0
16:33:33.0982 2508 \Device\Harddisk1\DR1\Partition0 - ok
16:33:34.0013 2508 Boot (0x1200) (75ca61066c3a2a018f1a06d6fd821e34) \Device\Harddisk1\DR1\Partition1
16:33:34.0013 2508 \Device\Harddisk1\DR1\Partition1 - ok
16:33:34.0013 2508 ============================================================
16:33:34.0013 2508 Scan finished
16:33:34.0013 2508 ============================================================
16:33:34.0013 0744 Detected object count: 5
16:33:34.0013 0744 Actual detected object count: 5
16:33:40.0736 0744 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:33:40.0736 0744 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
16:33:40.0752 0744 mi-raysat_3dsmax2011_64 ( UnsignedFile.Multi.Generic ) - skipped by user
16:33:40.0752 0744 mi-raysat_3dsmax2011_64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:33:40.0752 0744 NovacomD ( UnsignedFile.Multi.Generic ) - skipped by user
16:33:40.0752 0744 NovacomD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:33:40.0752 0744 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
16:33:40.0752 0744 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:33:40.0783 0744 \Device\Harddisk1\DR1\TDLFS\cfg.ini - copied to quarantine
16:33:40.0783 0744 \Device\Harddisk1\DR1\TDLFS\mbr - copied to quarantine
16:33:40.0799 0744 \Device\Harddisk1\DR1\TDLFS\ldr16 - copied to quarantine
16:33:40.0799 0744 \Device\Harddisk1\DR1\TDLFS\ldr32 - copied to quarantine
16:33:40.0799 0744 \Device\Harddisk1\DR1\TDLFS\ldr64 - copied to quarantine
16:33:40.0799 0744 \Device\Harddisk1\DR1\TDLFS\cmd.dll - copied to quarantine
16:33:40.0814 0744 \Device\Harddisk1\DR1\TDLFS\cmd64.dll - copied to quarantine
16:33:40.0814 0744 \Device\Harddisk1\DR1\TDLFS\bckfg.tmp - copied to quarantine
16:33:40.0814 0744 \Device\Harddisk1\DR1\TDLFS\lsflt7.ver - copied to quarantine
16:33:40.0814 0744 \Device\Harddisk1\DR1\TDLFS - deleted
16:33:40.0814 0744 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Delete
16:33:48.0365 3368 Deinitialize success


Combofix Log:

ComboFix 12-04-06.03 - Zack 04/06/2012 16:36:02.9.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.4094.2730 [GMT -4:00]
Running from: c:\users\Zack\Desktop\ComboFix.exe
Command switches used :: c:\users\Zack\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\SysWow64\dxdition.dll"
"c:\windows\SysWOW64\ykkcr.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome.manifest
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.js
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.xul
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\install.rdf
c:\users\Zack\AppData\Local\af0bcd22
c:\users\Zack\AppData\Local\af0bcd22\@
c:\windows\SysWow64\dxdition.dll
c:\windows\SysWOW64\ykkcr.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-03-06 to 2012-04-06 )))))))))))))))))))))))))))))))
.
.
2012-04-06 20:40 . 2012-04-06 20:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-06 20:40 . 2012-04-06 20:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-04 03:27 . 2012-04-06 20:33 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-04 03:20 . 2012-04-04 03:20 -------- d-----w- C:\_OTM
2012-04-03 21:25 . 2012-04-03 21:25 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-02 22:30 . 2012-04-02 22:30 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-04-02 22:27 . 2012-04-05 23:49 0 --sha-w- c:\windows\system32\dds_log_ad13.cmd
2012-03-30 17:59 . 2012-03-30 17:59 -------- d-----w- c:\users\Zack\AppData\Roaming\PDAppFlex
2012-03-30 17:59 . 2012-03-30 18:00 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-03-30 17:22 . 2012-03-30 17:27 -------- d-----w- c:\program files\Common Files\Adobe
2012-03-23 19:48 . 2012-03-23 19:49 -------- d-----w- c:\users\Zack\AppData\Roaming\Verizon
2012-03-23 19:48 . 2012-03-23 19:48 -------- d-----w- c:\programdata\Verizon
2012-03-23 19:35 . 2012-03-23 19:37 -------- d-----w- c:\users\Zack\AppData\Local\SupportSoft
2012-03-23 19:35 . 2012-03-23 19:35 -------- d-----w- c:\program files (x86)\VERIZONDM
2012-03-23 19:35 . 2012-03-23 19:35 -------- d-----w- c:\programdata\SupportSoft
2012-03-23 19:35 . 2012-03-23 19:35 -------- d-----w- c:\program files (x86)\Common Files\SupportSoft
2012-03-23 16:37 . 2012-03-23 16:37 -------- d-----w- c:\program files\Verizon
2012-03-23 16:33 . 2012-03-23 16:33 260 ----a-w- c:\windows\SysWow64\cmdVBS.vbs
2012-03-23 16:33 . 2012-03-23 16:33 256 ----a-w- c:\windows\SysWow64\MSIevent.bat
2012-03-23 16:33 . 2012-03-23 19:48 -------- d-----w- c:\program files (x86)\Verizon
2012-03-23 16:29 . 2012-03-23 16:33 -------- d-----w- c:\users\Zack\AppData\Roaming\TechWizard
2012-03-11 19:20 . 2012-03-11 19:20 -------- d-----w- c:\program files\iPod
2012-03-11 19:20 . 2012-03-11 19:20 -------- d-----w- c:\program files\iTunes
2012-03-11 19:20 . 2012-03-11 19:20 -------- d-----w- c:\program files (x86)\iTunes
2012-03-10 21:31 . 2012-03-10 21:31 -------- d-----w- c:\program files (x86)\Google
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-03 21:25 . 2011-05-18 21:09 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-28 06:10 . 2012-02-28 06:10 947472 ----a-w- c:\windows\SysWow64\msjava.dll
2012-02-15 15:01 . 2012-02-15 15:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 15:01 . 2012-02-15 15:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-07 22:23 . 2011-12-25 21:06 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-02-07 22:23 . 2011-12-25 21:06 34688 ----a-w- c:\windows\system32\LMIport.dll
2012-02-07 22:23 . 2011-12-25 21:06 80768 ----a-w- c:\windows\system32\LMIinit.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-04-06_16.23.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-07-23 22:36 . 2012-04-06 16:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-23 22:36 . 2012-04-06 16:26 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-23 22:36 . 2012-04-06 16:04 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-07-23 22:36 . 2012-04-06 16:26 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-07-23 22:36 . 2012-04-06 16:26 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-07-23 22:36 . 2012-04-06 16:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-23 22:36 . 2012-04-06 16:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-23 22:36 . 2012-04-06 16:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-23 22:36 . 2012-04-06 16:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-07-23 22:36 . 2012-04-06 16:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 02:34 . 2012-04-06 17:58 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2012-04-06 00:26 9437184 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"Akamai NetSession Interface"="c:\users\Zack\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-07 343168]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\Zack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Zack\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 253600]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-13 1436424]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 fsproflt;FSPro Filter Service;c:\windows\SysWOW64\fsproflt.exe [2010-01-06 142648]
S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-12-12 290832]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-02-07 375176]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacomd\amd64\novacomd.exe [2011-03-15 71168]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe [2011-12-01 206120]
S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe [2011-12-01 185640]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-10-09 493248]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 radpms;Driver for RADPMS Device;c:\windows\system32\DRIVERS\radpms.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 22295381
*NewlyCreated* - 66666521
*Deregistered* - 22295381
*Deregistered* - 66666521
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 21:25]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2511343510-2362421710-3736614235-1001Core.job
- c:\users\Zack\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-23 23:11]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2511343510-2362421710-3736614235-1001UA.job
- c:\users\Zack\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-23 23:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Zack\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SWNC5E00
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9FE176C4-A6CE-4CB1-971B-EE704D520D66}: NameServer = 8.8.8.8,8.8.4.4
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
FF - ProfilePath - c:\users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: [email protected] - %profile%\extensions\[email protected]
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2511343510-2362421710-3736614235-1001\Software\SecuROM\License information*]
"datasecu"=hex:39,68,37,d5,02,0b,c8,75,cc,ef,9a,ad,01,2b,34,d4,40,1f,1e,a7,5e,
08,ab,e8,8f,92,45,13,e7,4c,9c,4b,3c,dd,07,80,53,ce,63,b9,c6,0a,25,b7,38,09,\
"rkeysecu"=hex:c6,65,59,b9,d3,06,5a,42,d1,82,c7,9e,16,e5,47,64
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-04-06 16:42:32
ComboFix-quarantined-files.txt 2012-04-06 20:42
ComboFix2.txt 2012-04-06 16:28
ComboFix3.txt 2011-11-19 23:03
ComboFix4.txt 2011-11-15 22:40
ComboFix5.txt 2012-04-06 20:35
.
Pre-Run: 175,319,592,960 bytes free
Post-Run: 175,258,243,072 bytes free
.
- - End Of File - - E38E33E40598E46DF39C5557CF236E58


Thank you.
  • 0

Advertisements


#11
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)

  • Open OTL again and select the "Scan All Users" box.
  • Under Extra Registry check Use SafeList.
  • Click the Run Scan button. Attach the logs produced in your next reply.

Things I want to see in your next reply

  • OTL.txt
  • Extras.txt

  • 0

#12
klose

klose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I am attaching the files as well as pasting them here. Not sure which one you exactly wanted.

Here is the OTL log:

OTL logfile created on: 4/6/2012 6:35:09 PM - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Zack\Desktop
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 60.10% Memory free
8.00 Gb Paging File | 6.45 Gb Available in Paging File | 80.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 163.30 Gb Free Space | 35.07% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 122.82 Gb Free Space | 13.18% Space Free | Partition Type: NTFS
Drive J: | 7.46 Gb Total Space | 2.35 Gb Free Space | 31.56% Space Free | Partition Type: FAT32

Computer Name: BADLANDS | User Name: Zack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/04 01:27:52 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Zack\Desktop\OTL.exe
PRC - [2011/12/12 01:28:22 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/12/01 06:11:22 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2011/12/01 06:11:18 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2010/01/06 18:23:32 | 000,142,648 | ---- | M] (FSPro Labs) -- C:\Windows\SysWOW64\fsproflt.exe
PRC - [2009/10/09 09:07:22 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/06 23:28:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/03/15 16:35:18 | 000,071,168 | ---- | M] (Palm) [Auto | Running] -- C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe -- (NovacomD)
SRV:64bit: - [2010/10/12 23:54:08 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/10 01:38:18 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe -- (mi-raysat_3dsmax2011_64)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/07/29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2012/04/03 17:25:26 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/27 18:28:07 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012/02/07 18:23:43 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012/02/07 18:23:32 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/12/12 11:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/12/12 01:28:22 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/12/08 20:51:22 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/12/01 06:11:22 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2011/12/01 06:11:18 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2011/09/16 15:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/06 18:23:32 | 000,142,648 | ---- | M] (FSPro Labs) [Auto | Running] -- C:\Windows\SysWOW64\fsproflt.exe -- (fsproflt)
SRV - [2009/10/09 09:07:22 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2009/07/26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/07 18:23:33 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011/10/07 01:21:40 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/06 22:46:02 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/16 15:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011/09/16 15:10:24 | 000,014,944 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\radpms.sys -- (radpms)
DRV:64bit: - [2011/09/16 15:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011/06/06 18:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/05/06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/16 16:22:04 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/10/09 08:50:50 | 000,024,248 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 16:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/06/06 16:35:46 | 000,055,440 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd.sys -- (FSProFilter)
DRV:64bit: - [2008/05/20 18:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2011/09/16 15:10:50 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FC AE A1 16 7B B3 AC 47 86 EA E7 C0 A6 62 69 6D [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FC AE A1 16 7B B3 AC 47 86 EA E7 C0 A6 62 69 6D [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FC AE A1 16 7B B3 AC 47 86 EA E7 C0 A6 62 69 6D [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FC AE A1 16 7B B3 AC 47 86 EA E7 C0 A6 62 69 6D [binary data]

IE - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D8 5F 43 52 0E E6 CC 01 [binary data]
IE - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FC AE A1 16 7B B3 AC 47 86 EA E7 C0 A6 62 69 6D [binary data]
IE - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\..\SearchScopes\{8A622E3E-E722-4AF3-A088-1928DB90408A}: "URL" = http://www.google.co...age={startPage}
IE - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.18
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.724
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@onlive.com/OlGameDetect,version=1.1.0.70351: C:\Program Files (x86)\OnLive\FirefoxPlugin\npolgdet.dll (OnLive)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@rayv.com/rayvplugin: C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll (RayV)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Zack\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zack\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zack\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/02 20:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/15 17:19:35 | 000,000,000 | ---D | M]

[2010/07/23 19:29:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zack\AppData\Roaming\Mozilla\Extensions
[2012/04/03 20:35:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions
[2011/01/12 18:29:26 | 000,000,000 | ---D | M] (WebSlingPlayer) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
[2011/12/30 18:58:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/03/16 16:43:32 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2012/03/16 16:43:36 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/03/16 16:43:35 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\[email protected]
[2011/05/06 16:35:54 | 000,000,000 | ---D | M] ("Pencil") -- C:\Users\Zack\AppData\Roaming\Mozilla\Firefox\Profiles\6bjxzua0.default\extensions\[email protected]
[2012/04/06 16:40:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/30 18:57:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2010/05/12 16:42:04 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010/05/12 16:43:54 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010/05/12 16:42:52 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010/05/12 16:42:32 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2011/12/30 18:57:08 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/05/12 17:22:36 | 000,423,328 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2010/05/12 16:43:56 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Zack\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Zack\AppData\Local\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Zack\AppData\Local\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Zack\AppData\Local\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Zack\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Zack\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: OnLive Games Service Detector for Firefox (Enabled) = C:\Program Files (x86)\OnLive\FirefoxPlugin\npolgdet.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RayV Plugin (Enabled) = C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Zack\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Zack\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Zack\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Gmail = C:\Users\Zack\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/06 16:40:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001..\Run: [Akamai NetSession Interface] C:\Users\Zack\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - Startup: C:\Users\Zack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Zack\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2511343510-2362421710-3736614235-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FE176C4-A6CE-4CB1-971B-EE704D520D66}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FE176C4-A6CE-4CB1-971B-EE704D520D66}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/26 19:34:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/06 16:42:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/04/06 12:10:08 | 004,450,572 | R--- | C] (Swearware) -- C:\Users\Zack\Desktop\ComboFix.exe
[2012/04/06 12:10:04 | 002,073,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Zack\Desktop\tdsskiller.exe
[2012/04/04 20:02:53 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\New folder
[2012/04/04 17:58:56 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Zack\Desktop\aswMBR.exe
[2012/04/04 01:28:20 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Zack\Desktop\OTL.exe
[2012/04/03 23:27:05 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/04/03 23:26:01 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\tdsskiller
[2012/04/03 23:20:45 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/04/03 23:17:29 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Fix Computer
[2012/04/03 20:35:34 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\FiOS
[2012/04/03 20:28:25 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\VBAQSG
[2012/04/03 17:25:26 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/02 18:30:37 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012/03/30 13:59:58 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Roaming\PDAppFlex
[2012/03/30 13:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/03/30 13:47:17 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Rift
[2012/03/30 13:26:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/03/30 13:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/03/23 15:48:59 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Roaming\Verizon
[2012/03/23 15:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Media Manager
[2012/03/23 15:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Verizon
[2012/03/23 15:35:35 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Local\SupportSoft
[2012/03/23 15:35:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VERIZONDM
[2012/03/23 15:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2012/03/23 15:35:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SupportSoft
[2012/03/23 12:37:07 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2012/03/23 12:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2012/03/23 12:33:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon
[2012/03/23 12:29:41 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Roaming\TechWizard
[2012/03/23 09:57:27 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Router1
[2012/03/16 17:53:58 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Inspiration
[2012/03/16 17:37:24 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Sticky Lips
[2012/03/11 20:10:12 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\App Icon [Rounded]
[2012/03/11 15:49:19 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Sketches
[2012/03/11 15:49:06 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\Shops
[2012/03/11 15:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/11 15:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/03/11 15:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/03/11 15:20:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/03/10 17:33:02 | 000,000,000 | ---D | C] -- C:\Users\Zack\AppData\Roaming\Google
[2012/03/10 17:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/03/10 17:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
[2012/03/10 17:31:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/03/10 16:14:38 | 000,000,000 | ---D | C] -- C:\Users\Zack\Desktop\App Icons

========== Files - Modified Within 30 Days ==========

[2012/04/06 18:08:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/06 17:45:10 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2511343510-2362421710-3736614235-1001UA.job
[2012/04/06 16:40:56 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/06 12:32:26 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/06 12:32:26 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/06 12:22:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/06 12:22:50 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/06 12:09:26 | 002,073,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Zack\Desktop\tdsskiller.exe
[2012/04/06 12:08:58 | 004,450,572 | R--- | M] (Swearware) -- C:\Users\Zack\Desktop\ComboFix.exe
[2012/04/05 22:45:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2511343510-2362421710-3736614235-1001Core.job
[2012/04/05 19:49:34 | 000,000,000 | -HS- | M] () -- C:\Windows\SysNative\dds_log_ad13.cmd
[2012/04/04 18:16:06 | 000,000,512 | ---- | M] () -- C:\Users\Zack\Desktop\MBR.dat
[2012/04/04 17:58:16 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Zack\Desktop\aswMBR.exe
[2012/04/04 01:27:52 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Zack\Desktop\OTL.exe
[2012/04/03 23:18:41 | 000,888,518 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/03 23:18:41 | 000,737,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/03 23:18:41 | 000,150,480 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/03 23:16:50 | 002,052,880 | ---- | M] () -- C:\Users\Zack\Desktop\tdsskiller.zip
[2012/04/03 21:02:48 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/03 20:28:20 | 000,242,428 | ---- | M] () -- C:\Users\Zack\Desktop\VBAQSG.ZIP
[2012/04/03 17:25:26 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/03 17:25:26 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/01 23:05:15 | 442,232,930 | ---- | M] () -- C:\Users\Zack\Desktop\[uh] Saint Seiya Omega - 01 [B255D1EB].mkv
[2012/04/01 20:29:02 | 000,759,764 | ---- | M] () -- C:\Users\Zack\Desktop\6803.jpg
[2012/03/31 17:11:09 | 005,168,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/30 17:23:58 | 000,000,132 | ---- | M] () -- C:\Users\Zack\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/03/23 16:45:07 | 1842,465,194 | ---- | M] () -- C:\Users\Zack\Desktop\photoshopcs6_p1_win_032112.zip
[2012/03/23 16:07:56 | 000,000,106 | ---- | M] () -- C:\Windows\VaultMediaClient.INI
[2012/03/23 15:49:20 | 000,003,584 | ---- | M] () -- C:\Users\Zack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/23 12:33:39 | 000,000,260 | ---- | M] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2012/03/23 12:33:39 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\MSIevent.bat
[2012/03/20 21:12:12 | 000,257,612 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/03/18 22:26:32 | 000,043,417 | ---- | M] () -- C:\Users\Zack\Desktop\1.jpg
[2012/03/18 19:01:01 | 000,624,681 | ---- | M] () -- C:\Users\Zack\Desktop\MichaelBay.jpg
[2012/03/11 20:10:15 | 000,001,456 | ---- | M] () -- C:\Users\Zack\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/03/11 15:20:29 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

========== Files Created - No Company Name ==========

[2012/04/04 18:16:06 | 000,000,512 | ---- | C] () -- C:\Users\Zack\Desktop\MBR.dat
[2012/04/03 23:17:29 | 002,052,880 | ---- | C] () -- C:\Users\Zack\Desktop\tdsskiller.zip
[2012/04/03 21:02:48 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/03 20:28:20 | 000,242,428 | ---- | C] () -- C:\Users\Zack\Desktop\VBAQSG.ZIP
[2012/04/03 17:25:46 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/02 18:27:24 | 000,000,000 | -HS- | C] () -- C:\Windows\SysNative\dds_log_ad13.cmd
[2012/04/01 22:56:18 | 442,232,930 | ---- | C] () -- C:\Users\Zack\Desktop\[uh] Saint Seiya Omega - 01 [B255D1EB].mkv
[2012/04/01 20:29:01 | 000,759,764 | ---- | C] () -- C:\Users\Zack\Desktop\6803.jpg
[2012/03/30 17:23:58 | 000,000,132 | ---- | C] () -- C:\Users\Zack\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/03/30 13:27:35 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012/03/30 13:26:48 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012/03/30 13:25:06 | 000,001,317 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012/03/30 13:24:52 | 000,001,483 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012/03/23 16:32:16 | 1842,465,194 | ---- | C] () -- C:\Users\Zack\Desktop\photoshopcs6_p1_win_032112.zip
[2012/03/23 16:07:56 | 000,000,106 | ---- | C] () -- C:\Windows\VaultMediaClient.INI
[2012/03/23 15:49:20 | 000,003,584 | ---- | C] () -- C:\Users\Zack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/23 12:33:39 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\cmdVBS.vbs
[2012/03/23 12:33:39 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\MSIevent.bat
[2012/03/18 22:26:32 | 000,043,417 | ---- | C] () -- C:\Users\Zack\Desktop\1.jpg
[2012/03/18 19:01:00 | 000,624,681 | ---- | C] () -- C:\Users\Zack\Desktop\MichaelBay.jpg
[2012/03/11 15:20:29 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/10 00:07:51 | 000,001,456 | ---- | C] () -- C:\Users\Zack\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/11/19 14:17:20 | 000,000,000 | ---- | C] () -- C:\ProgramData\8C227oEtM.dat
[2011/11/09 19:14:05 | 000,000,116 | ---- | C] () -- C:\Windows\ftk.INI
[2011/11/06 18:37:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/06 18:37:24 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/06 18:37:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/06 18:37:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/06 18:37:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/09/23 22:15:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/09/14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/17 13:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/02 19:39:39 | 000,000,028 | ---- | C] () -- C:\Windows\UML.INI
[2010/12/20 23:00:30 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/11/04 16:14:37 | 000,000,600 | ---- | C] () -- C:\Users\Zack\AppData\Local\PUTTY.RND
[2010/10/14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/09/09 23:25:05 | 000,257,612 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/08/01 12:29:46 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/07/27 18:46:21 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/07/23 20:11:19 | 000,882,114 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/23 20:10:15 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/07/23 20:10:15 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/07/23 20:10:14 | 002,373,712 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/07/23 18:49:17 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/07/23 18:49:17 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/07/23 18:49:17 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/07/23 18:49:17 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/07/23 18:49:17 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/07/23 18:35:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== Files - Unicode (All) ==========
[2010/10/28 19:14:34 | 000,000,000 | ---D | M](C:\Users\Zack\Documents\?? ???) -- C:\Users\Zack\Documents\넥슨 플러그
[2010/10/28 19:14:34 | 000,000,000 | ---D | C](C:\Users\Zack\Documents\?? ???) -- C:\Users\Zack\Documents\넥슨 플러그

< End of report >



Here is there Extras Log:

OTL Extras logfile created on: 4/6/2012 6:35:09 PM - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Zack\Desktop
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 60.10% Memory free
8.00 Gb Paging File | 6.45 Gb Available in Paging File | 80.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 163.30 Gb Free Space | 35.07% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 122.82 Gb Free Space | 13.18% Space Free | Partition Type: NTFS
Drive J: | 7.46 Gb Total Space | 2.35 Gb Free Space | 31.56% Space Free | Partition Type: FAT32

Computer Name: BADLANDS | User Name: Zack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2511343510-2362421710-3736614235-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Zack\AppData\Roaming\n4f9.exe" = C:\Users\Zack\AppData\Roaming\n4f9.exe:*:Enabled:n4f9.exe
"C:\Windows\System32\config\systemprofile\AppData\Roaming\n4f9.exe" = C:\Windows\System32\config\systemprofile\AppData\Roaming\n4f9.exe:*:Enabled:n4f9.exe
"C:\Users\Zack\AppData\Roaming\lssas.exe" = C:\Users\Zack\AppData\Roaming\lssas.exe:*:Enabled:lssas.exe
"C:\Users\Zack\AppData\Roaming\manager.exe" = C:\Users\Zack\AppData\Roaming\manager.exe:*:Enabled:manager.exe
"C:\Users\Zack\AppData\Roaming\n4f9.exe" = C:\Users\Zack\AppData\Roaming\n4f9.exe:*:Enabled:n4f9.exe
"C:\Windows\System32\config\systemprofile\AppData\Roaming\n4f9.exe" = C:\Windows\System32\config\systemprofile\AppData\Roaming\n4f9.exe:*:Enabled:n4f9.exe
"C:\Users\Zack\AppData\Roaming\lssas.exe" = C:\Users\Zack\AppData\Roaming\lssas.exe:*:Enabled:lssas.exe
"C:\Users\Zack\AppData\Roaming\manager.exe" = C:\Users\Zack\AppData\Roaming\manager.exe:*:Enabled:manager.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{144B2F95-E2C6-4317-94E7-0B9B03F133B7}" = Autodesk Inventor 2010
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{36EAEAF0-CDC5-F32F-01D2-C7D01EF96472}" = AMD AVIVO64 Codecs
"{39BFB02A-9692-0409-A808-3F5C7B1F8953}" = Autodesk 3ds Max 2011 64-bit
"{4B55F339-396E-29A9-B6D0-24B6D251C90A}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5783F2D7-8028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2010
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7563F495-80F5-0409-A514-747C66C22449}" = Autodesk 3ds Max 2011 64-bit Components
"{7FA24ACE-BF20-5570-F94A-3AE540223771}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B305CEFC-93A1-EF99-BFEF-CF7985E88D03}" = ccc-utility64
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BA9A297F-0198-4EE8-90CB-F5036C180E1D}" = Novacomd
"{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}" = Microsoft SQL Server 2008 Native Client
"{D0D59644-6282-D7C8-0EE3-4DDD7245C84C}" = AMD Media Foundation Decoders
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DBF6B4E9-CD43-476A-895D-4D688D41CE63}" = Composite 2011 (64-bit)
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{EF90F06A-3B2D-48E3-8C7A-1F2210200476}" = Autodesk Inventor Content Center Libraries 2010 (Desktop Content)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F763AC14-3F26-4161-9567-11D5260AD4FE}" = Autodesk Inventor 2010 English Language Pack
"332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 64-bit" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 64-bit
"Autodesk Inventor 2010" = Autodesk Inventor Professional 2010
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DWG TrueView 2010" = DWG TrueView 2010
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"My Lockbox_is1" = My Lockbox 2.1
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FF08D2-C0CD-4B02-B9A6-E2E7E5762AA9}" = Vz In Home Agent
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0AEB967F-1D12-43C8-A59C-D93DA8EE4A4E}" = Duty Calls
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0F052922-4BCE-4763-A540-00857554336D}" = Redist
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C78514A-5E5A-E653-1271-DAC1744206E3}" = HydraVision
"{1D106581-6726-4D1B-ABEC-0CA02410F24F}" = Adobe Photoshop CS6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{22764EFF-300F-8F3D-564D-7A4C4662D120}" = CCC Help Polish
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{2894AAC3-9A08-FF3A-6737-41A6178D0A09}" = CCC Help Chinese Standard
"{2A6355EB-273D-4368-9DB6-FB99EBA9FABD}" = Cisco AnyConnect VPN Client
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3536AD21-940C-D198-DD10-078011A5C13B}" = CCC Help Thai
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{4343080E-448E-4E2C-B27F-B91000018201}" = Dead Rising 2
"{4343080E-448E-4E2C-B27F-B91000028201}" = Dead Rising 2
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}" = Google SketchUp 8
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{49D87A8F-D04F-7749-DD32-BDBF9B24B232}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{50ACF4F1-D38A-4DCE-8147-0F574CDEF45B}" = Citrix online plug-in (USB)
"{52A4E146-A102-4ED0-970F-6B1715EB3C86}" = Quake Live Mozilla Plugin
"{53527E6C-D448-944C-C927-5D04EA99AA9F}" = GameFly
"{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}" = IHA_MessageCenter
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5DBC79DA-87D2-376D-A65D-B14097C06C71}" = Google Talk Plugin
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{657201DD-30C8-4E50-88AD-164B3812E8F5}" = Framebuffer Crysis WARHEAD Benchmark Tool
"{660C748F-A503-B771-7BD6-2D7C5AA1DBB4}" = CCC Help Dutch
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E03FAB5-6253-58B8-B939-AA83F64C3278}" = CCC Help Swedish
"{6FCB9803-D5BE-4AD3-A864-EB90A30C0001}" = CHM2PDF Pilot 2.16.108 Trial
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78BC5838-099A-402E-8868-ED8AA3506F42}" = ProDiscover Basic 7.0
"{7A75AFE3-A0C3-951D-4804-54721360FF90}" = CCC Help Hungarian
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{4B94701D-F335-49DE-89DB-7BDDD7282C02}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{976475B8-63E9-4559-BE2C-D26086BE4C40}" = LogMeIn
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2DC81B-8114-37D9-A922-95E460A1FAFB}" = Microsoft Visual Basic 2008 Express Edition - ENU
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9F218882-4CF1-F411-111A-B9B68770C0CE}" = CCC Help Czech
"{A1EF8DA8-E0CB-C805-4ACA-B7C028CF36F2}" = CCC Help Italian
"{A9F27D99-8478-C124-8978-09595FA9D805}" = CCC Help Portuguese
"{AAB0D88E-85D7-22CC-6935-0D2247152700}" = CCC Help French
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B124E6D3-91B4-4E3C-AD03-BA959B223537}" = Citrix online plug-in (Web)
"{B1D46FFA-BCA1-4810-A8C1-D091E65D544B}" = League of Legends
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{BFE903DE-4845-4387-9C6C-98B21B8445A3}" = GMATPrep™
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C104E9E6-F21E-2762-FBF0-6FE820B2D739}" = CCC Help Korean
"{C5632631-95E3-4DAF-2EB1-487EBE04DE19}" = Catalyst Control Center
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C95E964C-FCF4-13DB-1445-4FA8062271F8}" = CCC Help Spanish
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D7A8C334-7974-54A4-6533-EB84D19D7133}" = CCC Help English
"{D899C197-F8C1-4773-9EC4-6C1FBADB9B29}" = Citrix online plug-in (HDX)
"{D89F00EB-7868-A817-D618-AA446C0D56B3}" = CCC Help Chinese Traditional
"{D8D4ED7E-954C-449D-B21D-6F97036DF0E9}" = Citrix online plug-in (DV)
"{D9AB20FE-5267-7A1A-2064-8F18969DF88D}" = CCC Help German
"{DA45F8EC-4226-EA6A-4DA9-F1148F801BDA}" = CCC Help Russian
"{DA7747E1-1F8D-BBC5-BE66-00B21BE5B81B}" = CCC Help Turkish
"{DADEC9BB-66FC-A3E4-8BC9-83E73BA1B5B2}" = CCC Help Greek
"{DD0FDF02-6AA4-8C7D-AAB0-4C8C7207C0C1}" = CCC Help Japanese
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DF38F332-2AC3-37FF-9FDC-8C4C80E531FB}" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"{E0D5CB1C-7D35-709E-7F58-6CF6FFC3D6B7}" = Catalyst Control Center Graphics Previews Common
"{E1D8B687-F098-4C43-B388-CFE3C621EE38}" = AccessData FTK Imager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB20F561-2AF5-0368-E353-AF093FBBADC2}" = CCC Help Norwegian
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECDE16E7-E3FC-F094-F14D-0326D03B9D96}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F38AF6F6-059C-C683-826F-00539526D86D}" = CCC Help Danish
"{F5DAFD10-6E61-49BF-B3C5-5AA9AF3A0863}" = Verizon Download Manager
"{F5DB451E-D0B7-477E-8DC5-704401139DAD}" = AccessData Forensic Toolkit 1.81.2
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FCD58710-F023-E26C-6373-79C72FED0B90}" = Catalyst Control Center Localization All
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"Bejeweled 2 Deluxe" = Bejeweled 2 Deluxe
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"CCleaner" = CCleaner
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Diablo III Beta" = Diablo III Beta
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.3.4.1
"Fraps" = Fraps (remove only)
"GameFly" = GameFly
"GOM Player" = GOM Player
"GomTVStreamer" = GOMTV Streamer
"ImgBurn" = ImgBurn
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.1.0 (Full)
"Launchy_21344213_is1" = Launchy 2.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2008 Express Edition - ENU" = Microsoft Visual Basic 2008 Express Edition - ENU
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"MSDN Library for Microsoft Visual Studio 2008 Express Editions" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"Notepad++" = Notepad++
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.VISIOR" = Microsoft Visio Professional 2010
"OnLive" = OnLive
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RayV" = DTVblizzcon
"SopCast" = SopCast 3.0.3
"Spotify" = Spotify
"StarCraft II" = StarCraft II
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 1500" = Darwinia
"Steam App 17330" = Crysis Warhead
"Steam App 200910" = Sequence
"Steam App 20820" = Shatter
"Steam App 20920" = The Witcher 2
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 26500" = Cogs
"Steam App 26800" = Braid
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 29180" = Osmos
"Steam App 40800" = Super Meat Boy
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 42910" = Magicka
"Steam App 49400" = Magic: The Gathering - Duels of the Planeswalkers
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"Steam App 63710" = BIT.TRIP RUNNER
"Steam App 70300" = VVVVVV
"Steam App 71270" = Football Manager 2012
"Steam App 71400" = Football Manager 2012 Editor
"Steam App 71410" = Football Manager 2012 Resource Archiver
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8190" = Just Cause 2
"Steam App 94200" = Jamestown
"Trillian" = Trillian
"Verizon Media Manager" = Verizon Media Manager
"Vindictus" = Vindictus
"VLC media player" = VLC media player 1.1.1
"WinHex" = WinHex

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2511343510-2362421710-3736614235-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Octoshape Streaming Services" = Octoshape Streaming Services
"Spotify" = Spotify

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/14/2012 9:58:53 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/14/2012 10:21:13 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/15/2012 8:13:09 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/15/2012 9:22:25 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/16/2012 12:15:05 AM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/16/2012 12:58:23 AM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/16/2012 8:15:46 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/17/2012 7:42:01 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/17/2012 9:43:51 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2/18/2012 9:02:05 PM | Computer Name = Badlands | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 4/6/2012 12:23:11 PM | Computer Name = Badlands | Source = Service Control Manager | ID = 7023
Description = The Websensecpmcommunicationagent service terminated with the following
error: %%126

Error - 4/6/2012 12:23:14 PM | Computer Name = Badlands | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126

Error - 4/6/2012 12:24:14 PM | Computer Name = Badlands | Source = DCOM | ID = 10016
Description =

Error - 4/6/2012 2:59:54 PM | Computer Name = Badlands | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 4/6/2012 4:34:54 PM | Computer Name = Badlands | Source = Service Control Manager | ID = 7031
Description = The Akamai NetSession Interface service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 1000
milliseconds: Restart the service.

Error - 4/6/2012 4:35:59 PM | Computer Name = Badlands | Source = Service Control Manager | ID = 7034
Description = The mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit
service terminated unexpectedly. It has done this 1 time(s).

Error - 4/6/2012 4:38:39 PM | Computer Name = Badlands | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 4/6/2012 4:40:35 PM | Computer Name = Badlands | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 4/6/2012 4:40:35 PM | Computer Name = Badlands | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 4/6/2012 4:40:58 PM | Computer Name = Badlands | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.


< End of report >


The .txt files are also attached to my post.

Attached Files


  • 0

#13
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
I'd like you to attach the logs as they contain Unicode characters and the forum's software doesn't deal with them well.


Step 1

Run the MSFixit here to reset the TCP/IP.


Step 2

  • Save this file to your desktop: Attached File  fix.txt   3.81KB   28 downloads
  • Run OTL.
  • Drag and drop fix.txt into the Custom Scans and Fixes box.
  • If you cannot drag and drop for some reason then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your desktop.
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
  • Post the log that appears upon reboot in your next reply.
  • If no log appears upon reboot, the OTL Fix log should be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
  • Open OTL again and check the "Scan All Users" box.
  • Click the Quick Scan button. Attach the log it produces in your next reply.

Things I want to see in your next reply

  • OTL Fix Log
  • OTL.txt

  • 0

#14
klose

klose

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
The logs are attached to this post.

Thank you.

Attached Files


  • 0

#15
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
How is your system running? Are you experiencing any problems?


Step 1

If you have the paid version of Malwarebytes 1.6 or later installed, please disable it for the duration of this run.

Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :OTL 
    [2011/11/19 14:04:14 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\a33ppnG4aQH6WKE
    [2011/11/19 14:04:20 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\EssWWJJ7dELgRqh
    [2011/11/19 14:04:05 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\RZZZqhhYCwkUrlB
    [2011/11/19 18:28:33 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\teeelIIBrzPNx
    [2011/11/19 14:04:12 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\vFFF4ppmG5sJ6
    [2011/11/19 14:04:06 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\VXXwwkUVelOBzPy
    [2011/11/19 14:04:20 | 000,000,000 | ---D | M] -- C:\Users\Zack\AppData\Roaming\yoonnF4aam5
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [emptytemp]
    [CREATERESTOREPOINT] 
    [Reboot]

  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
  • Post the log that appears upon reboot in your next reply.
  • If no log appears upon reboot, the OTL Fix log should be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
  • Open OTL again and select the "Scan All Users" box.
  • Click the Quick Scan button. Post the log it produces in your next reply.

Step 2

Posted Image
  • Run Malwarebytes' Anti-Malware.
  • Update Malwarebytes' Anti-Malware.
  • Once the program has updated, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (See Extra Note).
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Step 3

Please run a free online scan with the ESET Online Scanner.
Note: You will need to use Internet Explorer or Mozilla Firefox for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start.
  • When asked, allow the ActiveX control to install.
  • Click Start.
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked.
  • Click Scan. (This scan can take several hours, so please be patient).
  • Once the scan is completed, you may close the window.
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Things I want to see in your next reply

  • Answers to my questions
  • OTL Fix Log
  • OTL.txt
  • MBAM Log
  • log.txt

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP