carolinejoy
-
Posts
18 -
Joined
-
Last visited
carolinejoy's Achievements
Newbie (1/14)
0
Reputation
-
Actually, after running the combofix a few times, the computer seems to be working well. Thank you for all your help.
-
OTL OTL logfile created on: 9/25/2011 9:03:56 AM - Run 2 OTL by OldTimer - Version 3.2.28.0 Folder = c:\users\Wayne Wagner\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.93 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 46.85% Memory free 8.04 Gb Paging File | 5.68 Gb Available in Paging File | 70.69% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.51 Gb Total Space | 146.74 Gb Free Space | 51.40% Space Free | Partition Type: NTFS Drive D: | 12.58 Gb Total Space | 1.36 Gb Free Space | 10.79% Space Free | Partition Type: NTFS Computer Name: WAYNEWAGNER-PC | User Name: Wayne Wagner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - c:\Users\Wayne Wagner\Downloads\OTL.scr (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Program Files (x86)\ooVoo\ooVoo.exe (ooVoo LLC) PRC - C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.) PRC - C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.) PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe () PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe () PRC - C:\Program Files (x86)\SMINST\BLService.exe () ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6a38f370d4e68b65106d1065d0b77067\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\180849cb54aab0bc77a229c41f967c90\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\cbe5fbb2e20534d89c0588cc05418840\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9afe86eee3ddf79c5f6cf5d85873c464\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4117485024b0f652b9fbb66ff5025896\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\7ae4f4dbbfd301d5b5f3897b6ea433bf\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a6d889aa69fd51c100352f23c7cebd22\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5e58f10757c91da0ac05161ca8e11e8b\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\f2d2ebc3015150594787564a55d5abe9\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\f2d2ebc3015150594787564a55d5abe9\System.EnterpriseServices.Wrapper.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () MOD - C:\Windows\SysWOW64\msjetoledb40.dll () MOD - C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\ECLibrary.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (CrashPlanService) -- C:\Program Files\CrashPlan\CrashPlanService.exe (CrashPlan) SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe (Microsoft Corporation) SRV:64bit: - (WMZuneComm) -- c:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation) SRV:64bit: - (ZuneNetworkSvc) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\STacSV64.exe (IDT, Inc.) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe (Andrea Electronics Corporation) SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\Hpservice.exe (Hewlett-Packard Corporation) SRV:64bit: - (AgereModemAudio) -- C:\Windows\SysNative\agr64svc.exe (Agere Systems) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (atashost) -- C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (TVCapSvc) TV Background Capture Service (TVBCS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe () SRV - (TVSched) TV Task Scheduler (TVTS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe () SRV - (Recovery Service for Windows) -- C:\Program Files (x86)\SMINST\BLService.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.) DRV:64bit: - (IntcHdmiAddService) Intel® -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel® Corporation) DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.) DRV:64bit: - (enecir) -- C:\Windows\SysNative\DRIVERS\enecir.sys (ENE TECHNOLOGY INC.) DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation ) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation) DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys (Hewlett-Packard Corporation) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys (Agere Systems) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\DRIVERS\serscan.sys (Microsoft Corporation) DRV:64bit: - (NETw3v64) Intel® -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys (Intel Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation) DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell) DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: runtime@panda3d.org:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2 FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Wayne Wagner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Wayne Wagner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Wayne Wagner\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Wayne Wagner\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/03 14:48:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/08 21:08:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/20 18:07:00 | 000,000,000 | ---D | M] [2011/09/20 17:25:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/05/11 20:34:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/09/07 21:51:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/12/02 19:53:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/09/20 17:25:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} () (No name found) -- C:\USERS\WAYNE WAGNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0B9WG7O0.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}.XPI [2010/05/15 17:36:38 | 000,000,000 | ---D | M] (Panda3D Game Engine Plug-In) -- C:\USERS\WAYNE WAGNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0B9WG7O0.DEFAULT\EXTENSIONS\RUNTIME@PANDA3D.ORG [2011/09/24 14:00:27 | 000,000,000 | ---D | M] (ooVoo toolbar, powered by Ask.com) -- C:\USERS\WAYNE WAGNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0B9WG7O0.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM [2011/09/08 21:08:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/09/20 17:25:15 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011/05/23 06:39:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml O1 HOSTS File: ([2011/09/18 08:58:28 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files (x86)\SiteRanker\SiteRank.dll (Crawler, LLC) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3:64bit: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O4 - Startup: C:\Users\Wayne Wagner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 167.206.254.2 167.206.254.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{529F36CD-FA73-44CD-A7AF-1B5A972A52DA}: DhcpNameServer = 192.168.1.1 167.206.254.2 167.206.254.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2370A83-364F-4105-905A-275EB21DFC24}: DhcpNameServer = 167.206.254.1 167.206.254.2 O18:64bit: - Protocol\Handler\avgsecuritytoolbar - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -Explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Users\Wayne Wagner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Wayne Wagner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O29:64bit: - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/09/25 09:00:03 | 000,111,408 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\75578800.sys [2011/09/24 06:39:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2011/09/20 18:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2011/09/20 18:07:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011/09/20 17:29:45 | 000,000,000 | ---D | C] -- C:\_OTL [2011/09/20 17:29:45 | 000,000,000 | ---D | C] -- \_OTL [2011/09/20 17:27:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011/09/20 17:25:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/09/20 17:25:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/09/20 17:25:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/09/20 17:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011/09/20 17:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2011/09/20 17:14:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2011/09/20 07:32:58 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{55661649-9373-4CCC-9FB6-45B80CCFBED6} [2011/09/20 07:32:36 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{7B5CAF99-14CC-4AE3-B622-F4A24BEFA21F} [2011/09/19 17:21:36 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{98D8F728-32BA-4300-BD38-1F37316450FB} [2011/09/19 17:21:19 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{00DC15CA-088C-4579-9B8B-09F43F9C45D8} [2011/09/18 19:54:55 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{45DA4A91-C8CC-4A8B-9D79-E5D79DA2B02D} [2011/09/18 19:54:43 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{600488DC-60D6-473E-BBFD-20C1163BA36C} [2011/09/18 08:59:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/09/18 08:59:16 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN [2011/09/18 07:53:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{75C6A650-A699-4563-852C-4D73DAF7566B} [2011/09/18 07:53:37 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{FFB76197-13EB-4C8A-8684-9FDCE41F87F1} [2011/09/17 05:32:33 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{C17949C3-9255-4E27-B609-B1E87357FFA7} [2011/09/17 05:32:17 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{768BE449-5EE2-48D7-A20A-A2ED3C13B9F6} [2011/09/16 10:06:15 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{54F0C0D5-8BB2-4850-8956-0B127916522D} [2011/09/16 10:05:59 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{991CB3BD-4EE2-44C0-9474-DD88BD5F8C7D} [2011/09/15 21:25:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/09/15 21:25:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/09/15 21:25:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/09/15 21:25:06 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/09/15 21:25:06 | 000,000,000 | ---D | C] -- \Qoobox [2011/09/15 20:48:55 | 003,553,280 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll [2011/09/15 20:48:29 | 002,685,432 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS [2011/09/15 20:17:39 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{2B6AE6AD-0FB7-4689-831B-DBA92883F3BF} [2011/09/15 20:17:24 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{AD30860F-AEC0-4D79-B60F-E0636BF68D1E} [2011/09/15 08:06:08 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll [2011/09/15 07:45:14 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{9E1F420B-67E2-464B-9ECA-98785D86E76A} [2011/09/15 07:45:01 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{28DE3E36-DAEC-403C-8153-D321E577119A} [2011/09/13 08:20:10 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{142A6C4B-6501-420C-947F-A3E5C1C03F53} [2011/09/13 08:19:57 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{F3E738D9-40A9-49A7-98FB-583D8A7D7ED2} [2011/09/12 20:19:10 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{2C981927-0C38-4490-A4E3-86650EAFBC5E} [2011/09/12 20:18:51 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{AAA8F85B-E477-431B-A1F2-F4A9D83405FB} [2011/09/11 09:15:41 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{CD1A7517-DAF9-48F5-8537-8C13370287B3} [2011/09/11 09:15:00 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{5EE2974A-69FB-43A0-86DF-069FEB1D5323} [2011/09/10 15:37:25 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{956C72E8-230A-4196-8FA7-69B78A3D6092} [2011/09/10 15:37:11 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{B877ABA4-1842-48CC-897F-9AB80F4550AA} [2011/09/08 20:16:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{A8671E86-E5D5-469A-937D-5460EF1F5623} [2011/09/08 20:16:38 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8BAFDDC9-305E-462C-AE04-4A398DCD3B6E} [2011/09/08 08:09:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{0F4F544F-9D12-4D38-9BA5-83AE8B01E786} [2011/09/08 08:09:37 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{0D1F9A44-34DD-4460-811F-32FFD0134EDD} [2011/09/06 21:08:01 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{D77B1119-8CBE-4920-8A1B-D1F51C92C19B} [2011/09/06 21:07:41 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8B869901-0C93-400D-AD92-32FE2F8DE134} [2011/09/06 08:36:28 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{2A7D4682-FE9C-40BB-9F6B-4A706068A2DD} [2011/09/06 08:36:15 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{770FFAA8-E44B-47BF-8658-66661F169EAE} [2011/09/05 20:35:41 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{142E2FDA-26FC-4EE1-BAD4-AA81A427C23A} [2011/09/05 08:35:12 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8BCCB06A-8449-4708-A519-36271E982ED3} [2011/09/05 08:34:59 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{AEB649FD-A761-4303-A666-0982AF42C413} [2011/09/04 20:34:11 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{98695C13-74E9-4170-A372-F8B2C230C6B6} [2011/09/04 20:33:25 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{184E568F-8B63-4115-A327-1E2939C3D293} [2011/09/04 08:24:09 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8B807566-38C2-4BE2-9764-9516DB4557CA} [2011/09/04 08:23:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{4AAF2909-7970-4603-B35C-0010C186D09E} [2011/09/03 15:27:29 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{1FD261FB-6E73-419E-A610-D66E9972F1BC} [2011/09/03 15:27:13 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8FB29E94-13D2-4289-AE8B-007CA53A59B9} [2011/09/01 21:26:11 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{2DDE5E99-1AB3-43F9-8A75-CEEF1C7EA1A0} [2011/09/01 21:25:21 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{7F73F182-1126-42BF-9311-B4FE780EACE0} [2011/09/01 07:58:34 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{854D5223-67A6-4375-BC3D-EA83F989E2E8} [2011/09/01 07:58:19 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{3960B3E3-DD2A-47CC-B1A0-E911825B5504} [2011/08/31 18:40:03 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{656A631A-1CFC-40D1-874C-D14179ACD56C} [2011/08/31 18:39:48 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{BA0C3CF1-9D0C-4E06-800C-61984F3BA65D} [2011/08/30 20:00:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8CCC98B6-6FC4-485A-9CE6-4D35FE078F1C} [2011/08/30 20:00:39 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{47202C4A-4FD9-4D6B-BD3F-BECD82F93B74} [2011/08/30 07:59:56 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{339416B4-6C20-42E3-BB90-F41350FD8611} [2011/08/30 07:59:23 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{3AF33E5D-B8A0-4E6A-B4A6-8D911595232E} [2011/08/29 13:42:35 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{7BB87FE5-A806-4CA1-9342-B5177282517D} [2011/08/29 09:47:12 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{30592DDF-12D3-4BE0-B290-549EB5A2B78D} [2011/08/28 07:57:16 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{EDA08DB6-BEAB-430C-8813-AF3498A61905} [2011/08/28 07:57:00 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{304846A3-2493-47D9-AC06-BE44D6543804} [2011/08/27 13:34:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{3C602512-4630-482D-9A93-BAEB218782C5} [2011/08/27 13:34:34 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{26D4CBB2-7223-4836-9F8E-1B871CA591D9} [2011/08/26 22:12:44 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{F3C91668-E0A6-43D8-A6BE-E6592A14D62C} [2011/08/26 22:12:27 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{DA5022EA-E336-4A28-9E19-58927DA0C672} ========== Files - Modified Within 30 Days ========== [2011/09/25 09:03:04 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1463916579-3978265779-3180963287-1000UA.job [2011/09/25 09:00:03 | 000,111,408 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\75578800.sys [2011/09/25 08:44:41 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/09/25 08:44:41 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/09/25 08:44:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/09/25 08:44:23 | 4222,820,352 | -HS- | M] () -- C:\hiberfil.sys [2011/09/24 14:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1463916579-3978265779-3180963287-1000Core.job [2011/09/24 06:39:08 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk [2011/09/22 14:20:19 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI [2011/09/22 13:26:46 | 471,517,233 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011/09/20 17:25:14 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/09/20 17:25:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/09/20 17:25:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/09/20 17:25:13 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011/09/20 17:14:11 | 000,000,943 | ---- | M] () -- C:\Users\Wayne Wagner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2011/09/20 17:14:05 | 000,000,763 | ---- | M] () -- C:\Users\Wayne Wagner\Desktop\NTREGOPT.lnk [2011/09/20 17:14:05 | 000,000,744 | ---- | M] () -- C:\Users\Wayne Wagner\Desktop\ERUNT.lnk [2011/09/18 08:58:28 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/09/17 19:11:55 | 000,741,644 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/09/17 19:11:55 | 000,619,512 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/09/17 19:11:55 | 000,111,140 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/09/15 21:08:39 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWayne Wagner.job [2011/09/15 20:52:02 | 000,997,978 | ---- | M] () -- C:\Windows\SysNative\oem32.inf [2011/09/15 20:46:18 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll [2011/09/15 20:46:11 | 002,685,432 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS [2011/09/15 20:46:11 | 000,095,472 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll [2011/09/15 20:46:08 | 003,888,640 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll [2011/09/15 20:46:08 | 003,553,280 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll [2011/09/06 11:18:50 | 000,124,416 | ---- | M] () -- C:\Users\Wayne Wagner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/08/31 19:58:27 | 000,002,637 | ---- | M] () -- C:\Users\Wayne Wagner\Desktop\Microsoft Word 2010.lnk [2011/08/29 10:38:40 | 000,237,836 | ---- | M] () -- C:\Users\Wayne Wagner\Documents\david celis inital C4.pdf [2011/08/28 10:29:54 | 024,256,302 | ---- | M] () -- C:\Users\Wayne Wagner\angelica letter.bmp ========== Files Created - No Company Name ========== [2011/09/20 18:07:01 | 471,517,233 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011/09/20 17:14:11 | 000,000,943 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2011/09/20 17:14:05 | 000,000,763 | ---- | C] () -- C:\Users\Wayne Wagner\Desktop\NTREGOPT.lnk [2011/09/20 17:14:05 | 000,000,744 | ---- | C] () -- C:\Users\Wayne Wagner\Desktop\ERUNT.lnk [2011/09/15 21:25:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011/09/15 21:25:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011/09/15 21:25:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/09/15 21:25:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/09/15 21:25:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/09/15 20:52:37 | 000,997,978 | ---- | C] () -- C:\Windows\SysNative\oem32.inf [2011/09/15 20:49:20 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll [2011/09/15 20:25:56 | 000,000,362 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForWayne Wagner.job [2011/08/29 15:13:50 | 024,256,302 | ---- | C] () -- C:\Users\Wayne Wagner\angelica letter.bmp [2011/08/29 10:26:11 | 000,237,836 | ---- | C] () -- C:\Users\Wayne Wagner\Documents\david celis inital C4.pdf [2011/05/05 14:40:56 | 4222,820,352 | -HS- | C] () -- \hiberfil.sys [2010/11/28 17:00:15 | 000,000,552 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\d3d8caps.dat [2010/09/18 23:56:13 | 000,000,100 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\fusioncache.dat [2010/09/18 23:54:46 | 000,741,432 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/07/31 22:07:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/09 08:59:21 | 000,000,000 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\prvlcl.dat [2010/03/23 16:23:51 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010/03/23 16:21:30 | 000,000,233 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2010/03/23 16:21:30 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini [2010/03/23 15:37:11 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL [2010/03/23 15:37:11 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI [2010/03/23 15:37:10 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2010/03/23 15:37:10 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2010/03/23 15:37:08 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2010/03/23 15:28:05 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini [2010/03/18 08:43:44 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2010/03/18 08:43:01 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010/03/18 08:42:19 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2010/03/11 22:06:47 | 000,000,732 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\d3d9caps64.dat [2009/09/12 21:17:43 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat [2009/07/24 08:51:31 | 000,000,405 | ---- | C] () -- C:\Windows\Lexstat.ini [2009/06/28 09:27:01 | 000,006,080 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\d3d9caps.dat [2009/06/25 22:28:03 | 000,124,416 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/06/25 21:42:49 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2009/01/13 12:35:00 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2008/10/28 04:32:24 | 002,026,604 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2008/10/28 04:32:24 | 000,445,796 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2008/10/28 04:32:24 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin [2008/06/09 02:01:12 | 000,333,257 | RHS- | C] () -- \bootmgr [2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2006/12/02 03:37:14 | 000,904,704 | ---- | C] () -- \msdia80.dll [2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin < End of report >
-
TDS 09:00:02.0982 4544 TDSS rootkit removing tool 2.6.0.0 Sep 23 2011 07:42:37 09:00:03.0352 4544 ============================================================ 09:00:03.0353 4544 Current date / time: 2011/09/25 09:00:03.0352 09:00:03.0353 4544 SystemInfo: 09:00:03.0353 4544 09:00:03.0353 4544 OS Version: 6.0.6002 ServicePack: 2.0 09:00:03.0353 4544 Product type: Workstation 09:00:03.0353 4544 ComputerName: WAYNEWAGNER-PC 09:00:03.0353 4544 UserName: Wayne Wagner 09:00:03.0353 4544 Windows directory: C:\Windows 09:00:03.0353 4544 System windows directory: C:\Windows 09:00:03.0353 4544 Running under WOW64 09:00:03.0353 4544 Processor architecture: Intel x64 09:00:03.0353 4544 Number of processors: 2 09:00:03.0353 4544 Page size: 0x1000 09:00:03.0353 4544 Boot type: Normal boot 09:00:03.0353 4544 ============================================================ 09:00:07.0364 4544 Initialize success 09:00:28.0453 4360 ============================================================ 09:00:28.0453 4360 Scan started 09:00:28.0453 4360 Mode: Manual; 09:00:28.0453 4360 ============================================================ 09:00:32.0870 4360 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys 09:00:32.0871 4360 Accelerometer - ok 09:00:33.0268 4360 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 09:00:33.0280 4360 ACPI - ok 09:00:33.0560 4360 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys 09:00:33.0562 4360 adfs - ok 09:00:33.0728 4360 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys 09:00:33.0918 4360 adp94xx - ok 09:00:34.0053 4360 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys 09:00:34.0060 4360 adpahci - ok 09:00:34.0575 4360 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys 09:00:34.0579 4360 adpu160m - ok 09:00:35.0273 4360 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys 09:00:35.0278 4360 adpu320 - ok 09:00:35.0673 4360 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys 09:00:35.0774 4360 AFD - ok 09:00:36.0329 4360 AgereSoftModem (55fcdb10e31c22eb67454aaef42b6725) C:\Windows\system32\DRIVERS\agrsm64.sys 09:00:36.0557 4360 AgereSoftModem - ok 09:00:36.0811 4360 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys 09:00:36.0820 4360 agp440 - ok 09:00:37.0203 4360 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 09:00:37.0205 4360 aic78xx - ok 09:00:37.0616 4360 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys 09:00:37.0617 4360 aliide - ok 09:00:38.0061 4360 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys 09:00:38.0062 4360 amdide - ok 09:00:38.0358 4360 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys 09:00:38.0366 4360 AmdK8 - ok 09:00:38.0520 4360 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys 09:00:38.0528 4360 arc - ok 09:00:38.0699 4360 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys 09:00:38.0701 4360 arcsas - ok 09:00:38.0894 4360 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 09:00:38.0898 4360 AsyncMac - ok 09:00:38.0972 4360 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 09:00:38.0973 4360 atapi - ok 09:00:39.0379 4360 BCM43XX (eef98ddd0fc6a5da452eb8120d57ce44) C:\Windows\system32\DRIVERS\bcmwl664.sys 09:00:39.0403 4360 BCM43XX - ok 09:00:39.0413 4360 Beep - ok 09:00:39.0646 4360 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys 09:00:39.0648 4360 blbdrive - ok 09:00:39.0681 4360 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys 09:00:39.0684 4360 bowser - ok 09:00:39.0737 4360 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 09:00:39.0742 4360 BrFiltLo - ok 09:00:39.0759 4360 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 09:00:39.0761 4360 BrFiltUp - ok 09:00:39.0824 4360 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 09:00:39.0831 4360 Brserid - ok 09:00:39.0843 4360 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 09:00:39.0876 4360 BrSerWdm - ok 09:00:39.0945 4360 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 09:00:39.0947 4360 BrUsbMdm - ok 09:00:39.0981 4360 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 09:00:39.0983 4360 BrUsbSer - ok 09:00:40.0053 4360 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 09:00:40.0056 4360 BTHMODEM - ok 09:00:40.0064 4360 catchme - ok 09:00:40.0205 4360 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 09:00:40.0208 4360 cdfs - ok 09:00:40.0263 4360 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 09:00:40.0265 4360 cdrom - ok 09:00:40.0349 4360 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys 09:00:40.0357 4360 circlass - ok 09:00:40.0429 4360 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 09:00:40.0438 4360 CLFS - ok 09:00:40.0516 4360 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys 09:00:40.0528 4360 CmBatt - ok 09:00:40.0609 4360 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys 09:00:40.0610 4360 cmdide - ok 09:00:40.0644 4360 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys 09:00:40.0645 4360 Compbatt - ok 09:00:40.0685 4360 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys 09:00:40.0686 4360 crcdisk - ok 09:00:40.0842 4360 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys 09:00:40.0846 4360 DfsC - ok 09:00:41.0027 4360 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 09:00:41.0031 4360 disk - ok 09:00:41.0184 4360 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 09:00:41.0194 4360 drmkaud - ok 09:00:41.0478 4360 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 09:00:41.0487 4360 DXGKrnl - ok 09:00:41.0627 4360 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys 09:00:41.0631 4360 E1G60 - ok 09:00:42.0148 4360 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 09:00:42.0152 4360 Ecache - ok 09:00:42.0768 4360 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys 09:00:42.0885 4360 elxstor - ok 09:00:43.0328 4360 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys 09:00:43.0333 4360 enecir - ok 09:00:43.0695 4360 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys 09:00:43.0697 4360 ErrDev - ok 09:00:43.0970 4360 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 09:00:44.0081 4360 exfat - ok 09:00:44.0930 4360 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 09:00:44.0938 4360 fastfat - ok 09:00:45.0725 4360 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys 09:00:45.0826 4360 fdc - ok 09:00:45.0894 4360 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 09:00:45.0903 4360 FileInfo - ok 09:00:45.0915 4360 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 09:00:45.0917 4360 Filetrace - ok 09:00:45.0938 4360 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 09:00:45.0939 4360 flpydisk - ok 09:00:46.0286 4360 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 09:00:46.0514 4360 FltMgr - ok 09:00:47.0629 4360 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys 09:00:47.0638 4360 Fs_Rec - ok 09:00:47.0879 4360 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys 09:00:47.0887 4360 gagp30kx - ok 09:00:48.0075 4360 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys 09:00:48.0221 4360 HdAudAddService - ok 09:00:48.0843 4360 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 09:00:48.0987 4360 HDAudBus - ok 09:00:50.0004 4360 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 09:00:50.0006 4360 HidBth - ok 09:00:50.0225 4360 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys 09:00:50.0234 4360 HidIr - ok 09:00:50.0763 4360 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys 09:00:50.0766 4360 HidUsb - ok 09:00:51.0011 4360 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys 09:00:51.0013 4360 HpCISSs - ok 09:00:51.0265 4360 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys 09:00:51.0266 4360 hpdskflt - ok 09:00:51.0411 4360 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 09:00:51.0432 4360 HpqKbFiltr - ok 09:00:51.0615 4360 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 09:00:51.0637 4360 HTTP - ok 09:00:51.0761 4360 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys 09:00:51.0766 4360 i2omp - ok 09:00:51.0875 4360 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 09:00:51.0896 4360 i8042prt - ok 09:00:52.0004 4360 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys 09:00:52.0041 4360 iaStorV - ok 09:00:53.0115 4360 igfx (7b0a679638e9380c0d8d42c7d43f8169) C:\Windows\system32\DRIVERS\igdkmd64.sys 09:00:53.0389 4360 igfx - ok 09:00:53.0829 4360 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 09:00:53.0838 4360 iirsp - ok 09:00:54.0201 4360 IntcHdmiAddService (be1cb000c655396c9def09aee3ea2d67) C:\Windows\system32\drivers\IntcHdmi.sys 09:00:54.0209 4360 IntcHdmiAddService - ok 09:00:54.0857 4360 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys 09:00:54.0858 4360 intelide - ok 09:00:55.0001 4360 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 09:00:55.0003 4360 intelppm - ok 09:00:55.0410 4360 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:00:55.0414 4360 IpFilterDriver - ok 09:00:55.0851 4360 IpInIp - ok 09:00:56.0002 4360 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys 09:00:56.0006 4360 IPMIDRV - ok 09:00:56.0071 4360 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 09:00:56.0076 4360 IPNAT - ok 09:00:56.0699 4360 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 09:00:56.0705 4360 IRENUM - ok 09:00:57.0158 4360 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys 09:00:57.0159 4360 isapnp - ok 09:00:57.0502 4360 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 09:00:57.0504 4360 iScsiPrt - ok 09:00:58.0294 4360 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 09:00:58.0297 4360 iteatapi - ok 09:00:58.0475 4360 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 09:00:58.0476 4360 iteraid - ok 09:00:58.0582 4360 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 09:00:58.0583 4360 kbdclass - ok 09:00:58.0634 4360 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys 09:00:58.0636 4360 kbdhid - ok 09:00:58.0789 4360 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys 09:00:58.0937 4360 KSecDD - ok 09:00:59.0263 4360 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 09:00:59.0267 4360 ksthunk - ok 09:00:59.0341 4360 Lbd - ok 09:00:59.0488 4360 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 09:00:59.0490 4360 lltdio - ok 09:00:59.0670 4360 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys 09:00:59.0673 4360 LSI_FC - ok 09:00:59.0727 4360 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys 09:00:59.0732 4360 LSI_SAS - ok 09:00:59.0744 4360 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys 09:00:59.0748 4360 LSI_SCSI - ok 09:00:59.0785 4360 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 09:00:59.0789 4360 luafv - ok 09:00:59.0833 4360 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys 09:00:59.0837 4360 megasas - ok 09:00:59.0939 4360 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys 09:01:00.0058 4360 MegaSR - ok 09:01:00.0523 4360 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 09:01:00.0532 4360 Modem - ok 09:01:00.0846 4360 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 09:01:00.0847 4360 monitor - ok 09:01:00.0967 4360 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 09:01:00.0968 4360 mouclass - ok 09:01:01.0316 4360 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys 09:01:01.0320 4360 mouhid - ok 09:01:01.0481 4360 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 09:01:01.0484 4360 MountMgr - ok 09:01:01.0717 4360 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 09:01:01.0719 4360 MpFilter - ok 09:01:01.0817 4360 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys 09:01:01.0821 4360 mpio - ok 09:01:01.0860 4360 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 09:01:01.0861 4360 MpNWMon - ok 09:01:01.0893 4360 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 09:01:01.0896 4360 mpsdrv - ok 09:01:01.0932 4360 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 09:01:01.0934 4360 Mraid35x - ok 09:01:02.0052 4360 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 09:01:02.0056 4360 MRxDAV - ok 09:01:02.0498 4360 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys 09:01:02.0502 4360 mrxsmb - ok 09:01:02.0763 4360 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:01:02.0832 4360 mrxsmb10 - ok 09:01:02.0968 4360 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:01:02.0971 4360 mrxsmb20 - ok 09:01:03.0231 4360 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys 09:01:03.0233 4360 msahci - ok 09:01:03.0342 4360 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys 09:01:03.0435 4360 msdsm - ok 09:01:03.0701 4360 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 09:01:03.0703 4360 Msfs - ok 09:01:03.0827 4360 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 09:01:03.0828 4360 msisadrv - ok 09:01:03.0921 4360 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 09:01:03.0923 4360 MSKSSRV - ok 09:01:03.0994 4360 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 09:01:03.0998 4360 MSPCLOCK - ok 09:01:04.0222 4360 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 09:01:04.0227 4360 MSPQM - ok 09:01:04.0294 4360 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 09:01:04.0451 4360 MsRPC - ok 09:01:04.0571 4360 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 09:01:04.0572 4360 mssmbios - ok 09:01:04.0592 4360 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 09:01:04.0599 4360 MSTEE - ok 09:01:04.0639 4360 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 09:01:04.0641 4360 Mup - ok 09:01:04.0685 4360 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 09:01:04.0690 4360 NativeWifiP - ok 09:01:04.0759 4360 NAVENG - ok 09:01:04.0768 4360 NAVEX15 - ok 09:01:04.0941 4360 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 09:01:05.0252 4360 NDIS - ok 09:01:05.0516 4360 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 09:01:05.0523 4360 NdisTapi - ok 09:01:05.0823 4360 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 09:01:05.0826 4360 Ndisuio - ok 09:01:06.0371 4360 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 09:01:06.0380 4360 NdisWan - ok 09:01:06.0600 4360 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 09:01:06.0606 4360 NDProxy - ok 09:01:06.0674 4360 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 09:01:06.0677 4360 NetBIOS - ok 09:01:06.0765 4360 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 09:01:06.0771 4360 netbt - ok 09:01:07.0459 4360 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys 09:01:07.0582 4360 NETw3v64 - ok 09:01:08.0115 4360 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 09:01:08.0118 4360 nfrd960 - ok 09:01:08.0671 4360 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 09:01:08.0672 4360 NisDrv - ok 09:01:09.0983 4360 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 09:01:09.0987 4360 Npfs - ok 09:01:10.0360 4360 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 09:01:10.0368 4360 nsiproxy - ok 09:01:11.0033 4360 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 09:01:11.0636 4360 Ntfs - ok 09:01:12.0184 4360 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 09:01:12.0186 4360 Null - ok 09:01:12.0507 4360 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys 09:01:12.0511 4360 nvraid - ok 09:01:12.0716 4360 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys 09:01:12.0726 4360 nvstor - ok 09:01:13.0001 4360 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys 09:01:13.0013 4360 nv_agp - ok 09:01:13.0178 4360 NwlnkFlt - ok 09:01:13.0353 4360 NwlnkFwd - ok 09:01:13.0448 4360 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys 09:01:13.0452 4360 ohci1394 - ok 09:01:13.0579 4360 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys 09:01:13.0583 4360 Parport - ok 09:01:13.0653 4360 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys 09:01:13.0659 4360 partmgr - ok 09:01:14.0006 4360 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 09:01:14.0010 4360 pci - ok 09:01:14.0346 4360 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys 09:01:14.0347 4360 pciide - ok 09:01:14.0945 4360 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 09:01:15.0169 4360 pcmcia - ok 09:01:15.0455 4360 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 09:01:16.0138 4360 PEAUTH - ok 09:01:17.0435 4360 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 09:01:17.0441 4360 PptpMiniport - ok 09:01:18.0152 4360 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys 09:01:18.0159 4360 Processor - ok 09:01:18.0543 4360 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 09:01:18.0551 4360 PSched - ok 09:01:18.0864 4360 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys 09:01:18.0867 4360 PxHlpa64 - ok 09:01:19.0170 4360 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys 09:01:19.0241 4360 ql2300 - ok 09:01:19.0510 4360 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 09:01:19.0514 4360 ql40xx - ok 09:01:19.0543 4360 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 09:01:19.0545 4360 QWAVEdrv - ok 09:01:19.0567 4360 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 09:01:19.0574 4360 RasAcd - ok 09:01:19.0662 4360 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 09:01:19.0672 4360 Rasl2tp - ok 09:01:19.0905 4360 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 09:01:19.0916 4360 RasPppoe - ok 09:01:20.0320 4360 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 09:01:20.0440 4360 RasSstp - ok 09:01:20.0500 4360 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 09:01:20.0512 4360 rdbss - ok 09:01:20.0681 4360 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 09:01:20.0685 4360 RDPCDD - ok 09:01:20.0759 4360 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys 09:01:20.0859 4360 rdpdr - ok 09:01:20.0874 4360 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 09:01:20.0875 4360 RDPENCDD - ok 09:01:20.0991 4360 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys 09:01:21.0000 4360 RDPWD - ok 09:01:21.0565 4360 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 09:01:21.0571 4360 rspndr - ok 09:01:21.0849 4360 RTL8169 (8b91737da75add21cb1554b38089196a) C:\Windows\system32\DRIVERS\Rtlh64.sys 09:01:21.0855 4360 RTL8169 - ok 09:01:22.0135 4360 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS 09:01:22.0140 4360 RTSTOR - ok 09:01:22.0345 4360 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 09:01:22.0349 4360 sbp2port - ok 09:01:22.0400 4360 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys 09:01:22.0404 4360 sdbus - ok 09:01:22.0443 4360 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 09:01:22.0450 4360 secdrv - ok 09:01:22.0535 4360 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys 09:01:22.0538 4360 Serenum - ok 09:01:22.0662 4360 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys 09:01:22.0673 4360 Serial - ok 09:01:22.0686 4360 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 09:01:22.0688 4360 sermouse - ok 09:01:22.0725 4360 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys 09:01:22.0727 4360 sffdisk - ok 09:01:22.0745 4360 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys 09:01:22.0749 4360 sffp_mmc - ok 09:01:22.0765 4360 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys 09:01:22.0768 4360 sffp_sd - ok 09:01:22.0785 4360 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 09:01:22.0786 4360 sfloppy - ok 09:01:22.0879 4360 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys 09:01:22.0881 4360 SiSRaid2 - ok 09:01:22.0902 4360 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys 09:01:22.0905 4360 SiSRaid4 - ok 09:01:23.0020 4360 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 09:01:23.0026 4360 Smb - ok 09:01:23.0221 4360 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 09:01:23.0222 4360 spldr - ok 09:01:23.0238 4360 SRTSP - ok 09:01:23.0256 4360 SRTSPX - ok 09:01:23.0597 4360 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys 09:01:23.0756 4360 srv - ok 09:01:23.0884 4360 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys 09:01:23.0889 4360 srv2 - ok 09:01:24.0010 4360 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys 09:01:24.0014 4360 srvnet - ok 09:01:24.0581 4360 STHDA (0c2bf91cdc0575f5713a4d2d5118bc06) C:\Windows\system32\DRIVERS\stwrt64.sys 09:01:24.0702 4360 STHDA - ok 09:01:25.0077 4360 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys 09:01:25.0083 4360 StillCam - ok 09:01:25.0482 4360 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 09:01:25.0483 4360 swenum - ok 09:01:25.0707 4360 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 09:01:25.0796 4360 Symc8xx - ok 09:01:25.0843 4360 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 09:01:25.0848 4360 Sym_hi - ok 09:01:25.0861 4360 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 09:01:25.0863 4360 Sym_u3 - ok 09:01:26.0043 4360 SynTP (5bfcf934891022e15404befe0f5ece9f) C:\Windows\system32\DRIVERS\SynTP.sys 09:01:26.0046 4360 SynTP - ok 09:01:26.0467 4360 Tcpip (19a7321e3a5f1ddb215d2815dcc8f8e4) C:\Windows\system32\drivers\tcpip.sys 09:01:26.0728 4360 Tcpip - ok 09:01:27.0409 4360 Tcpip6 (19a7321e3a5f1ddb215d2815dcc8f8e4) C:\Windows\system32\DRIVERS\tcpip.sys 09:01:27.0422 4360 Tcpip6 - ok 09:01:27.0624 4360 tcpipreg (2aa1b7ebc271e995f3358c1fa7a1d35b) C:\Windows\system32\drivers\tcpipreg.sys 09:01:27.0630 4360 tcpipreg - ok 09:01:27.0801 4360 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 09:01:27.0803 4360 TDPIPE - ok 09:01:27.0835 4360 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 09:01:27.0838 4360 TDTCP - ok 09:01:27.0886 4360 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 09:01:27.0892 4360 tdx - ok 09:01:28.0180 4360 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 09:01:28.0181 4360 TermDD - ok 09:01:28.0540 4360 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 09:01:28.0544 4360 tssecsrv - ok 09:01:28.0573 4360 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 09:01:28.0586 4360 tunmp - ok 09:01:28.0755 4360 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 09:01:28.0759 4360 tunnel - ok 09:01:28.0857 4360 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys 09:01:28.0869 4360 uagp35 - ok 09:01:29.0267 4360 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 09:01:29.0296 4360 udfs - ok 09:01:29.0846 4360 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys 09:01:29.0849 4360 uliagpkx - ok 09:01:30.0240 4360 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys 09:01:30.0248 4360 uliahci - ok 09:01:30.0370 4360 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 09:01:30.0375 4360 UlSata - ok 09:01:30.0641 4360 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 09:01:30.0647 4360 ulsata2 - ok 09:01:30.0946 4360 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 09:01:31.0067 4360 umbus - ok 09:01:31.0392 4360 USBAAPL64 (9e58997a211c8c9ac9e6cffa53614a73) C:\Windows\system32\Drivers\usbaapl64.sys 09:01:31.0399 4360 USBAAPL64 - ok 09:01:31.0572 4360 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys 09:01:31.0577 4360 usbaudio - ok 09:01:31.0798 4360 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 09:01:31.0812 4360 usbccgp - ok 09:01:32.0066 4360 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 09:01:32.0070 4360 usbcir - ok 09:01:32.0199 4360 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 09:01:32.0204 4360 usbehci - ok 09:01:32.0358 4360 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 09:01:32.0465 4360 usbhub - ok 09:01:32.0681 4360 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys 09:01:32.0687 4360 usbohci - ok 09:01:32.0771 4360 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys 09:01:32.0783 4360 usbprint - ok 09:01:32.0968 4360 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys 09:01:33.0080 4360 usbscan - ok 09:01:33.0289 4360 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:01:33.0294 4360 USBSTOR - ok 09:01:33.0597 4360 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 09:01:33.0601 4360 usbuhci - ok 09:01:33.0973 4360 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys 09:01:33.0979 4360 usbvideo - ok 09:01:34.0486 4360 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys 09:01:34.0493 4360 vga - ok 09:01:34.0768 4360 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 09:01:34.0773 4360 VgaSave - ok 09:01:34.0856 4360 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys 09:01:34.0857 4360 viaide - ok 09:01:35.0042 4360 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 09:01:35.0051 4360 volmgr - ok 09:01:35.0900 4360 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 09:01:35.0923 4360 volmgrx - ok 09:01:36.0342 4360 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 09:01:36.0348 4360 volsnap - ok 09:01:36.0562 4360 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys 09:01:36.0576 4360 vsmraid - ok 09:01:36.0693 4360 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 09:01:36.0706 4360 WacomPen - ok 09:01:36.0853 4360 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 09:01:36.0865 4360 Wanarp - ok 09:01:36.0965 4360 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 09:01:36.0966 4360 Wanarpv6 - ok 09:01:37.0593 4360 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys 09:01:37.0594 4360 Wd - ok 09:01:37.0978 4360 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 09:01:38.0101 4360 Wdf01000 - ok 09:01:38.0749 4360 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys 09:01:38.0757 4360 WinUSB - ok 09:01:38.0953 4360 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys 09:01:38.0954 4360 WmiAcpi - ok 09:01:39.0282 4360 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 09:01:39.0290 4360 WpdUsb - ok 09:01:39.0524 4360 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 09:01:39.0530 4360 ws2ifsl - ok 09:01:39.0745 4360 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 09:01:39.0835 4360 WudfPf - ok 09:01:39.0858 4360 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 09:01:39.0864 4360 WUDFRd - ok 09:01:39.0937 4360 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys 09:01:40.0037 4360 yukonx64 - ok 09:01:40.0408 4360 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl 09:01:40.0410 4360 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok 09:01:40.0481 4360 MBR (0x1B8) (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0 09:01:40.0491 4360 \Device\Harddisk0\DR0 - ok 09:01:40.0618 4360 Boot (0x1200) (e68f655e11e37fbcf682881cca684263) \Device\Harddisk0\DR0\Partition0 09:01:40.0625 4360 \Device\Harddisk0\DR0\Partition0 - ok 09:01:40.0711 4360 Boot (0x1200) (8c2d370cadb49e090423dca14caa457d) \Device\Harddisk0\DR0\Partition1 09:01:40.0713 4360 \Device\Harddisk0\DR0\Partition1 - ok 09:01:40.0714 4360 ============================================================ 09:01:40.0714 4360 Scan finished 09:01:40.0714 4360 ============================================================ 09:01:40.0736 3456 Detected object count: 0 09:01:40.0736 3456 Actual detected object count: 0
-
OTL, AVas and ESET OTL: I cut and paste the OTL, I ran the fix. It hanged up again. The only difference was all the browsers closed automatically after I ran it. But it stayed on "not responding" for about 30 minutes. AVAS: I ran this without the update. Once I hit scan, I got the blue screen again with the physical memory dump. ESET: I ran this overnight. I was unable to save the log file, since my room mate who lives with me thought I forgot to turn computer off, so she turned it off. I ran for about 8 hours she said with no threats found. If it saved the log file somewhere please let me know where to find it. Thank you for all your help.
-
aswMBR.exe I downloaded and ran this program. It updated itself but when I hit scan, my computer showed me a blue screen. Something about: beginning physical dump. I tried this 2x also with the same result.
-
OTL I cut and paste this under custom scan/fix: :OTL IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: No CLSID value found. File not found O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll File not found O3:64bit: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present @Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:09B199F1 :Commands [EmptyTemp] I waited 1 hour and it states OTL (Not responding). It states at the bottom: Processing O3:64bit: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. I tried 2x with the same result. I waited 1 hour each time. I did steps 1-2. I will proceed with the next few steps.
-
Here it is. Thank you :) ComboFix 11-09-15.05 - Wayne Wagner 09/15/2011 21:35:03.2.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4026.2076 [GMT -4:00] Running from: c:\users\Wayne Wagner\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Wayne Wagner\14601180EN c:\users\Wayne Wagner\14601180EN\Autorun.bmp c:\users\Wayne Wagner\14601180EN\Autorun.exe c:\users\Wayne Wagner\14601180EN\Autorun.ico c:\users\Wayne Wagner\14601180EN\AUTORUN.INF c:\users\Wayne Wagner\14601180EN\Readme.txt c:\users\Wayne Wagner\14601180EN\Setup\1033.mst c:\users\Wayne Wagner\14601180EN\Setup\db_pcc.dat c:\users\Wayne Wagner\14601180EN\Setup\license.rtf c:\users\Wayne Wagner\14601180EN\Setup\Module\ASPAList.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\ASPBList.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\aucfg.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\BinDT00.PDP c:\users\Wayne Wagner\14601180EN\Setup\Module\BinDT01.PDP c:\users\Wayne Wagner\14601180EN\Setup\Module\BinDT02.PDP c:\users\Wayne Wagner\14601180EN\Setup\Module\BinDT03.PDP c:\users\Wayne Wagner\14601180EN\Setup\Module\BinDT04.PDP c:\users\Wayne Wagner\14601180EN\Setup\Module\BPM95.DLL c:\users\Wayne Wagner\14601180EN\Setup\Module\BPMNT.DLL c:\users\Wayne Wagner\14601180EN\Setup\Module\chksvr.bin c:\users\Wayne Wagner\14601180EN\Setup\Module\DCE64\DceLog64.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\DCE64\tmvainfo.xml c:\users\Wayne Wagner\14601180EN\Setup\Module\DCE64\TMVAmain.ptn c:\users\Wayne Wagner\14601180EN\Setup\Module\DCE64\tsc.ptn c:\users\Wayne Wagner\14601180EN\Setup\Module\DCE64\tsc64.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\DceLog32.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\Detect.gif c:\users\Wayne Wagner\14601180EN\Setup\Module\dh1024.pem c:\users\Wayne Wagner\14601180EN\Setup\Module\DLPccUtl.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\DnsAlt.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\DZIP32.DLL c:\users\Wayne Wagner\14601180EN\Setup\Module\Filter32.VXD c:\users\Wayne Wagner\14601180EN\Setup\Module\GENKEY32.DLL c:\users\Wayne Wagner\14601180EN\Setup\Module\Help\tmhelp.chm c:\users\Wayne Wagner\14601180EN\Setup\Module\Help\tmmain.chm c:\users\Wayne Wagner\14601180EN\Setup\Module\hhupd.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\HosFList.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\hostexp.hsx c:\users\Wayne Wagner\14601180EN\Setup\Module\HostFAlt.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\HostFErr.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\Http.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\HttpHosf.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\HttpPDP.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\HttpUErr.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\icudt18l.DLL c:\users\Wayne Wagner\14601180EN\Setup\Module\icuin18.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\icuuc18.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\ImPDP.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\L10N\extra.avi c:\users\Wayne Wagner\14601180EN\Setup\Module\L10N\FrameH.bmp c:\users\Wayne Wagner\14601180EN\Setup\Module\L10N\FrameR.bmp c:\users\Wayne Wagner\14601180EN\Setup\Module\L10N\FrameV.bmp c:\users\Wayne Wagner\14601180EN\Setup\Module\L10N\PphRes.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\L10N\tlphish.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\L10NCfwI.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\L10NPcc.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\L10NTmpx.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\libexpat.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\license.rtf c:\users\Wayne Wagner\14601180EN\Setup\Module\LOADHTTP.DLL c:\users\Wayne Wagner\14601180EN\Setup\Module\MEMBOOT.DLL c:\users\Wayne Wagner\14601180EN\Setup\Module\NVAlert.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\OPID.bin c:\users\Wayne Wagner\14601180EN\Setup\Module\Patch.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PATCHW32.DLL c:\users\Wayne Wagner\14601180EN\Setup\Module\PccAltUI.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\pccapl.xen c:\users\Wayne Wagner\14601180EN\Setup\Module\PCCBrows.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PccCmd64.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\pccdesc.xen c:\users\Wayne Wagner\14601180EN\Setup\Module\PccEula.bmp c:\users\Wayne Wagner\14601180EN\Setup\Module\PccEula.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\pccguide.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PccIeBar.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\pccillin.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\PCCIOMON.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\pcclient.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PCClient.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PccLog.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\pccmain.bmp c:\users\Wayne Wagner\14601180EN\Setup\Module\pccmain.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PcCmdCom.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PccMsi.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\pccntsec.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PccPrf.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\pccprof.xen c:\users\Wayne Wagner\14601180EN\Setup\Module\PccRBMsg.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\pccrule.xen c:\users\Wayne Wagner\14601180EN\Setup\Module\PccScan.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PcCtlCom.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PcCtlPS.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PcCtlSpy.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PcCtlVA.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PCCTool.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PCCTool.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\PccTool.msi c:\users\Wayne Wagner\14601180EN\Setup\Module\PCCTSWin.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\pccupd.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PccUpdSN.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PccUpdUI.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PccVaUI.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PCCVScan.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PccWscAS.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PccWscAV.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PccWscFW.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PcDce.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PcSSE.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PcSSE64.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PCSSEItf.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\PDPAlt.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\PDPCfg.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PEW952.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PEWNT2.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0001.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0002.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0003.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0004.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0005.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0006.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0007.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0008.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0009.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl000A.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl000B.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl000C.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl000D.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl000E.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl000F.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0010.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0011.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0012.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0013.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0014.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0015.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0016.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0017.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0018.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRl0019.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\PFW\TmRulMas.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\Pop3.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\PphEng.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\Profile\GUID.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\Profile\Prf00000.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\Profile\Prf00000.rul c:\users\Wayne Wagner\14601180EN\Setup\Module\Profile\Prf00001.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\Profile\Prf00001.rul c:\users\Wayne Wagner\14601180EN\Setup\Module\Profile\Prf00002.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\Profile\Prf00002.rul c:\users\Wayne Wagner\14601180EN\Setup\Module\Profile\Prf00003.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\Profile\Prf00003.rul c:\users\Wayne Wagner\14601180EN\Setup\Module\psapi.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\Public.pem c:\users\Wayne Wagner\14601180EN\Setup\Module\Readme.txt c:\users\Wayne Wagner\14601180EN\Setup\Module\Realtime.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\Region.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\remove.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\Rescue\DOS4GW.EXE c:\users\Wayne Wagner\14601180EN\Setup\Module\Rescue\PCSCAN.DAT c:\users\Wayne Wagner\14601180EN\Setup\Module\Rescue\pcscan.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\Rescue\Readme.txt c:\users\Wayne Wagner\14601180EN\Setup\Module\Rescue\Rescue.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\Rescue\Rescue.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\Smtp.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\SmtpPDP.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\splash.bmp c:\users\Wayne Wagner\14601180EN\Setup\Module\SpyDlist.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\SpyElist.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\Spyware.htm c:\users\Wayne Wagner\14601180EN\Setup\Module\ssapi32.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\SSAPI64.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\system.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\TASK\PCC75.TSK c:\users\Wayne Wagner\14601180EN\Setup\Module\TASK\PCC76.TSK c:\users\Wayne Wagner\14601180EN\Setup\Module\TASK\PCC77.TSK c:\users\Wayne Wagner\14601180EN\Setup\Module\TASK\PCC78.TSK c:\users\Wayne Wagner\14601180EN\Setup\Module\TASK\PCC79.TSK c:\users\Wayne Wagner\14601180EN\Setup\Module\TASK\PCC7A.TSK c:\users\Wayne Wagner\14601180EN\Setup\Module\TASK\PCC7B.TSK c:\users\Wayne Wagner\14601180EN\Setup\Module\TASK\PCC7C.TSK c:\users\Wayne Wagner\14601180EN\Setup\Module\tm_cfw.vxd c:\users\Wayne Wagner\14601180EN\Setup\Module\TMAS_Det.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\TMAS_Hlp.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmAsEng.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmcfScan.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmCfwApi.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmdbg.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\Tmdbg64.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmdp.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmdp.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\Tmdshell.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TMEVENT.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmHash.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmMsg.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmNewML.txt c:\users\Wayne Wagner\14601180EN\Setup\Module\TMNotify.dat c:\users\Wayne Wagner\14601180EN\Setup\Module\TMNotify.set c:\users\Wayne Wagner\14601180EN\Setup\Module\Tmntsrv.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\TMOACfg.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TMOAgent.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\TmpeASpm.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmpeHosF.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmpePDP.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmpeUrlF.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmpeVS.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmPfw.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\TmPfw.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\TmPfwApi.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmPfwHlp.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmPfwLog.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmPfwRul.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmphAim.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmphHttp.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmphIcq.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmphMsn.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmphPop3.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmphSMTP.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmpp.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmpp.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\Tmpp01.enc c:\users\Wayne Wagner\14601180EN\Setup\Module\Tmpp01p.enc c:\users\Wayne Wagner\14601180EN\Setup\Module\Tmpp02.enc c:\users\Wayne Wagner\14601180EN\Setup\Module\Tmpp02p.enc c:\users\Wayne Wagner\14601180EN\Setup\Module\TmppRoot.pem c:\users\Wayne Wagner\14601180EN\Setup\Module\TmProxy.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmproxy.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\TmProxy.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\TmpxCfg.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmpxHelp.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmsmHttp.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmsmIm.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmsmMail.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmtdi.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\tmtdi.vxd c:\users\Wayne Wagner\14601180EN\Setup\Module\tmufeng.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmUins14.ini c:\users\Wayne Wagner\14601180EN\Setup\Module\TmUpdate.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmUtyPPI.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TMVA64.ptn c:\users\Wayne Wagner\14601180EN\Setup\Module\tmvainfo.xml c:\users\Wayne Wagner\14601180EN\Setup\Module\TMVAmain.ptn c:\users\Wayne Wagner\14601180EN\Setup\Module\TmvDlg.dll c:\users\Wayne Wagner\14601180EN\Setup\Module\TmWarn.txt c:\users\Wayne Wagner\14601180EN\Setup\Module\TRIALMSG.bmp c:\users\Wayne Wagner\14601180EN\Setup\Module\TRIALMSG.exe c:\users\Wayne Wagner\14601180EN\Setup\Module\TrialMsg.ini c:\users\Wayne Wagner\14601180EN\Tools\ncfg.exe c:\users\Wayne Wagner\14601180EN\Tools\PCCTool.exe c:\users\Wayne Wagner\14601180EN\Tools\PCCTool.ini c:\users\Wayne Wagner\14601180EN\Tools\PccTool.msi c:\users\Wayne Wagner\14601180EN\Tools\TmUins07.ini c:\users\Wayne Wagner\14601180EN\Tools\TmUins08.ini c:\users\Wayne Wagner\14601180EN\Tools\TmUins09.ini c:\users\Wayne Wagner\14601180EN\Tools\TmUins10.ini c:\users\Wayne Wagner\14601180EN\Tools\TmUins11.ini c:\users\Wayne Wagner\14601180EN\Tools\TmUins12.ini c:\users\Wayne Wagner\14601180EN\Tools\TmUins14.ini c:\users\Wayne Wagner\AppData\Local\ApplicationHistory c:\users\Wayne Wagner\AppData\Local\ApplicationHistory\ngen.exe.2c05686e.ini c:\users\Wayne Wagner\AppData\Local\ApplicationHistory\onplay.exe.9adb2018.ini c:\users\Wayne Wagner\AppData\Local\ApplicationHistory\TurbineInvoker.exe.f5c5ef67.ini c:\users\Wayne Wagner\AppData\Local\ApplicationHistory\TurbineLauncher.exe.247941db.ini c:\windows\SysWow64\comct332.ocx . . ((((((((((((((((((((((((( Files Created from 2011-08-16 to 2011-09-16 ))))))))))))))))))))))))))))))) . . 2011-09-16 01:54 . 2011-09-16 01:54 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-09-16 01:54 . 2011-09-16 01:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-16 00:49 . 2011-09-16 00:46 6656 ----a-w- c:\windows\system32\bcmwlrc.dll 2011-09-16 00:49 . 2011-09-16 00:49 -------- d-----w- c:\users\Wayne Wagner\AppData\Roaming\LaunchPad 2011-09-16 00:48 . 2011-09-16 00:46 3553280 ----a-w- c:\windows\system32\bcmihvui64.dll 2011-09-16 00:48 . 2011-09-16 00:46 2685432 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS 2011-09-16 00:43 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-09-16 00:42 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E5098AB6-9A9F-4B32-BD07-13C08F96197E}\mpengine.dll 2011-09-15 12:06 . 2009-08-20 03:50 24416 ----a-r- c:\windows\system32\AdobePDFUI.dll 2011-09-08 12:20 . 2010-11-30 15:43 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2427B391-6704-462D-A858-F05A02ACD766}\gapaengine.dll 2011-08-25 13:09 . 2011-07-11 13:45 2048 ----a-w- c:\windows\system32\tzres.dll 2011-08-25 13:09 . 2011-07-11 13:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-16 00:46 . 2009-05-24 10:36 95472 ----a-w- c:\windows\system32\bcmwlcoi.dll 2011-09-16 00:46 . 2009-05-24 10:36 3888640 ----a-w- c:\windows\system32\bcmihvsrv64.dll 2011-08-17 13:32 . 2011-05-13 10:00 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-08-05 10:02 . 2011-08-05 10:02 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-13 04:53 . 2011-07-28 16:57 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll 2011-07-06 23:52 . 2011-01-25 21:57 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-06 23:52 . 2011-01-25 21:57 25912 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-06 15:49 . 2011-08-17 01:54 275456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-06-20 08:45 . 2011-08-17 01:53 4699536 ----a-w- c:\windows\system32\ntoskrnl.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}] 2009-08-10 10:39 311808 ----a-w- c:\progra~2\SITERA~1\SiteRank.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPAdvisor"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-11-18 966656] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240] "WLSync"="c:\program files (x86)\Windows Live\Mesh\WLSync.exe" [2011-05-13 1449312] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2010-12-6 217088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Norton Internet Security;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [x] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] R3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw3v64.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2010-09-24 306416] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768] R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/05/24 04:04];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-29 01:04 146928] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe [x] S2 atashost;WebEx Service Host for Support Center;c:\windows\SysWOW64\atashost.exe [2009-07-26 20376] S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2010-12-07 222720] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x] S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files (x86)\SMINST\BLService.exe [2008-12-18 365952] S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-02-09 296320] S2 TVSched;TV Task Scheduler (TVTS);c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-02-09 116096] S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 17:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2011-08-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463916579-3978265779-3180963287-1000Core.job - c:\users\Wayne Wagner\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-12 00:09] . 2011-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463916579-3978265779-3180963287-1000UA.job - c:\users\Wayne Wagner\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-12 00:09] . 2011-09-16 c:\windows\Tasks\HPCeeScheduleForWayne Wagner.job - c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-01-13 03:02] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-11 153624] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-11 225816] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-11 200216] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1560872] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-09-24 163568] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb mLocal Page = c:\windows\SysWOW64\blank.htm IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 167.206.254.2 167.206.254.1 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\Wayne Wagner\AppData\Roaming\Mozilla\Firefox\Profiles\0b9wg7o0.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ . - - - - ORPHANS REMOVED - - - - . SafeBoot-WudfPf SafeBoot-WudfRd HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files (x86)\CyberLink\Shared files\RichVideo.exe c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files (x86)\Windows Live\Mesh\MOE.exe c:\program files (x86)\Windows Live\Contacts\wlcomm.exe c:\program files (x86)\Internet Explorer\iexplore.exe c:\program files (x86)\Internet Explorer\iexplore.exe c:\windows\SysWow64\Macromed\Flash\FlashUtil10c.exe . ************************************************************************** . Completion time: 2011-09-15 22:09:32 - machine was rebooted ComboFix-quarantined-files.txt 2011-09-16 02:09 . Pre-Run: 116,770,082,816 bytes free Post-Run: 119,469,006,848 bytes free . - - End Of File - - F6E278D09D6927B92AFECAF9A4CDA7E7
-
Combofix 6 . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}] 2009-08-10 10:39 311808 ----a-w- c:\progra~2\SITERA~1\SiteRank.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPAdvisor"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-11-18 966656] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240] "WLSync"="c:\program files (x86)\Windows Live\Mesh\WLSync.exe" [2011-05-13 1449312] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2010-12-6 217088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Norton Internet Security;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [x] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] R3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw3v64.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2010-09-24 306416] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768] R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/05/24 04:04];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-29 01:04 146928] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe [x] S2 atashost;WebEx Service Host for Support Center;c:\windows\SysWOW64\atashost.exe [2009-07-26 20376] S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2010-12-07 222720] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x] S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files (x86)\SMINST\BLService.exe [2008-12-18 365952] S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-02-09 296320] S2 TVSched;TV Task Scheduler (TVTS);c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-02-09 116096] S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 17:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2011-09-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463916579-3978265779-3180963287-1000Core.job - c:\users\Wayne Wagner\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-12 00:09] . 2011-09-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463916579-3978265779-3180963287-1000UA.job - c:\users\Wayne Wagner\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-12 00:09] . 2011-09-16 c:\windows\Tasks\HPCeeScheduleForWayne Wagner.job - c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-01-13 03:02] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-11 153624] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-11 225816] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-11 200216] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1560872] "SmartMenu"="c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [bU] "SysTrayApp"="c:\program files (x86)\IDT\WDM\sttray64.exe" [bU] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-09-24 163568] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb mLocal Page = c:\windows\SysWOW64\blank.htm IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 167.206.254.2 167.206.254.1 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\Wayne Wagner\AppData\Roaming\Mozilla\Firefox\Profiles\0b9wg7o0.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ . . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files (x86)\CyberLink\Shared files\RichVideo.exe c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files (x86)\Windows Live\Mesh\MOE.exe c:\program files (x86)\Windows Live\Contacts\wlcomm.exe . ************************************************************************** . Completion time: 2011-09-18 09:07:44 - machine was rebooted ComboFix-quarantined-files.txt 2011-09-18 13:07 ComboFix2.txt 2011-09-16 02:09 . Pre-Run: 120,717,447,168 bytes free Post-Run: 120,103,997,440 bytes free . - - End Of File - - EBB0718EAA536DAC78117A731D415F4D
-
Combofix 5 (I thought I only need 4 replies, but I think this would require 6) c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\465aaeb3843fddc00825724c467ba928\System.DirectoryServices.AccountManagement.ni.dll + 2011-09-18 12:18 . 2011-09-18 12:18 2433024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\532040f56e2606c200cc8ea93d678fdb\System.Deployment.ni.dll - 2011-08-17 14:33 . 2011-08-17 14:33 2433024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\532040f56e2606c200cc8ea93d678fdb\System.Deployment.ni.dll - 2011-08-17 12:50 . 2011-08-17 12:50 8617984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\44fbadec39cc1727a2eb1952bfa34f8a\System.Data.ni.dll + 2011-09-18 12:17 . 2011-09-18 12:17 8617984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\44fbadec39cc1727a2eb1952bfa34f8a\System.Data.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 3461632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\d432627b67fa9a643f11a2ca01beaf32\System.Data.SqlXml.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 3461632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\d432627b67fa9a643f11a2ca01beaf32\System.Data.SqlXml.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 1845760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\c22afd0eb5da83e3a073e9642fd41028\System.Data.Services.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 1282560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\627f82dd583350870dd8dbb31185df05\System.Data.Services.Client.ni.dll + 2011-09-18 12:18 . 2011-09-18 12:18 1512448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\4dbca3549ccd921fe1737fefdeb16e59\System.Data.OracleClient.ni.dll - 2011-08-17 14:33 . 2011-08-17 14:33 1512448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\4dbca3549ccd921fe1737fefdeb16e59\System.Data.OracleClient.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 3489280 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\fd1f509565e5defca40b9d1e338981fc\System.Data.Linq.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 1080832 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\cf2b9a27d24b807a9b24c3e4221d8174\System.Data.Entity.Design.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 3312128 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\a1f86b4e7e9b4f3b6ef7775a09b17314\System.Core.ni.dll - 2011-08-17 12:50 . 2011-08-17 12:50 3312128 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\a1f86b4e7e9b4f3b6ef7775a09b17314\System.Core.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\2d8a18ff1b0b4029fcea093444920fd2\System.Configuration.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\2d8a18ff1b0b4029fcea093444920fd2\System.Configuration.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 3101184 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\14ae2040aa87410b5a2f932260423510\ReachFramework.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 3101184 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\14ae2040aa87410b5a2f932260423510\ReachFramework.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 2109440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\de9f5fb58d639cac800701ca9443d21a\PresentationUI.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 2109440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\de9f5fb58d639cac800701ca9443d21a\PresentationUI.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 1882112 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\05e1fb5e6b68eba9db5e8831b0eaa4f2\PresentationBuildTasks.ni.dll - 2011-08-17 14:38 . 2011-08-17 14:38 1882112 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\05e1fb5e6b68eba9db5e8831b0eaa4f2\PresentationBuildTasks.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 3482112 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\3e805eee7e658fb9d2f94711ea769bb3\Narrator.ni.exe - 2011-08-17 14:37 . 2011-08-17 14:37 3482112 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\3e805eee7e658fb9d2f94711ea769bb3\Narrator.ni.exe + 2011-09-18 12:25 . 2011-09-18 12:25 2314240 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\0ef6ee25c2aeab72acbbee9a0207ae76\MMCEx.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 2314240 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\0ef6ee25c2aeab72acbbee9a0207ae76\MMCEx.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 7836672 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\9bf16ef26005c399e46d9ff70c6ba0f2\MIGUIControls.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 7836672 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\9bf16ef26005c399e46d9ff70c6ba0f2\MIGUIControls.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 1878016 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\092625a3914f7cf8213f1108e0d90ad0\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 2173952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\9a4e215c8cb20a6638d114e84840e491\Microsoft.VisualBasic.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 2173952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\9a4e215c8cb20a6638d114e84840e491\Microsoft.VisualBasic.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\7962020dd38abe36bfa49ba3e081cceb\Microsoft.Transactions.Bridge.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\7962020dd38abe36bfa49ba3e081cceb\Microsoft.Transactions.Bridge.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 2104832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\9bb1e0baeddcd1ff6d4225493f99363a\Microsoft.PowerShell.GPowerShell.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 2104832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\9bb1e0baeddcd1ff6d4225493f99363a\Microsoft.PowerShell.GPowerShell.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 5346816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3f6af47aae50d64bf3823fd2d5cb8e7c\Microsoft.PowerShell.Editor.ni.dll + 2011-09-18 12:22 . 2011-09-18 12:22 5346816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3f6af47aae50d64bf3823fd2d5cb8e7c\Microsoft.PowerShell.Editor.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 1081856 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0dea2cad63e23249fc20d63a79047947\Microsoft.PowerShell.Commands.Management.ni.dll + 2011-09-18 12:22 . 2011-09-18 12:22 1081856 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0dea2cad63e23249fc20d63a79047947\Microsoft.PowerShell.Commands.Management.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 1093120 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\742f4c1b7480a8a640e74a50063c221c\Microsoft.Office.Tools.Common.v9.0.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 1093120 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\742f4c1b7480a8a640e74a50063c221c\Microsoft.Office.Tools.Common.v9.0.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 1186304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\63844573a9e465f298c1d3f6ae8d8225\Microsoft.Office.Tools.Word.v9.0.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 1875456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\3f66bc06329d8abaaa05c276c12cdd9d\Microsoft.Office.Tools.Excel.v9.0.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 7721472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b6d3ccbb2ad5726656c7cce38d947462\Microsoft.MediaCenter.UI.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 7721472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b6d3ccbb2ad5726656c7cce38d947462\Microsoft.MediaCenter.UI.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 3208704 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\69f3a2caef03aa1802dbf72889d44277\Microsoft.JScript.ni.dll + 2011-09-18 12:22 . 2011-09-18 12:22 3208704 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\69f3a2caef03aa1802dbf72889d44277\Microsoft.JScript.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 2357248 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\f3e97852244f77a0524e6902b59a7386\Microsoft.Ink.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 2357248 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\f3e97852244f77a0524e6902b59a7386\Microsoft.Ink.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 2575872 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\1682b069fc1fd9a6c81257a16a8af255\Microsoft.Build.Tasks.v3.5.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 2575872 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\1682b069fc1fd9a6c81257a16a8af255\Microsoft.Build.Tasks.v3.5.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 2217984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\077f3aa04081b94d8f8e785947d26b5e\Microsoft.Build.Tasks.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 2217984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\077f3aa04081b94d8f8e785947d26b5e\Microsoft.Build.Tasks.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 1188352 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\8b3186906166d0e1ce1db762ac594598\Microsoft.Build.Engine.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 1188352 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\8b3186906166d0e1ce1db762ac594598\Microsoft.Build.Engine.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 2433024 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\6864d3b75b5cbe1abc7a63fab84493bd\Microsoft.Build.Engine.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 2433024 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\6864d3b75b5cbe1abc7a63fab84493bd\Microsoft.Build.Engine.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 2413056 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\18d26ff1dc354d212e8fe28b2365cab5\ehRecObj.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 2413056 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\18d26ff1dc354d212e8fe28b2365cab5\ehRecObj.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 2002432 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\0a25c2bbadeb72e06aa2802c467882af\ehiVidCtl.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 2002432 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\0a25c2bbadeb72e06aa2802c467882af\ehiVidCtl.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 2885120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\520d978bf705fe2387d818ee69e2fe43\ehiProxy.ni.dll - 2011-08-17 03:11 . 2011-08-17 03:11 2885120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\520d978bf705fe2387d818ee69e2fe43\ehiProxy.ni.dll - 2011-08-17 03:11 . 2011-08-17 03:11 1039872 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiPlay\406ac64462bcc8db7d2a5364c355de25\ehiPlay.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 1039872 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiPlay\406ac64462bcc8db7d2a5364c355de25\ehiPlay.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 3039232 c:\windows\assembly\NativeImages_v2.0.50727_64\ehepg\1730bf5a48bb393bc6d8bd60f00ce27b\ehepg.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 3039232 c:\windows\assembly\NativeImages_v2.0.50727_64\ehepg\1730bf5a48bb393bc6d8bd60f00ce27b\ehepg.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 3325952 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9afe86eee3ddf79c5f6cf5d85873c464\WindowsBase.ni.dll - 2011-08-17 12:55 . 2011-08-17 12:55 3325952 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9afe86eee3ddf79c5f6cf5d85873c464\WindowsBase.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\e0b47647df7bf34058ed16ae08b5d36f\UIAutomationClientsideProviders.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\e0b47647df7bf34058ed16ae08b5d36f\UIAutomationClientsideProviders.ni.dll + 2011-09-17 23:19 . 2011-09-17 23:19 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll - 2011-08-17 12:55 . 2011-08-17 12:55 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll + 2011-09-18 11:57 . 2011-09-18 11:57 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll - 2011-08-17 12:57 . 2011-08-17 12:57 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 1316864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\cb4f77127908a815e9288162fa0153d1\System.WorkflowServices.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 1316864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\cb4f77127908a815e9288162fa0153d1\System.WorkflowServices.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 1911296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\a167617a58fd061722b5bc033903e089\System.Workflow.Runtime.ni.dll - 2011-08-17 12:57 . 2011-08-17 12:57 1911296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\a167617a58fd061722b5bc033903e089\System.Workflow.Runtime.ni.dll - 2011-08-17 12:57 . 2011-08-17 12:57 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\5734cc1ce5f85aca912fd92584f3b3a7\System.Workflow.ComponentModel.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\5734cc1ce5f85aca912fd92584f3b3a7\System.Workflow.ComponentModel.ni.dll - 2011-08-17 12:56 . 2011-08-17 12:56 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\32aeeece2a23ac0ef310b99c941b6d39\System.Workflow.Activities.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\32aeeece2a23ac0ef310b99c941b6d39\System.Workflow.Activities.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\5534465ace7f8b214a31a34f56280602\System.Web.Services.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\5534465ace7f8b214a31a34f56280602\System.Web.Services.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\d7f692ee424e8847828383ddbbf278eb\System.Web.Mobile.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\d7f692ee424e8847828383ddbbf278eb\System.Web.Mobile.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 2408960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c30f735b1b14140d32178827accdbcd4\System.Web.Extensions.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 2408960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c30f735b1b14140d32178827accdbcd4\System.Web.Extensions.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\4fe82e4b4223298eae15d094a32f9298\System.Speech.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\4fe82e4b4223298eae15d094a32f9298\System.Speech.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 1651200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\18be706a5ab335aaceb714f528901fe1\System.ServiceModel.Web.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 1651200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\18be706a5ab335aaceb714f528901fe1\System.ServiceModel.Web.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 2346496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9ea6cff5cccb649eb8ad7cc6e3f03c88\System.Runtime.Serialization.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 2346496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9ea6cff5cccb649eb8ad7cc6e3f03c88\System.Runtime.Serialization.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\92bcdd721183b527543af031f307d31f\System.Printing.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\92bcdd721183b527543af031f307d31f\System.Printing.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\8e2ea4d70513035f74a9604fa511754b\System.Management.Automation.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 8365056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\8e2ea4d70513035f74a9604fa511754b\System.Management.Automation.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\21c45e88bbc379aaed3baadd0bd14a8b\System.IdentityModel.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\21c45e88bbc379aaed3baadd0bd14a8b\System.IdentityModel.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll - 2011-08-17 12:56 . 2011-08-17 12:56 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\e7a30fe59a12045d837f4ebaf83fc222\System.DirectoryServices.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\e7a30fe59a12045d837f4ebaf83fc222\System.DirectoryServices.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dc9e5e32218f8a3d2f21d89511335713\System.Deployment.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dc9e5e32218f8a3d2f21d89511335713\System.Deployment.ni.dll - 2011-08-17 12:56 . 2011-08-17 12:56 6621696 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\7ae4f4dbbfd301d5b5f3897b6ea433bf\System.Data.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 6621696 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\7ae4f4dbbfd301d5b5f3897b6ea433bf\System.Data.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\d6ae6d71281689587705eaed351b01d4\System.Data.SqlXml.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\d6ae6d71281689587705eaed351b01d4\System.Data.SqlXml.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 1330176 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\41f32e478b0752c80f4e6bfb3044239a\System.Data.Services.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 1330176 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\41f32e478b0752c80f4e6bfb3044239a\System.Data.Services.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 1119232 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\9ecfa46a2c92f6493f030b02966f0ced\System.Data.OracleClient.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 1119232 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\9ecfa46a2c92f6493f030b02966f0ced\System.Data.OracleClient.ni.dll + 2011-09-17 23:19 . 2011-09-17 23:19 2526720 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\4c7f6d2264e55a2dd9d5a4cbd8c51277\System.Data.Linq.ni.dll - 2011-08-17 12:56 . 2011-08-17 12:56 2526720 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\4c7f6d2264e55a2dd9d5a4cbd8c51277\System.Data.Linq.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 9926656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c1329691751241c14f8f7f30179601c9\System.Data.Entity.ni.dll + 2011-09-18 12:06 . 2011-09-18 12:06 9926656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c1329691751241c14f8f7f30179601c9\System.Data.Entity.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\045ff9d980dcb3ffeac2a0868161215e\System.Core.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\045ff9d980dcb3ffeac2a0868161215e\System.Core.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 2146816 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\b0d7aa182cb0028c92896d58ef4529da\ReachFramework.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 2146816 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\b0d7aa182cb0028c92896d58ef4529da\ReachFramework.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7d6eba2dd1fabc7539b153845b95afa9\PresentationUI.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7d6eba2dd1fabc7539b153845b95afa9\PresentationUI.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\7ad481b1a2b26bd253f0befb765b2cf1\PresentationBuildTasks.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\7ad481b1a2b26bd253f0befb765b2cf1\PresentationBuildTasks.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 2538496 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\25fc1b1a3f51770139156021ba97251f\Narrator.ni.exe - 2011-08-17 15:00 . 2011-08-17 15:00 2538496 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\25fc1b1a3f51770139156021ba97251f\Narrator.ni.exe - 2011-08-17 15:00 . 2011-08-17 15:00 1536512 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\3398454f934691efb9798bb493d2f440\MMCEx.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 1536512 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\3398454f934691efb9798bb493d2f440\MMCEx.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 6340096 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\5c89b0298570e4d1a8443ccb7aca4a1e\MIGUIControls.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 6340096 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\5c89b0298570e4d1a8443ccb7aca4a1e\MIGUIControls.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 1301504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\af5dbd65f9cba2efcba703113d233e96\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 1301504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\af5dbd65f9cba2efcba703113d233e96\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 1711616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7785435dab38ed94b6a0a608e91c6cda\Microsoft.VisualBasic.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 1711616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7785435dab38ed94b6a0a608e91c6cda\Microsoft.VisualBasic.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\031dada967314b31703307bd10697079\Microsoft.Transactions.Bridge.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\031dada967314b31703307bd10697079\Microsoft.Transactions.Bridge.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b008b1b107c6ccdb8ab234437713b3fa\Microsoft.PowerShell.GPowerShell.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b008b1b107c6ccdb8ab234437713b3fa\Microsoft.PowerShell.GPowerShell.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\602fed46db569c67500d5d6b00abaeeb\Microsoft.PowerShell.Commands.Utility.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\602fed46db569c67500d5d6b00abaeeb\Microsoft.PowerShell.Commands.Utility.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5d659bc7dce6e73b36f5bb6ed60caccf\Microsoft.PowerShell.Editor.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5d659bc7dce6e73b36f5bb6ed60caccf\Microsoft.PowerShell.Editor.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 1354240 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\70eecb3c22ca6aa122b67547a9abd604\Microsoft.Office.Tools.Excel.v9.0.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 1354240 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\70eecb3c22ca6aa122b67547a9abd604\Microsoft.Office.Tools.Excel.v9.0.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 3235840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\7931d5ff5c42d9fd577fbb1793cc6914\Microsoft.Office.BusinessData.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 3235840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\7931d5ff5c42d9fd577fbb1793cc6914\Microsoft.Office.BusinessData.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 5486080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ddf5b45effdcc461ade1bebf18397ed\Microsoft.MediaCenter.UI.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 5486080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ddf5b45effdcc461ade1bebf18397ed\Microsoft.MediaCenter.UI.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\f7c07195d1967d7cc102fa4e8a8b9251\Microsoft.JScript.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\f7c07195d1967d7cc102fa4e8a8b9251\Microsoft.JScript.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\6f69588091b002fc0e8fc5682daf77af\Microsoft.Ink.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\6f69588091b002fc0e8fc5682daf77af\Microsoft.Ink.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 1873408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cf25827006f4021a68411e023afa3b2c\Microsoft.Build.Tasks.v3.5.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 1873408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cf25827006f4021a68411e023afa3b2c\Microsoft.Build.Tasks.v3.5.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\251635230ec27ea672ef0bfd1db926c2\Microsoft.Build.Tasks.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\251635230ec27ea672ef0bfd1db926c2\Microsoft.Build.Tasks.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 1778176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e7e696376682ecf6d7a5522757ca790b\Microsoft.Build.Engine.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 1778176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e7e696376682ecf6d7a5522757ca790b\Microsoft.Build.Engine.ni.dll + 2006-11-02 12:33 . 2011-09-16 16:42 10899456 c:\windows\system32\SMI\Store\Machine\schema.dat + 2006-11-02 12:35 . 2011-09-16 02:32 47946184 c:\windows\system32\mrt.exe + 2011-07-21 16:36 . 2011-07-21 16:36 66808320 c:\windows\Installer\2202f5.msp + 2011-06-20 03:28 . 2011-06-20 03:28 18457088 c:\windows\Installer\2202b1.msp + 2011-05-19 03:06 . 2011-05-19 03:06 38672896 c:\windows\Installer\1310850.msp + 2010-03-13 04:05 . 2010-03-13 04:05 11121528 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OARTCONV.DLL + 2010-03-13 19:08 . 2010-03-13 19:08 20516712 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\OART.DLL + 2009-04-03 23:21 . 2009-04-03 23:21 16037736 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\OART.DLL + 2011-08-17 12:43 . 2011-08-17 12:43 10597888 c:\windows\assembly\temp\AP1EQ2FR3F\System.ni.dll + 2011-08-17 03:03 . 2011-08-17 03:03 15564800 c:\windows\assembly\temp\4GS4GR2EP0\mscorlib.ni.dll + 2011-09-17 23:16 . 2011-09-17 23:16 11872768 c:\windows\assembly\NativeImages_v4.0.30319_64\System\5034d5e3f1bf120d9e61e72be6b9b013\System.ni.dll + 2011-09-18 12:46 . 2011-09-18 12:46 17290752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\65c3e4d26ac857162658b81b1efffb19\System.Windows.Forms.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\48ed28e415c976c7adfb2c5ceeaeedb2\System.ServiceModel.ni.dll + 2011-09-18 12:48 . 2011-09-18 12:48 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\529f1a1a0f3e9e994eb3356b55924f3c\System.Data.Entity.ni.dll + 2011-09-18 12:31 . 2011-09-18 12:31 10439168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\3c24931e3b4e97b6b49c4d459ba8c552\System.Core.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 24406528 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\d0abeeb299ca73f7afc5312a00e0bf22\PresentationFramework.ni.dll + 2011-09-18 12:43 . 2011-09-18 12:43 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\de5aaef4bd369972fea5ba6ff7d3e264\PresentationCore.ni.dll + 2011-09-17 23:16 . 2011-09-17 23:16 19348992 c:\windows\assembly\NativeImages_v4.0.30319_64\mscorlib\8f7f691aa155c11216387cf3420d9d1b\mscorlib.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 13138432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\0e3eea502999efc06079a0f40a795731\System.Windows.Forms.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\56df5c322f32e926eb46047f65d0a357\System.ServiceModel.ni.dll + 2011-09-18 12:13 . 2011-09-18 12:13 13346816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\093195c829c13c7ad35cb3ad43b52b6a\System.Data.Entity.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d23889e1eceadc97a6f227dbb392cb60\PresentationFramework.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\55b41158ada67f5b5a132e120e7de269\PresentationCore.ni.dll + 2011-09-17 23:06 . 2011-09-17 23:06 14407680 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\93e7df09dacd5fef442cc22d28efec83\mscorlib.ni.dll + 2011-09-17 23:16 . 2011-09-17 23:16 10597888 c:\windows\assembly\NativeImages_v2.0.50727_64\System\b008f0ff2d87b56ea30f138e32aec2eb\System.ni.dll - 2011-08-17 12:43 . 2011-08-17 12:43 10597888 c:\windows\assembly\NativeImages_v2.0.50727_64\System\b008f0ff2d87b56ea30f138e32aec2eb\System.ni.dll - 2011-08-17 12:51 . 2011-08-17 12:51 17377792 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\db6376c76598554f7daee0e8accba1e6\System.Windows.Forms.ni.dll + 2011-09-18 12:18 . 2011-09-18 12:18 17377792 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\db6376c76598554f7daee0e8accba1e6\System.Windows.Forms.ni.dll - 2011-08-17 14:33 . 2011-08-17 14:33 15225856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\9f87d3f915300b5051f29bf76b3c1874\System.Web.ni.dll + 2011-09-18 12:17 . 2011-09-18 12:17 15225856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\9f87d3f915300b5051f29bf76b3c1874\System.Web.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 23813632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\e1c770109a7a73190440f600bcf205ee\System.ServiceModel.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 23813632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\e1c770109a7a73190440f600bcf205ee\System.ServiceModel.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 11254784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\9fc8a6b51c78cdcbb9ac8c1a4fcde9e0\System.Management.Automation.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 11254784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\9fc8a6b51c78cdcbb9ac8c1a4fcde9e0\System.Management.Automation.ni.dll - 2011-08-17 12:51 . 2011-08-17 12:51 13718528 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\65bc655515d76c3b195cbc59cc9c033d\System.Design.ni.dll + 2011-09-18 12:18 . 2011-09-18 12:18 13718528 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\65bc655515d76c3b195cbc59cc9c033d\System.Design.ni.dll + 2011-09-18 12:26 . 2011-09-18 12:26 13780480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\c6390f1f63400cf2d423c634f08d710e\System.Data.Entity.ni.dll - 2011-08-17 12:50 . 2011-08-17 12:50 19176960 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\0663fb78a637caeb02ad253e76cdfd80\PresentationFramework.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 19176960 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\0663fb78a637caeb02ad253e76cdfd80\PresentationFramework.ni.dll - 2011-08-17 12:49 . 2011-08-17 12:49 16513536 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\fc3d6eb248aee0bbcd2f8c686f73df78\PresentationCore.ni.dll + 2011-09-18 12:22 . 2011-09-18 12:22 16513536 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\fc3d6eb248aee0bbcd2f8c686f73df78\PresentationCore.ni.dll - 2011-08-17 03:03 . 2011-08-17 03:03 15564800 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\ee787c7dd39d956a9fdeddc8b5fde80e\mscorlib.ni.dll + 2011-09-17 23:16 . 2011-09-17 23:16 15564800 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\ee787c7dd39d956a9fdeddc8b5fde80e\mscorlib.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 15825920 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\bb249c873f8577188d3922a092b8fa09\ehshell.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 15825920 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\bb249c873f8577188d3922a092b8fa09\ehshell.ni.dll - 2011-08-17 12:56 . 2011-08-17 12:56 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 11804672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5aa9131000876de66160ff713b543d99\System.Web.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 11804672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5aa9131000876de66160ff713b543d99\System.Web.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 17404416 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\beab37721e12fef7fc1e8f2ff130fa31\System.ServiceModel.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 17404416 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\beab37721e12fef7fc1e8f2ff130fa31\System.ServiceModel.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7217cd3af229159188896c01174b11f9\System.Design.ni.dll - 2011-08-17 12:56 . 2011-08-17 12:56 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7217cd3af229159188896c01174b11f9\System.Design.ni.dll - 2011-08-17 12:55 . 2011-08-17 12:55 14328832 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\180849cb54aab0bc77a229c41f967c90\PresentationFramework.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 14328832 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\180849cb54aab0bc77a229c41f967c90\PresentationFramework.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 12216832 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\cbe5fbb2e20534d89c0588cc05418840\PresentationCore.ni.dll - 2011-08-17 12:55 . 2011-08-17 12:55 12216832 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\cbe5fbb2e20534d89c0588cc05418840\PresentationCore.ni.dll - 2011-08-17 03:05 . 2011-08-17 03:05 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:19 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll + 2011-04-07 03:12 . 2011-04-07 03:12 194340864 c:\windows\Installer\1310871.msp
-
Combofix 4 of 4 + 2011-09-18 12:05 . 2011-09-18 12:05 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0159274c97a3fa4d942e6b4e321b6a54\PresentationFramework.Royale.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 724992 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\6849e7e884c97c0b8c9601539c0e093f\napsnap.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 724992 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\6849e7e884c97c0b8c9601539c0e093f\napsnap.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 110080 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\abace0d3ea5d15d57cac11c1bbcd0952\napinit.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 110080 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\abace0d3ea5d15d57cac11c1bbcd0952\napinit.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 115712 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\4dad5608f35eaa140c6eae43f1f2ea6c\naphlpr.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 115712 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\4dad5608f35eaa140c6eae43f1f2ea6c\naphlpr.ni.dll + 2011-09-18 11:57 . 2011-09-18 11:57 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\f1f2f55a0427a355d4bfde947a4a1546\MSBuild.ni.exe - 2011-08-17 14:50 . 2011-08-17 14:50 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\f1f2f55a0427a355d4bfde947a4a1546\MSBuild.ni.exe + 2011-09-18 12:00 . 2011-09-18 12:00 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\2c18cdf3808acb8ecb484b9f2940f0b3\MMCFxCommon.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\2c18cdf3808acb8ecb484b9f2940f0b3\MMCFxCommon.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\c3b4602f861bbf8a77d16be1a16017b7\Microsoft.WSMan.Management.ni.dll + 2011-09-18 12:04 . 2011-09-18 12:04 508928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\c3b4602f861bbf8a77d16be1a16017b7\Microsoft.WSMan.Management.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\fa5ad58d739e82d176afdaa4ef8cabce\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\fa5ad58d739e82d176afdaa4ef8cabce\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f5f2951bec5bf2d332d81c4982e6f6ad\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll + 2011-09-18 12:04 . 2011-09-18 12:04 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f5f2951bec5bf2d332d81c4982e6f6ad\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f349150d9e462beaf3ed82fa6de4def5\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f349150d9e462beaf3ed82fa6de4def5\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cf804d00790ee4fc87fdaa4752894e2c\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cf804d00790ee4fc87fdaa4752894e2c\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 161792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ace2797ec51c4fbc038d04100e43483a\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 161792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ace2797ec51c4fbc038d04100e43483a\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 183808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a1de1c631d15d03db9528d30043f076d\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 112128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9f5c78d1ee12f2fc223392f45d690720\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 112128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9f5c78d1ee12f2fc223392f45d690720\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 303104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8c69180d706ea484a3e65c0835bfb71d\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 303104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8c69180d706ea484a3e65c0835bfb71d\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8b78cbab18c8e29a86a41543f90edddc\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8b78cbab18c8e29a86a41543f90edddc\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll + 2011-09-18 11:57 . 2011-09-18 11:57 183808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\7e1cf722cc92b89ff5a9a0b9a3aecbf7\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 664064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6f5fea872cea36f16812965d279ad35a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 664064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6f5fea872cea36f16812965d279ad35a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll + 2011-09-18 12:04 . 2011-09-18 12:04 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\65a312356e672874ea2a05e9adc4acd3\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 368640 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\587d76d658b4a11eb27a2db330d363d8\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 368640 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\587d76d658b4a11eb27a2db330d363d8\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 337920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3c7184deb30af2783c0d06449f107475\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 337920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3c7184deb30af2783c0d06449f107475\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll + 2011-09-18 11:57 . 2011-09-18 11:57 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\38cb51daa421db7cd00eac6b27ce3601\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 623616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\30378827f5558703c17257b81c2861fa\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll + 2011-09-18 12:04 . 2011-09-18 12:04 623616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\30378827f5558703c17257b81c2861fa\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll + 2011-09-18 11:57 . 2011-09-18 11:57 192000 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\232ed4d5fc2851f498acfdf61dfcc4c2\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll + 2011-09-18 12:04 . 2011-09-18 12:04 192000 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\02f8fc8e2bf05702aae72f4162f531ab\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\cf693d9799ee92ab0dc4ad51719842f9\Microsoft.Transactions.Bridge.Dtc.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\cf693d9799ee92ab0dc4ad51719842f9\Microsoft.Transactions.Bridge.Dtc.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dac6ba163a212ef25e2a95be73d4894e\Microsoft.PowerShell.Commands.Diagnostics.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dac6ba163a212ef25e2a95be73d4894e\Microsoft.PowerShell.Commands.Diagnostics.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a7de5db00e81689537057130e3fa9d5b\Microsoft.PowerShell.Commands.Management.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 737792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a7de5db00e81689537057130e3fa9d5b\Microsoft.PowerShell.Commands.Management.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\83306689d48575a50d4d84b27a63146b\Microsoft.PowerShell.ConsoleHost.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\83306689d48575a50d4d84b27a63146b\Microsoft.PowerShell.ConsoleHost.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\767b4b96bb9ae9630bcb460fab12d2b0\Microsoft.PowerShell.Security.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 156160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\767b4b96bb9ae9630bcb460fab12d2b0\Microsoft.PowerShell.Security.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\363885fbbedc42023028658e4153ab56\Microsoft.PowerShell.GraphicalHost.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 729600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\363885fbbedc42023028658e4153ab56\Microsoft.PowerShell.GraphicalHost.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\ef332d73053fe2134d37157270c1d217\Microsoft.Office.Tools.v9.0.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\ef332d73053fe2134d37157270c1d217\Microsoft.Office.Tools.v9.0.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\edae3890c88c862c405ea11854b54242\Microsoft.Office.Tools.Outlook.v9.0.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\edae3890c88c862c405ea11854b54242\Microsoft.Office.Tools.Outlook.v9.0.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 815616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\347caf13189a39c1635e96f1c4b2067f\Microsoft.Office.Tools.Common.v9.0.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 815616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\347caf13189a39c1635e96f1c4b2067f\Microsoft.Office.Tools.Common.v9.0.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\25144555a387137a65f17e6f0db7246b\Microsoft.Office.Tools.Word.v9.0.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\25144555a387137a65f17e6f0db7246b\Microsoft.Office.Tools.Word.v9.0.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 271360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\7763a2b7cbd20e738185b22721ffeb4f\Microsoft.Office.BusinessApplications.Diagnostics.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 271360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\7763a2b7cbd20e738185b22721ffeb4f\Microsoft.Office.BusinessApplications.Diagnostics.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\bb189e9d53d02b3d63c3828c0463cc12\Microsoft.MediaCenter.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\bb189e9d53d02b3d63c3828c0463cc12\Microsoft.MediaCenter.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 558592 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\6ef5be72dab25ea6491e4a6891aa1457\Microsoft.ManagementConsole.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 558592 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\6ef5be72dab25ea6491e4a6891aa1457\Microsoft.ManagementConsole.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 343040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\6e811077099353d6ad45ad44d8cbefb9\Microsoft.BusinessData.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 343040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\6e811077099353d6ad45ad44d8cbefb9\Microsoft.BusinessData.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 160768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\e9e6ed1e90de7f57500f137fcf429f0b\Microsoft.Build.Utilities.v3.5.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 160768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\e9e6ed1e90de7f57500f137fcf429f0b\Microsoft.Build.Utilities.v3.5.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\b316d7ba730f523a2ec12d9c5f4b73b6\Microsoft.Build.Utilities.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\b316d7ba730f523a2ec12d9c5f4b73b6\Microsoft.Build.Utilities.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e9af947dc6d2428c521ac653b21b8668\Microsoft.Build.Engine.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e9af947dc6d2428c521ac653b21b8668\Microsoft.Build.Engine.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\ea3acb2fc7a8433efd09d63f6ff5bb5b\Microsoft.Build.Conversion.v3.5.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\ea3acb2fc7a8433efd09d63f6ff5bb5b\Microsoft.Build.Conversion.v3.5.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 543744 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\ce072aeecd1c5d0ae54fd0fce46f52e0\EventViewer.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 543744 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\ce072aeecd1c5d0ae54fd0fce46f52e0\EventViewer.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 160768 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\9e98d7dcfeb34bbf6d2ea0e711b3ae4f\ehiExtens.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 160768 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\9e98d7dcfeb34bbf6d2ea0e711b3ae4f\ehiExtens.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 243200 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\b54654928cb5eabb468d19a32ae75d32\ehExtHost32.ni.exe + 2011-09-18 11:59 . 2011-09-18 11:59 243200 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\b54654928cb5eabb468d19a32ae75d32\ehExtHost32.ni.exe - 2011-08-17 14:51 . 2011-08-17 14:51 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\798dad8e1b1dae489aa30b4341bcdba7\CustomMarshalers.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\798dad8e1b1dae489aa30b4341bcdba7\CustomMarshalers.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\147a04caf482e4d4082582a7698883e4\ComSvcConfig.ni.exe - 2011-08-17 14:50 . 2011-08-17 14:50 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\147a04caf482e4d4082582a7698883e4\ComSvcConfig.ni.exe - 2009-05-24 11:19 . 2011-09-16 01:54 3416760 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2009-05-24 11:19 . 2011-09-18 12:55 3416760 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2011-05-22 04:32 . 2011-09-16 01:54 1492156 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1463916579-3978265779-3180963287-1000-8192.dat + 2011-05-22 04:32 . 2011-09-18 12:55 1492156 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1463916579-3978265779-3180963287-1000-8192.dat + 2011-05-23 11:03 . 2011-09-16 16:41 3018316 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1463916579-3978265779-3180963287-1000-4096.dat - 2010-03-18 18:27 . 2010-03-18 18:27 1221464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpftxt_v0400.dll + 2011-04-06 21:45 . 2011-04-06 21:45 1221464 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpftxt_v0400.dll + 2011-04-06 21:45 . 2011-04-06 21:45 2153816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll - 2010-03-18 18:27 . 2010-03-18 18:27 2153816 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll + 2011-04-06 20:48 . 2011-04-06 20:48 1368920 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WindowsBase.dll + 2011-04-06 20:48 . 2011-04-06 20:48 6428520 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationFramework.dll + 2011-04-06 21:45 . 2011-04-06 21:45 3824480 c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationCore.dll + 2011-04-06 21:45 . 2011-04-06 21:45 3235656 c:\windows\Microsoft.NET\Framework64\v4.0.30319\vbc.exe - 2010-03-18 17:16 . 2010-03-18 17:16 2207568 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.XML.dll + 2011-04-06 20:48 . 2011-04-06 20:48 2207568 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.XML.dll + 2011-04-06 20:48 . 2011-04-06 20:48 6097256 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceModel.dll + 2011-05-17 14:08 . 2011-05-17 14:08 3116376 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Data.dll + 2011-04-06 20:48 . 2011-04-06 20:48 1354584 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Core.dll + 2011-05-17 14:08 . 2011-05-17 14:08 4967248 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll - 2011-04-13 02:16 . 2011-04-13 02:16 4967248 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll + 2011-05-17 14:08 . 2011-05-17 14:08 1454416 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordbi.dll + 2011-05-17 14:08 . 2011-05-17 14:08 1514840 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscordacwks.dll + 2011-05-17 14:08 . 2011-05-17 14:08 1511240 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll + 2011-05-17 14:08 . 2011-05-17 14:08 9800008 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - 2011-04-13 02:16 . 2011-04-13 02:16 9800008 c:\windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll + 2011-04-06 20:48 . 2011-04-06 20:48 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - 2010-03-18 17:16 . 2010-03-18 17:16 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll + 2011-04-06 20:48 . 2011-04-06 20:48 1368920 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll + 2011-04-06 20:48 . 2011-04-06 20:48 6428520 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll + 2011-04-06 20:48 . 2011-04-06 20:48 3788128 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll + 2011-04-06 20:48 . 2011-04-06 20:48 2261832 c:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe + 2011-04-06 20:48 . 2011-04-06 20:48 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll - 2010-03-18 17:16 . 2010-03-18 17:16 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll + 2011-04-06 20:48 . 2011-04-06 20:48 6097256 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll + 2011-05-17 13:27 . 2011-05-17 13:27 2975064 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll + 2011-04-06 20:48 . 2011-04-06 20:48 1354584 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll - 2011-04-12 19:11 . 2011-04-12 19:11 5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll + 2011-05-17 13:27 . 2011-05-17 13:27 5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll + 2011-05-17 13:27 . 2011-05-17 13:27 1142616 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll + 2011-05-17 13:27 . 2011-05-17 13:27 6735176 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - 2011-04-12 19:11 . 2011-04-12 19:11 6735176 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll + 2011-09-17 23:13 . 2011-09-17 23:13 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll - 2011-08-17 03:00 . 2011-08-17 03:00 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll + 2011-09-17 23:13 . 2011-09-17 23:13 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll + 2011-09-17 23:13 . 2011-09-17 23:13 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll - 2011-08-17 03:01 . 2011-08-17 03:01 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll + 2011-09-17 23:13 . 2011-09-17 23:13 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2011-08-17 03:00 . 2011-08-17 03:01 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2011-08-17 03:01 . 2011-08-17 03:01 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll + 2011-09-17 23:13 . 2011-09-17 23:13 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll + 2011-09-17 23:13 . 2011-09-17 23:13 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2011-09-17 23:13 . 2011-09-17 23:13 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll - 2011-08-17 03:01 . 2011-08-17 03:01 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll - 2011-08-17 03:01 . 2011-08-17 03:01 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll + 2011-09-17 23:13 . 2011-09-17 23:13 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll + 2011-09-17 23:13 . 2011-09-17 23:13 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll - 2011-08-17 03:01 . 2011-08-17 03:01 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll + 2011-09-17 23:13 . 2011-09-17 23:13 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll - 2011-08-17 03:01 . 2011-08-17 03:01 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll + 2011-09-17 23:13 . 2011-09-17 23:13 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll + 2011-09-17 23:13 . 2011-09-17 23:13 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2011-09-17 23:13 . 2011-09-17 23:13 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll + 2011-09-17 23:13 . 2011-09-17 23:13 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2011-09-17 23:13 . 2011-09-17 23:13 4967248 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll - 2011-08-17 03:00 . 2011-08-17 03:00 4967248 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll + 2011-09-17 23:13 . 2011-09-17 23:13 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll - 2011-08-17 03:01 . 2011-08-17 03:01 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll + 2011-09-17 23:12 . 2011-09-17 23:12 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll + 2011-09-17 23:13 . 2011-09-17 23:13 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2011-08-17 02:59 . 2011-08-17 02:59 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll + 2011-09-17 23:12 . 2011-09-17 23:12 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll + 2011-09-17 23:12 . 2011-09-17 23:12 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll - 2011-08-17 03:00 . 2011-08-17 03:00 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll + 2011-08-10 21:43 . 2011-08-10 21:43 3795968 c:\windows\Installer\22031d.msp + 2011-08-10 21:42 . 2011-08-10 21:42 7070208 c:\windows\Installer\2202fe.msp + 2011-07-21 16:34 . 2011-07-21 16:34 3456000 c:\windows\Installer\2202dd.msp + 2011-07-21 16:51 . 2011-07-21 16:51 9623040 c:\windows\Installer\2202c7.msp + 2011-07-21 16:45 . 2011-07-21 16:45 3809792 c:\windows\Installer\2202a9.msp + 2011-08-16 03:56 . 2011-08-16 03:56 3460096 c:\windows\Installer\220293.msp + 2011-07-21 16:41 . 2011-07-21 16:41 8413696 c:\windows\Installer\22027d.msp + 2011-07-27 11:39 . 2011-07-27 11:39 9892352 c:\windows\Installer\220267.msp + 2011-08-22 03:18 . 2011-08-22 03:18 1585152 c:\windows\Installer\220256.msp - 2010-10-31 14:39 . 2011-08-17 03:06 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe + 2010-10-31 14:39 . 2011-09-16 02:40 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe + 2010-10-31 14:39 . 2011-09-16 02:40 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe - 2010-10-31 14:39 . 2011-08-17 03:06 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe - 2010-10-31 14:39 . 2011-08-17 03:06 4520288 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe + 2010-10-31 14:39 . 2011-09-16 02:40 4520288 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe + 2010-10-31 14:39 . 2011-09-16 02:40 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe - 2010-10-31 14:39 . 2011-08-17 03:06 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe + 2010-10-31 14:39 . 2011-09-16 02:40 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe - 2010-10-31 14:39 . 2011-08-17 03:06 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe + 2010-03-18 18:27 . 2010-03-18 18:27 1221464 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\wpftxt_amd64.dll + 2010-03-18 17:16 . 2010-03-18 17:16 1663320 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\wpfgfx_x86.dll + 2010-03-18 18:27 . 2010-03-18 18:27 2153816 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\wpfgfx_amd64.dll + 2010-03-18 17:16 . 2010-03-18 17:16 1303896 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\WindowsBase_x86.dll + 2010-03-18 17:16 . 2010-03-18 17:16 1303896 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\WindowsBase_amd64.dll + 2010-03-18 17:16 . 2010-03-18 17:16 6346600 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationFramework_x86.dll + 2010-03-18 17:16 . 2010-03-18 17:16 6346600 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationFramework_amd64.dll + 2010-03-18 17:16 . 2010-03-18 17:16 3545952 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationCore_x86.dll + 2010-03-18 18:27 . 2010-03-18 18:27 3453792 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\PresentationCore_amd64.dll + 2009-04-03 22:21 . 2009-04-03 22:21 8543096 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\OARTCONV.DLL + 2006-10-27 00:42 . 2006-10-27 00:42 8423224 c:\windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.4518\OARTCONV.DLL + 2011-09-18 12:43 . 2011-09-18 12:43 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\2b21f937d40320cabc3c85c031db88d8\WindowsBase.ni.dll + 2011-09-18 12:51 . 2011-09-18 12:51 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\d14a6bf514550fdc219f580348599c58\UIAutomationClientsideProviders.ni.dll + 2011-09-18 12:42 . 2011-09-18 12:42 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\8e4323f5bfb90be4621456033d8b404b\System.Xml.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\2a3c95561c3de429c3c0e7a53a920c45\System.Xaml.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\b346685f479e27aadce1793789333bfb\System.Windows.Forms.DataVisualization.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\4ee71342f3eadce770c5b227e0e72015\System.Web.Services.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\7211feffc35222c34e5d6b9e97f1c009\System.Speech.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e449cb587c51f7bec5fcff8964844151\System.ServiceModel.Activities.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\5af78d8b92c4a0b7f90dd99a8742c565\System.ServiceModel.Discovery.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\2c3f2f005761a596bf9e7262b76735a3\System.Runtime.Serialization.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\d850328fdb0d5b403f2b4a7752ec43da\System.Runtime.DurableInstancing.ni.dll + 2011-09-18 12:46 . 2011-09-18 12:46 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\35bb0262c48890be46a1861b63bed32d\System.Printing.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\73c6deea16d8ee87e65156bb9ef90e0b\System.Management.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\6d8ec822ecf54529d04b1342aef58dd3\System.IdentityModel.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\a8ac353249c61750e03ace04cce91d12\System.EnterpriseServices.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 2290688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\0237eaa2a9c71060227e6d310a887c07\System.Drawing.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 1217536 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\8440779374dcb4d650179a61139684b0\System.DirectoryServices.AccountManagement.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\1b6321bae09adccce41aedcd91fcea9b\System.DirectoryServices.ni.dll + 2011-09-18 12:46 . 2011-09-18 12:46 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\f0cadc34a72bbfb06158ee14e3f3b97d\System.Deployment.ni.dll + 2011-09-18 12:46 . 2011-09-18 12:46 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\20d5aeb1486af05bd5885e431e8cf531\System.Data.ni.dll + 2011-09-18 12:42 . 2011-09-18 12:42 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\84e0e94c07d03148371aad1c9212daba\System.Data.SqlXml.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 1798656 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\c66f4672f3f96cac1796475fc53084f7\System.Data.Services.Client.ni.dll + 2011-09-18 12:48 . 2011-09-18 12:48 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\f985d985539603a521e6051cbef283d7\System.Data.Linq.ni.dll + 2011-09-18 12:41 . 2011-09-18 12:41 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\d17a133036827281e02df99161f83199\System.Configuration.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\87cacc996ae318f4bd1e126f8271b8c1\System.ComponentModel.Composition.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\6f46271408743437680ef855e26ba561\System.Activities.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\b5dc8079f2701e3cf6a139deca5c0982\System.Activities.Presentation.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\bb930355f9bcc3bc388397471ae88492\System.Activities.Core.Presentation.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 4232704 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\8df1ec785fb8923566f2ce612f108cee\ReachFramework.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 2056192 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\944136b49e38259ce517a6fe3e71fa4d\PresentationUI.ni.dll + 2011-09-18 12:42 . 2011-09-18 12:42 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\f35f1a86bb6cdfc3547ff815dddfa629\Microsoft.VisualBasic.ni.dll + 2011-09-18 12:43 . 2011-09-18 12:43 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\b915c536f129912ec5b50a187d663103\Microsoft.VisualBasic.Activities.Compiler.ni.dll + 2011-09-18 12:43 . 2011-09-18 12:43 1843200 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\7caaf5543210b5383267ef450c2173f7\Microsoft.VisualBasic.Compatibility.ni.dll + 2011-09-18 12:42 . 2011-09-18 12:42 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\41248e69f60429253a19267620bd5dcd\Microsoft.Transactions.Bridge.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\a266703ae4763423c8e41fd9e375bf76\Microsoft.JScript.ni.dll + 2011-09-18 12:31 . 2011-09-18 12:31 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\db2aa89dbd68dddefe47c70b35c045cf\Microsoft.CSharp.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 3857920 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6c4a0cae96fe506534d1ed4b8e905d04\WindowsBase.ni.dll + 2011-09-18 12:15 . 2011-09-18 12:15 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\e6474cae2445440fccb0e62e689e6c22\UIAutomationClientsideProviders.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 9086464 c:\windows\assembly\NativeImages_v4.0.30319_32\System\ffc825af968e2afbdd0d894b475331f3\System.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\6cf9069b4b5feb38824a79009ed9c7b4\System.Xml.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cadbfd56dbffb78f67b92027bd56862e\System.Xaml.ni.dll + 2011-09-18 12:15 . 2011-09-18 12:15 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\a216205660fa7dabec6af4a7c52956ee\System.Windows.Forms.DataVisualization.ni.dll + 2011-09-18 12:15 . 2011-09-18 12:15 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\40c543317017c549c3d17d714c3cf1fc\System.Web.Services.ni.dll + 2011-09-18 12:15 . 2011-09-18 12:15 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\86d3010efe01e554be5b8cd680fcfe2a\System.Speech.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f37365c0acb4b409a486f3aa4512a03e\System.ServiceModel.Discovery.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 1392640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a53b7bb4838c656363b29f79f708a0f0\System.ServiceModel.Activities.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\33b886ae33f78b046f90bda3dde2688e\System.Runtime.Serialization.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\5c659e2195f712d6638b8536da384cda\System.Runtime.DurableInstancing.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\0751e44f42a603bfe153a4bbd124f62f\System.Printing.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\307dea1fa71faaa1c2dc0175487d9639\System.Management.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\e1acefba94c07ca77d751b68bc3e33d3\System.IdentityModel.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 1652736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ea0f339fb15935f1878e115be1c04f8f\System.Drawing.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\be3d47a08a8e4118e75e31a402259409\System.DirectoryServices.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\864c2fd53f879fcd5f9b335cf49a66b4\System.Deployment.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\80bdabbd69127228408b96ca23460389\System.Data.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 2549760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\ec8c58572e78fa5fc63bb8b29ed7481a\System.Data.SqlXml.ni.dll + 2011-09-18 12:13 . 2011-09-18 12:13 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\04f451f2d493483696f852bdce8c36e0\System.Data.Services.Client.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\8a671058b35f625fb958ff2228fbc9cf\System.Data.Linq.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 7069696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\2721a63758cab451543e8a58dc4ffeeb\System.Core.ni.dll + 2011-09-18 12:12 . 2011-09-18 12:12 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\c527fa8c447a9edfeb14eeaf4af0a742\System.Activities.ni.dll + 2011-09-18 12:12 . 2011-09-18 12:12 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\5be7a4e9c92dff127c74c0d744b3f523\System.Activities.Presentation.ni.dll + 2011-09-18 12:12 . 2011-09-18 12:12 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\1871f74f0a94ec1d26071dcc872d4189\System.Activities.Core.Presentation.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 2907136 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\5d8782e167084ab1fced20b86cfb26e2\ReachFramework.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\de59faecd59acbc6caabecbd8efbbb50\PresentationUI.ni.dll + 2011-09-18 12:10 . 2011-09-18 12:10 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ce05202cabbee87cda0b3df2e56a6b20\Microsoft.VisualBasic.ni.dll + 2011-09-18 12:10 . 2011-09-18 12:10 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\899c60052ad7e741dc444017cc907ca8\Microsoft.VisualBasic.Activities.Compiler.ni.dll + 2011-09-18 12:10 . 2011-09-18 12:10 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\0adf14e7c198b3e2a634e53a23ddad7b\Microsoft.VisualBasic.Compatibility.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\4376863f8deba766befd5d8e41316a91\Microsoft.Transactions.Bridge.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\2ceaa7403e2bdea36367a0a67d972f03\Microsoft.JScript.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\113a314e9f32a5efc41f409118a71063\Microsoft.CSharp.ni.dll + 2011-09-18 12:30 . 2011-09-18 12:30 5527040 c:\windows\assembly\NativeImages_v2.0.50727_64\ZuneShell\ec1bf4fd0397d41012d205dbd188b458\ZuneShell.ni.dll - 2011-08-17 14:40 . 2011-08-17 14:40 5527040 c:\windows\assembly\NativeImages_v2.0.50727_64\ZuneShell\ec1bf4fd0397d41012d205dbd188b458\ZuneShell.ni.dll - 2011-08-17 14:40 . 2011-08-17 14:40 3569664 c:\windows\assembly\NativeImages_v2.0.50727_64\ZuneDBApi\079975cad55ee8d2bdbc3ccf7be08763\ZuneDBApi.ni.dll + 2011-09-18 12:30 . 2011-09-18 12:30 3569664 c:\windows\assembly\NativeImages_v2.0.50727_64\ZuneDBApi\079975cad55ee8d2bdbc3ccf7be08763\ZuneDBApi.ni.dll - 2011-08-17 12:48 . 2011-08-17 12:48 4925440 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4481dd92332b45019023338cf615a630\WindowsBase.ni.dll + 2011-09-18 12:22 . 2011-09-18 12:22 4925440 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4481dd92332b45019023338cf615a630\WindowsBase.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 6202880 c:\windows\assembly\NativeImages_v2.0.50727_64\UIX\899122d440010a16ed01ed0bf25b4f96\UIX.ni.dll - 2011-08-17 14:40 . 2011-08-17 14:40 6202880 c:\windows\assembly\NativeImages_v2.0.50727_64\UIX\899122d440010a16ed01ed0bf25b4f96\UIX.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 2628608 c:\windows\assembly\NativeImages_v2.0.50727_64\UIX.RenderApi\4f5abb91f71844b304261885d07785bd\UIX.RenderApi.ni.dll - 2011-08-17 14:40 . 2011-08-17 14:40 2628608 c:\windows\assembly\NativeImages_v2.0.50727_64\UIX.RenderApi\4f5abb91f71844b304261885d07785bd\UIX.RenderApi.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 1461248 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\45a7a0e9cfca734aa0aacec24cf58c6a\UIAutomationClientsideProviders.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 1461248 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\45a7a0e9cfca734aa0aacec24cf58c6a\UIAutomationClientsideProviders.ni.dll - 2011-08-17 12:52 . 2011-08-17 12:52 6948352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\55726d96df2a370794eb1a18253c4647\System.Xml.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 6948352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\55726d96df2a370794eb1a18253c4647\System.Xml.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 1754112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\0c53724752b6912479128ea7cc02f6f6\System.WorkflowServices.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 1754112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\0c53724752b6912479128ea7cc02f6f6\System.WorkflowServices.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 2702848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\fd1e02085a6aecb0dabeaea2db00b1e4\System.Workflow.Runtime.ni.dll - 2011-08-17 12:52 . 2011-08-17 12:52 2702848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\fd1e02085a6aecb0dabeaea2db00b1e4\System.Workflow.Runtime.ni.dll - 2011-08-17 12:52 . 2011-08-17 12:52 5956608 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\64e5f32fafa7178f2cb1a16371969ea2\System.Workflow.ComponentModel.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 5956608 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\64e5f32fafa7178f2cb1a16371969ea2\System.Workflow.ComponentModel.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 3893248 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\cac06ca4c93cbf95921be63b8c09ee44\System.Workflow.Activities.ni.dll - 2011-08-17 12:51 . 2011-08-17 12:51 3893248 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\cac06ca4c93cbf95921be63b8c09ee44\System.Workflow.Activities.ni.dll - 2011-08-17 14:33 . 2011-08-17 14:33 2291712 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\ccb9d0e917993cef0ecfebfcbcb08a5f\System.Web.Services.ni.dll + 2011-09-18 12:17 . 2011-09-18 12:17 2291712 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\ccb9d0e917993cef0ecfebfcbcb08a5f\System.Web.Services.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 3335680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\5bbe971da5ecbe05c515c6f8c4f4e896\System.Web.Mobile.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 3335680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\5bbe971da5ecbe05c515c6f8c4f4e896\System.Web.Mobile.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 1154560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\e445fe44a510709916e47395b31937c2\System.Web.Extensions.Design.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 1154560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\e445fe44a510709916e47395b31937c2\System.Web.Extensions.Design.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 3048448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\6a0cce3a56af5772a27b117300e364d7\System.Web.Extensions.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 2726912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\4a9449b7e5a9e2cb569b5960f83215bd\System.Speech.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 2726912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\4a9449b7e5a9e2cb569b5960f83215bd\System.Speech.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 2239488 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\ba8d54452dfef1e8c77b7ad958261d16\System.ServiceModel.Web.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 2239488 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\ba8d54452dfef1e8c77b7ad958261d16\System.ServiceModel.Web.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 3072512 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8f2756757122d8e810e54ad9a6a9b934\System.Runtime.Serialization.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 3072512 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8f2756757122d8e810e54ad9a6a9b934\System.Runtime.Serialization.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 1022464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\1417e3a586572bba058fc1b147932ed5\System.Runtime.Remoting.ni.dll + 2011-09-18 12:17 . 2011-09-18 12:17 1022464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\1417e3a586572bba058fc1b147932ed5\System.Runtime.Remoting.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 1453056 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\5e6c150a1bfdb5ad172d939f41e4b1d5\System.Printing.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 1453056 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\5e6c150a1bfdb5ad172d939f41e4b1d5\System.Printing.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 1408000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\1ce66c0c7c84321e850250fe7e89a6d7\System.Management.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 1408000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\1ce66c0c7c84321e850250fe7e89a6d7\System.Management.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 1428992 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\2fc69556c19f1018463627e8691bfac2\System.IdentityModel.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 1428992 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\2fc69556c19f1018463627e8691bfac2\System.IdentityModel.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\60d0a368a83327d788a62b762a670cce\System.EnterpriseServices.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\60d0a368a83327d788a62b762a670cce\System.EnterpriseServices.ni.dll - 2011-08-17 12:51 . 2011-08-17 12:51 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\ece8747d21e40443e5c2228818711917\System.Drawing.ni.dll + 2011-09-18 12:17 . 2011-09-18 12:17 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\ece8747d21e40443e5c2228818711917\System.Drawing.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 1639936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\e08075670461b361f7ab19764a2a65f0\System.DirectoryServices.ni.dll + 2011-09-18 12:17 . 2011-09-18 12:17 1639936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\e08075670461b361f7ab19764a2a65f0\System.DirectoryServices.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 1219584 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\465aaeb3843fddc00825724c467ba928\System.DirectoryServices.AccountManagement.ni.dll
-
Combofix 3 of 4 - 2010-10-31 14:39 . 2011-08-17 03:06 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe + 2010-10-31 14:39 . 2011-09-16 02:40 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe + 2010-10-31 14:39 . 2011-09-16 02:40 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe - 2010-10-31 14:39 . 2011-08-17 03:06 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe - 2010-10-31 14:39 . 2011-08-17 03:06 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe + 2010-10-31 14:39 . 2011-09-16 02:40 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe + 2010-10-31 14:39 . 2011-09-16 02:40 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe - 2010-10-31 14:39 . 2011-08-17 03:06 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe + 2010-03-18 17:16 . 2010-03-18 17:16 915800 c:\windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\wpftxt_x86.dll + 2011-09-18 12:51 . 2011-09-18 12:51 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\d3536aadcda3bf1628fd5cb912f0d4df\WindowsFormsIntegration.ni.dll + 2011-09-18 12:46 . 2011-09-18 12:46 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\0bbce3d1912c29cdb65f7c7bfdfd8a01\UIAutomationTypes.ni.dll + 2011-09-18 12:46 . 2011-09-18 12:46 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\65616f4785226d28371ccf809e213fa6\UIAutomationProvider.ni.dll + 2011-09-18 12:51 . 2011-09-18 12:51 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\cd62d82bb2e0ebe93c68c701a281d204\UIAutomationClient.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\70a6db2664fa1f7e996c58f81f63754d\System.Xml.Linq.ni.dll + 2011-09-18 12:46 . 2011-09-18 12:46 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\321d4a33b1363649a45f47f8fbc107c9\System.Windows.Input.Manipulations.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\fbffd4e050d2e397f5b51bcbede33326\System.Transactions.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\41a328f3f1e01dd6d6c45ec27dfb8d12\System.ServiceProcess.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\8a3044d7b76d748396c01aec083a1b01\System.ServiceModel.Routing.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4288f4e2ad790e4510344567c092ca68\System.ServiceModel.Channels.ni.dll + 2011-09-18 12:42 . 2011-09-18 12:42 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\481e4462ee5dbf73d7f92d14505eabca\System.Security.ni.dll + 2011-09-18 12:46 . 2011-09-18 12:46 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\93ea6aa98aa92eb1c27130599616cd48\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2011-09-18 12:46 . 2011-09-18 12:46 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\e01521d8c282ad1e79f9c8334cd4baef\System.Runtime.Remoting.ni.dll + 2011-09-18 12:42 . 2011-09-18 12:42 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\0615b26e34fbb01ff661b827e8d80c97\System.Numerics.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\836b59a54e74d2a9350d9dbcbee44e7d\System.Net.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\e530f9f49dcc8196f1333f65d9e17a51\System.Messaging.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\ca30070d69a7575b9b3637fde765b533\System.Management.Instrumentation.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\1af1dc859f12d724d15c2f8ac01b7d84\System.IO.Log.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\a236c6b9a7fa2dd99f840ffedb685464\System.IdentityModel.Selectors.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\a8ac353249c61750e03ace04cce91d12\System.EnterpriseServices.Wrapper.dll + 2011-09-18 12:42 . 2011-09-18 12:42 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\d0cb2f5412272538eead0de22ee232c1\System.Dynamic.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\87240375600b6608957d4877632deacd\System.DirectoryServices.Protocols.ni.dll + 2011-09-18 12:49 . 2011-09-18 12:49 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\22c569ca3bf7de3f386881fdaaefcf5c\System.Device.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\848a93911e91183c5833abac3c19b8c7\System.Data.DataSetExtensions.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\9ef51cbff9a0a281683413ff85bdc67e\System.Configuration.Install.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\e5886d887164c57e7bbcff9eace93aff\System.ComponentModel.DataAnnotations.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\a618c2c8cd6669a1f562d583de816049\System.AddIn.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\c06a32f20b3a8c40bb9ee4caaa7f791f\System.Activities.DurableInstancing.ni.dll + 2011-09-18 12:30 . 2011-09-18 12:30 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\898051ff62d86ecbb43c730672a5ce01\SMSvcHost.ni.exe + 2011-09-18 12:45 . 2011-09-18 12:45 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\2b6fb4f3fe65c3384cd588c84d5f426a\SMDiagnostics.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\e7d3ae8b894e645f195435b0d0cca3d5\PresentationFramework.Luna.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\9faf962dcc325fbdecde08f2b4b4de12\PresentationFramework.Classic.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\89a56671c51182608a36ddabf7f11579\PresentationFramework.Aero.ni.dll + 2011-09-18 12:45 . 2011-09-18 12:45 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\1144c8dd74e20a85a56ea12af48cc763\PresentationFramework.Royale.ni.dll + 2011-09-18 12:43 . 2011-09-18 12:43 422400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\78dbb63ddb830c7b67915373a26a64cb\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2011-09-18 12:42 . 2011-09-18 12:42 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\2c6b57b8d66eb686e39af125a7b9cd3f\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2011-09-18 12:30 . 2011-09-18 12:30 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\4b8193e798a848470e64c71f71a230a4\CustomMarshalers.ni.dll + 2011-09-18 12:15 . 2011-09-18 12:15 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\1b8d986036465b9f0db4fbaf8876ad72\WindowsFormsIntegration.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\7b9037ad1952bc81a382b2fcddd8320a\UIAutomationTypes.ni.dll + 2011-09-18 12:15 . 2011-09-18 12:15 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\08b935a4ef1b64faec4e9739db313298\UIAutomationClient.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\0f5813c19bc6dc46e87c6beafb97d525\System.Xml.Linq.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\8681ad3f75515a261e7980d01ac5fa2e\System.Windows.Input.Manipulations.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\5314989a2066877016eaac44f927092c\System.Transactions.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\b784695a620842be9b660769dd43c898\System.ServiceProcess.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8671670b07fb8597048ef4aae0a5ede4\System.ServiceModel.Routing.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\68dd8aa8c376dd3c44f8e56c3767ac1d\System.Security.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e8452df7471e5ba24ca642b4c4e1ef37\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\bbc34aac73481fc04fe9b7aff9927437\System.Runtime.Remoting.ni.dll + 2011-09-17 23:08 . 2011-09-17 23:08 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\21335cc2e54f4995b582cfa9d1efbcaa\System.Numerics.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\0db265c571d2baf9c46511b9955fa7c4\System.Net.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\5539ada158b0520c68ab8cbaa6dab8b2\System.Messaging.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\89a46fc2fa698580fd2fa81df5cd020a\System.Management.Instrumentation.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\e022b746f10ca855a632ff405f7f1259\System.IO.Log.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\a6518b3baf1d987d831c5fc1b295306d\System.IdentityModel.Selectors.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3c81550255199caad42b6927e52cbe20\System.EnterpriseServices.Wrapper.dll + 2011-09-18 12:11 . 2011-09-18 12:11 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3c81550255199caad42b6927e52cbe20\System.EnterpriseServices.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a0ced4a2cbd6aa8f9cf2a28b641e0300\System.Dynamic.ni.dll + 2011-09-18 12:13 . 2011-09-18 12:13 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\8227f92f9e71e619b541050995617717\System.DirectoryServices.AccountManagement.ni.dll + 2011-09-18 12:13 . 2011-09-18 12:13 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\6ec8651192262a0732c9c187486e9fb9\System.DirectoryServices.Protocols.ni.dll + 2011-09-18 12:13 . 2011-09-18 12:13 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\1652ce31226964496c1d5b5b4f69277e\System.Device.ni.dll + 2011-09-18 12:12 . 2011-09-18 12:12 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\5b1934fc32b50e5a42a64999d0b27112\System.Data.DataSetExtensions.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\786df9adb3752f8f67b90dedb60dc2a1\System.Configuration.ni.dll + 2011-09-18 12:12 . 2011-09-18 12:12 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\7a2a83b1625f100331691f44b6e9c3ab\System.Configuration.Install.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\eb22b58fc80ef55a2879bd6f121e9989\System.ComponentModel.Composition.ni.dll + 2011-09-18 12:12 . 2011-09-18 12:12 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\a3084fbf0204cd93a9d1e8722774f0b7\System.ComponentModel.DataAnnotations.ni.dll + 2011-09-18 12:12 . 2011-09-18 12:12 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\6254a35e295c52224f7bdc9e5ac9c81f\System.AddIn.ni.dll + 2011-09-18 12:12 . 2011-09-18 12:12 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2b905c99ccccb248a7653fabe4b55b09\System.Activities.DurableInstancing.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\51bdfe23e8b22bbed5fabfed9371b5b0\SMSvcHost.ni.exe + 2011-09-18 12:11 . 2011-09-18 12:11 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef32e2d63c908a8e4b21b30b2debcd03\SMDiagnostics.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ac6b30fb021fe513bc7f5eb98874ab98\PresentationFramework.Royale.ni.dll + 2011-09-17 23:17 . 2011-09-17 23:17 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ab273e4606367562d98caf792f366523\PresentationFramework.Classic.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\64d84a18bdebd88f137f11ec220748ff\PresentationFramework.Aero.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\08ffd91342eb8f789914456a3a0d29dd\PresentationFramework.Luna.ni.dll + 2011-09-18 12:10 . 2011-09-18 12:10 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\43eb12b6198092efc2b8a030ace2e3f2\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\da0ae911ee95f4e67660e8e584ca8e7b\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\8bd0bb7822eb2d50cb4c1a82a7f934e8\CustomMarshalers.ni.dll - 2011-08-17 14:40 . 2011-08-17 14:40 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\5f6a5d0fd18e43b62272d501e4cecc4b\WsatConfig.ni.exe + 2011-09-18 12:30 . 2011-09-18 12:30 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\5f6a5d0fd18e43b62272d501e4cecc4b\WsatConfig.ni.exe - 2011-08-17 14:40 . 2011-08-17 14:40 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f055886146673a35518ee749c53f0417\WindowsFormsIntegration.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f055886146673a35518ee749c53f0417\WindowsFormsIntegration.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 257024 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\4587969f21341220dc17747f280477b2\UIAutomationTypes.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 257024 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\4587969f21341220dc17747f280477b2\UIAutomationTypes.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 120320 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\ff10a07c2b72a66edbe6f45f91d17769\UIAutomationProvider.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 120320 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\ff10a07c2b72a66edbe6f45f91d17769\UIAutomationProvider.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 648704 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\9ec639af32b36d056d5044de48a51fbf\UIAutomationClient.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 648704 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\9ec639af32b36d056d5044de48a51fbf\UIAutomationClient.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 290304 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\0ee32f3917dd39d4a7f4e52314b9157e\TaskScheduler.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 290304 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\0ee32f3917dd39d4a7f4e52314b9157e\TaskScheduler.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 557056 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\4424a72b52c456dbb94503bccde184c3\System.Xml.Linq.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 188928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\daa46fe6c185a4331e1453fb5100b51a\System.Web.Routing.ni.dll - 2011-08-17 14:33 . 2011-08-17 14:33 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\f2602c5bcb6c2065db8329f1f7f32ae1\System.Web.RegularExpressions.ni.dll + 2011-09-18 12:18 . 2011-09-18 12:18 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\f2602c5bcb6c2065db8329f1f7f32ae1\System.Web.RegularExpressions.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 451584 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\38f8c24bf93261152defbadb7fbc479d\System.Web.Entity.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 399360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\3220e23ce60aa1bfa69ad5e61611d7f6\System.Web.Entity.Design.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 758784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\c6f979f5009e65fac79d20924dc3de3a\System.Web.DynamicData.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\22e583697dbb5510101fab4aa5d18254\System.Web.Abstractions.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\22e583697dbb5510101fab4aa5d18254\System.Web.Abstractions.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 921088 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\b433e4de6804ce087c2c5827efc8feff\System.Transactions.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 921088 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\b433e4de6804ce087c2c5827efc8feff\System.Transactions.ni.dll - 2011-08-17 14:33 . 2011-08-17 14:33 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\fb509de55bc82e23c862dcd0a8823eb8\System.ServiceProcess.ni.dll + 2011-09-18 12:18 . 2011-09-18 12:18 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\fb509de55bc82e23c862dcd0a8823eb8\System.ServiceProcess.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 929280 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\9191aa60b79eda0c7df35784e1986195\System.Security.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 929280 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\9191aa60b79eda0c7df35784e1986195\System.Security.ni.dll + 2011-09-18 12:18 . 2011-09-18 12:18 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\0d1187c395060f06d84e4c398e7729e2\System.Runtime.Serialization.Formatters.Soap.ni.dll - 2011-08-17 14:33 . 2011-08-17 14:33 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\0d1187c395060f06d84e4c398e7729e2\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 911872 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\2505633b5679bba3e3da53db79616c62\System.Net.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 911872 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\2505633b5679bba3e3da53db79616c62\System.Net.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 782848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\32d484a0a6db3c92f0e593a958dc265a\System.Messaging.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 782848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\32d484a0a6db3c92f0e593a958dc265a\System.Messaging.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 534528 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\89517655b80d1dbf34b2a6daf9ab2b41\System.Management.Instrumentation.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 568832 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\b4d997aeba03b77e5d09f9eabd3e7ffb\System.IO.Log.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 568832 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\b4d997aeba03b77e5d09f9eabd3e7ffb\System.IO.Log.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\e327689326341f4d7656ff743c939838\System.IdentityModel.Selectors.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\e327689326341f4d7656ff743c939838\System.IdentityModel.Selectors.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\60d0a368a83327d788a62b762a670cce\System.EnterpriseServices.Wrapper.dll + 2011-09-18 12:16 . 2011-09-18 12:16 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\60d0a368a83327d788a62b762a670cce\System.EnterpriseServices.Wrapper.dll + 2011-09-18 12:18 . 2011-09-18 12:18 289280 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\1049a906d8aeb09b7cf608ed4670b48a\System.Drawing.Design.ni.dll - 2011-08-17 12:51 . 2011-08-17 12:51 289280 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\1049a906d8aeb09b7cf608ed4670b48a\System.Drawing.Design.ni.dll + 2011-09-18 12:18 . 2011-09-18 12:18 650240 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\495ff50306c8f7ca33e6407b4660ade5\System.DirectoryServices.Protocols.ni.dll - 2011-08-17 14:33 . 2011-08-17 14:33 650240 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\495ff50306c8f7ca33e6407b4660ade5\System.DirectoryServices.Protocols.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 492032 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\6ef2957527f645a8e416cd0f03445bff\System.Data.Services.Design.ni.dll + 2011-09-18 12:26 . 2011-09-18 12:26 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\c77795760e17d1449d6fdc3fa855c952\System.Data.DataSetExtensions.ni.dll - 2011-08-17 14:33 . 2011-08-17 14:33 191488 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\41852b2f76b9a3883be55cd39268339b\System.Configuration.Install.ni.dll + 2011-09-18 12:18 . 2011-09-18 12:18 191488 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\41852b2f76b9a3883be55cd39268339b\System.Configuration.Install.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\2716594523a59f38ed50b22af855e8ea\System.ComponentModel.DataAnnotations.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 889856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\4e4ecc6b61f0e2a39ddfdae3ada992b0\System.AddIn.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 889856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\4e4ecc6b61f0e2a39ddfdae3ada992b0\System.AddIn.ni.dll - 2011-08-17 14:38 . 2011-08-17 14:38 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\eebfb193348c4ee09fde0f55897153ef\System.AddIn.Contract.ni.dll + 2011-09-18 12:26 . 2011-09-18 12:26 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\eebfb193348c4ee09fde0f55897153ef\System.AddIn.Contract.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\88aeb9f3b7d6a8124f470a41a904d42a\sysglobl.ni.dll + 2011-09-18 12:27 . 2011-09-18 12:27 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\88aeb9f3b7d6a8124f470a41a904d42a\sysglobl.ni.dll - 2011-08-17 14:38 . 2011-08-17 14:38 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\c2ae3ebf99c837d022aaafafc6cd04fd\SMSvcHost.ni.exe + 2011-09-18 12:26 . 2011-09-18 12:26 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\c2ae3ebf99c837d022aaafafc6cd04fd\SMSvcHost.ni.exe + 2011-09-18 12:19 . 2011-09-18 12:19 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\37cadb80dab6954ac815ad5530032508\SMDiagnostics.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\37cadb80dab6954ac815ad5530032508\SMDiagnostics.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 438784 c:\windows\assembly\NativeImages_v2.0.50727_64\ServiceModelReg\383e793a6af09df130b14f96138aaa54\ServiceModelReg.ni.exe - 2011-08-17 14:38 . 2011-08-17 14:38 438784 c:\windows\assembly\NativeImages_v2.0.50727_64\ServiceModelReg\383e793a6af09df130b14f96138aaa54\ServiceModelReg.ni.exe + 2011-09-18 12:25 . 2011-09-18 12:25 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c2b971104c296416bb15eb458ec5f7c9\PresentationFramework.Aero.ni.dll - 2011-08-17 12:50 . 2011-08-17 12:50 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c2b971104c296416bb15eb458ec5f7c9\PresentationFramework.Aero.ni.dll - 2011-08-17 12:50 . 2011-08-17 12:50 279040 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a9367ed6263e99440976427a650a86bc\PresentationFramework.Classic.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 279040 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a9367ed6263e99440976427a650a86bc\PresentationFramework.Classic.ni.dll - 2011-08-17 12:50 . 2011-08-17 12:50 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a46418abae39bda36af970a351a8cd23\PresentationFramework.Luna.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a46418abae39bda36af970a351a8cd23\PresentationFramework.Luna.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\5571660610f416a16f101e9dc615328d\PresentationFramework.Royale.ni.dll - 2011-08-17 12:50 . 2011-08-17 12:50 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\5571660610f416a16f101e9dc615328d\PresentationFramework.Royale.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 852992 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\64af7da17fc9439d2c8f23d34feb260b\napsnap.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 852992 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\64af7da17fc9439d2c8f23d34feb260b\napsnap.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 154112 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\336c6eca608a2bd0f07760aa73fc1dca\napinit.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 154112 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\336c6eca608a2bd0f07760aa73fc1dca\napinit.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 177152 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\e1b9bb0c83dd8cac30d87fdfd7166756\naphlpr.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 177152 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\e1b9bb0c83dd8cac30d87fdfd7166756\naphlpr.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 126464 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\fa472bf1f8f24c6ed281ed4dcd9d6571\napcrypt.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 126464 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\fa472bf1f8f24c6ed281ed4dcd9d6571\napcrypt.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\3fed3dfbbe1d477a86b5c5685e98bee1\MSBuild.ni.exe - 2011-08-17 14:32 . 2011-08-17 14:32 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\3fed3dfbbe1d477a86b5c5685e98bee1\MSBuild.ni.exe + 2011-09-18 12:20 . 2011-09-18 12:20 414720 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\407d27837b8ecea3b66bdbd280586e5d\MMCFxCommon.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 414720 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\407d27837b8ecea3b66bdbd280586e5d\MMCFxCommon.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 657920 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\a340bab4c167d4ed8abeee6ce5685772\Microsoft.WSMan.Management.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 657920 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\a340bab4c167d4ed8abeee6ce5685772\Microsoft.WSMan.Management.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\8378df092aebbb9e875f3daeb073b345\Microsoft.Vsa.ni.dll + 2011-09-18 12:22 . 2011-09-18 12:22 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\8378df092aebbb9e875f3daeb073b345\Microsoft.Vsa.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 202240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\f1abcac6336fcecdd878046ffa32f75a\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 312832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\f10b6275b7f602130f6ef7356f7cc6a8\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 779776 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\e84e21cc76da71a06338a0007f39b851\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 970752 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cd2bb0cc06262f92322ce04e046ea0db\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 970752 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cd2bb0cc06262f92322ce04e046ea0db\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 445952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cbd455ac25f968e267793a516f029d76\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 227328 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\b25039551a10376e47ff50c6e2f6a2f3\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 499712 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\a8c481f4db5c81fdf4277999b1656950\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 227328 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\a8743211588f821a403893915e07c88b\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 231936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\9bcbdeeda130ad3bc5a8bea44fadb8c3\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 312832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\90da4b2ee731196e31798f945982d340\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 276992 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\8ebb5f9d3e8845bc74418d46c5ce1963\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 393728 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\7989e9f92009570c14444a5d567b2de6\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 125440 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\6e1ce704a3683bbc80d90ba093f3809d\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 497664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\5eea04dcd84086d50a45698c2b2d0cc1\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 276992 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\472171d658168e23614d66d1c07d5e9f\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll - 2011-08-17 03:07 . 2011-08-17 03:07 209920 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\33d0289649f9ef4635cab911dc4a10b1\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 209920 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\33d0289649f9ef4635cab911dc4a10b1\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\17a35b72b947f9c4a085e0385fe1a054\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\16d576838360f6840f69a2b498622e8a\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 226816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\0b3b1d6a7e10841776591af72565f756\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 226816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\0b3b1d6a7e10841776591af72565f756\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll + 2011-09-18 12:16 . 2011-09-18 12:16 125440 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\07958ebd5a818a6fec84e040f9be9328\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\fed874427d329b3843becb214c2cbb24\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\fed874427d329b3843becb214c2cbb24\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2011-09-18 12:22 . 2011-09-18 12:22 417280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\9cfb6b2890eaadb91daabd96c080c7e9\Microsoft.PowerShell.Commands.Diagnostics.ni.dll + 2011-09-18 12:23 . 2011-09-18 12:23 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\39d05a919cdf3a0b8a841cf64d9d5b2d\Microsoft.PowerShell.GraphicalHost.ni.dll + 2011-09-18 12:22 . 2011-09-18 12:22 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\201551dfa891ef2533b4f6961f158b53\Microsoft.PowerShell.ConsoleHost.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\201551dfa891ef2533b4f6961f158b53\Microsoft.PowerShell.ConsoleHost.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\e756b694e3c6de76a8002725d73b8139\Microsoft.Office.Tools.v9.0.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\7526010a48ec74557bcb14b1da86e683\Microsoft.Office.Tools.Outlook.v9.0.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 324608 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\848c9da3e69048629734e47234788a7d\Microsoft.MediaCenter.Shell.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 324608 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\848c9da3e69048629734e47234788a7d\Microsoft.MediaCenter.Shell.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 933376 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\643b81852e3d9761f609db2d2d149e6f\Microsoft.MediaCenter.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 933376 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\643b81852e3d9761f609db2d2d149e6f\Microsoft.MediaCenter.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 946688 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\3009e8d27d0662799fcde4a99cfaa62c\Microsoft.MediaCenter.Sports.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 946688 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\3009e8d27d0662799fcde4a99cfaa62c\Microsoft.MediaCenter.Sports.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 794624 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\7bccb8455ab63acd2fd36dbb6348b77a\Microsoft.ManagementConsole.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 794624 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\7bccb8455ab63acd2fd36dbb6348b77a\Microsoft.ManagementConsole.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 228864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\f62d326919623ec6e0ab3f835aedb3f5\Microsoft.Build.Utilities.v3.5.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 228864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\f62d326919623ec6e0ab3f835aedb3f5\Microsoft.Build.Utilities.v3.5.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\9f583d5c7de9d6469697e822dbabe645\Microsoft.Build.Utilities.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\9f583d5c7de9d6469697e822dbabe645\Microsoft.Build.Utilities.ni.dll - 2011-08-17 03:07 . 2011-08-17 03:07 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\5cca853a01d7873f5d763de8677b8482\Microsoft.Build.Framework.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\5cca853a01d7873f5d763de8677b8482\Microsoft.Build.Framework.ni.dll + 2011-09-18 12:21 . 2011-09-18 12:21 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\14790d6818b2c3722b3877caf007a418\Microsoft.Build.Framework.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\14790d6818b2c3722b3877caf007a418\Microsoft.Build.Framework.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:21 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\a65a7ff52cef80cd25d5f7a08be30bde\Microsoft.Build.Conversion.v3.5.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\a65a7ff52cef80cd25d5f7a08be30bde\Microsoft.Build.Conversion.v3.5.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 372224 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\656fee71cea5bce92f762df631ecebeb\Mcx2Dvcs.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 372224 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\656fee71cea5bce92f762df631ecebeb\Mcx2Dvcs.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 372224 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\46247732b2fdb4edb0f30f8c25dd14a4\mcupdate.ni.exe + 2011-09-18 12:20 . 2011-09-18 12:20 372224 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\46247732b2fdb4edb0f30f8c25dd14a4\mcupdate.ni.exe - 2011-08-17 14:34 . 2011-08-17 14:34 337920 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\933b32ca7ef1bab5c3c846d1e8498b52\mcstoredb.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 337920 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\933b32ca7ef1bab5c3c846d1e8498b52\mcstoredb.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 893952 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\f542b6731c25678aa81fafe1e59292e4\mcstore.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 893952 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\f542b6731c25678aa81fafe1e59292e4\mcstore.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 108032 c:\windows\assembly\NativeImages_v2.0.50727_64\loadmxf\a4a6d5566946a8bf38b3b17446cf1f58\loadmxf.ni.exe - 2011-08-17 14:35 . 2011-08-17 14:35 108032 c:\windows\assembly\NativeImages_v2.0.50727_64\loadmxf\a4a6d5566946a8bf38b3b17446cf1f58\loadmxf.ni.exe + 2011-09-18 12:20 . 2011-09-18 12:20 645120 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\a85ee567ab2608b4a0e926600b56b0ab\EventViewer.ni.dll - 2011-08-17 14:35 . 2011-08-17 14:35 645120 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\a85ee567ab2608b4a0e926600b56b0ab\EventViewer.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\2fcc1a9e9d1562a68bc676f4a9821f38\ehiWUapi.ni.dll - 2011-08-17 03:11 . 2011-08-17 03:11 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\2fcc1a9e9d1562a68bc676f4a9821f38\ehiWUapi.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 927232 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\14701ef3387cf0a95c98bb1e4ceae0da\ehiwmp.ni.dll - 2011-08-17 03:11 . 2011-08-17 03:11 927232 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\14701ef3387cf0a95c98bb1e4ceae0da\ehiwmp.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 138752 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\00922b3ff2116a38b97469cc4b405573\ehiUserXp.ni.dll - 2011-08-17 03:11 . 2011-08-17 03:11 138752 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\00922b3ff2116a38b97469cc4b405573\ehiUserXp.ni.dll - 2011-08-17 03:11 . 2011-08-17 03:11 151040 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiReplay\ec0aa4c11ed3aefcae02eb38f86231cd\ehiReplay.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 151040 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiReplay\ec0aa4c11ed3aefcae02eb38f86231cd\ehiReplay.ni.dll - 2011-08-17 03:11 . 2011-08-17 03:11 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\aecbd2f45aa74ee3f57dc277e9d8343f\ehiExtens.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\aecbd2f45aa74ee3f57dc277e9d8343f\ehiExtens.ni.dll + 2011-09-18 12:20 . 2011-09-18 12:20 368640 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\7f3e720ebf0164673c94202b8e51c119\ehExtHost.ni.exe - 2011-08-17 14:34 . 2011-08-17 14:34 368640 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\7f3e720ebf0164673c94202b8e51c119\ehExtHost.ni.exe - 2011-08-17 14:34 . 2011-08-17 14:34 409600 c:\windows\assembly\NativeImages_v2.0.50727_64\ehepgdat\d9c6f79562e7618065e4e22446500a02\ehepgdat.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 409600 c:\windows\assembly\NativeImages_v2.0.50727_64\ehepgdat\d9c6f79562e7618065e4e22446500a02\ehepgdat.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 311296 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\3261cad9c1981ebf952370ebb267f46f\ehCIR.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 311296 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\3261cad9c1981ebf952370ebb267f46f\ehCIR.ni.dll - 2011-08-17 03:11 . 2011-08-17 03:11 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\44e83cf4ba00700dec4e6d9364daa7b1\CustomMarshalers.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\44e83cf4ba00700dec4e6d9364daa7b1\CustomMarshalers.ni.dll - 2011-08-17 14:32 . 2011-08-17 14:32 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\c392ae5019176660dd3e81503ede7bb4\ComSvcConfig.ni.exe + 2011-09-18 12:16 . 2011-09-18 12:16 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\c392ae5019176660dd3e81503ede7bb4\ComSvcConfig.ni.exe + 2011-09-18 12:19 . 2011-09-18 12:19 568320 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\b8a793412f4ae385b0e6bc97f2afc1ff\BDATunePIA.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 568320 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\b8a793412f4ae385b0e6bc97f2afc1ff\BDATunePIA.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4393f39e7dcd910521a93a5a588fa1c5\WsatConfig.ni.exe + 2011-09-18 12:09 . 2011-09-18 12:09 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4393f39e7dcd910521a93a5a588fa1c5\WsatConfig.ni.exe - 2011-08-17 15:02 . 2011-08-17 15:02 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\64e6bc21d6554252e53e87c04a70a04d\WindowsFormsIntegration.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\64e6bc21d6554252e53e87c04a70a04d\WindowsFormsIntegration.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\96031e87be161842765531e37a996df6\UIAutomationTypes.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\96031e87be161842765531e37a996df6\UIAutomationTypes.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\ec050b2f1ddc5f3023e9bc7375f90a1d\UIAutomationClient.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\ec050b2f1ddc5f3023e9bc7375f90a1d\UIAutomationClient.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 235520 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\8db6e879e71858d2995390526368262e\TaskScheduler.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 235520 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\8db6e879e71858d2995390526368262e\TaskScheduler.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 420864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\dc1245b46eceac4312a47737df04b4b1\System.Xml.Linq.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 420864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\dc1245b46eceac4312a47737df04b4b1\System.Xml.Linq.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 130560 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\44ee01fb8d7169ad780af3e2fccbe428\System.Web.Routing.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 130560 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\44ee01fb8d7169ad780af3e2fccbe428\System.Web.Routing.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\3ea90d05680ed6259ccb21f12cce70fb\System.Web.RegularExpressions.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\3ea90d05680ed6259ccb21f12cce70fb\System.Web.RegularExpressions.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\1abc99e2fa94ca63c9b44ebcb074b031\System.Web.Extensions.Design.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\1abc99e2fa94ca63c9b44ebcb074b031\System.Web.Extensions.Design.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 329216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e2910ea97106bb4ccec61d875d79fd10\System.Web.Entity.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 329216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e2910ea97106bb4ccec61d875d79fd10\System.Web.Entity.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\4b9d4fbc374aa3772ead7bf30d29f27b\System.Web.Entity.Design.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\4b9d4fbc374aa3772ead7bf30d29f27b\System.Web.Entity.Design.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 551936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\29fc2fc66c4c543018f2270c1c02803a\System.Web.DynamicData.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 551936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\29fc2fc66c4c543018f2270c1c02803a\System.Web.DynamicData.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\12da8d5708a0cf1c5c5ae02d1394880a\System.Web.Abstractions.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\12da8d5708a0cf1c5c5ae02d1394880a\System.Web.Abstractions.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5e58f10757c91da0ac05161ca8e11e8b\System.Transactions.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5e58f10757c91da0ac05161ca8e11e8b\System.Transactions.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1cc11918d8dd561391bba05c61de7573\System.ServiceProcess.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1cc11918d8dd561391bba05c61de7573\System.ServiceProcess.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\ccd064df52eb5479bf745ec2a7b74952\System.Security.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\ccd064df52eb5479bf745ec2a7b74952\System.Security.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4a62d68943088191659432dbe33669f2\System.Runtime.Serialization.Formatters.Soap.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4a62d68943088191659432dbe33669f2\System.Runtime.Serialization.Formatters.Soap.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a6d889aa69fd51c100352f23c7cebd22\System.Runtime.Remoting.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a6d889aa69fd51c100352f23c7cebd22\System.Runtime.Remoting.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\7754d47296d9201c1856c41637b8a911\System.Net.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\7754d47296d9201c1856c41637b8a911\System.Net.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\6db17e040b1104fa9a9760c88c67b862\System.Messaging.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\6db17e040b1104fa9a9760c88c67b862\System.Messaging.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\4117485024b0f652b9fbb66ff5025896\System.Management.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\4117485024b0f652b9fbb66ff5025896\System.Management.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 331264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\583f33d141c5cf85af51fbf2f88ea8b8\System.Management.Instrumentation.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 331264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\583f33d141c5cf85af51fbf2f88ea8b8\System.Management.Instrumentation.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\06bcbb2f0b2de5bc7ebc92f7c2028181\System.IO.Log.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\06bcbb2f0b2de5bc7ebc92f7c2028181\System.IO.Log.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\2ba816b41a3f13685fd28d2ad50970ec\System.IdentityModel.Selectors.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\2ba816b41a3f13685fd28d2ad50970ec\System.IdentityModel.Selectors.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\f2d2ebc3015150594787564a55d5abe9\System.EnterpriseServices.Wrapper.dll - 2011-08-17 14:50 . 2011-08-17 14:50 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\f2d2ebc3015150594787564a55d5abe9\System.EnterpriseServices.Wrapper.dll + 2011-09-18 11:58 . 2011-09-18 11:58 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\f2d2ebc3015150594787564a55d5abe9\System.EnterpriseServices.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\f2d2ebc3015150594787564a55d5abe9\System.EnterpriseServices.ni.dll - 2011-08-17 12:56 . 2011-08-17 12:56 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\29cbe2999c5c4d9b16ce0942323075fc\System.Drawing.Design.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\29cbe2999c5c4d9b16ce0942323075fc\System.Drawing.Design.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ed84c038dbce9cab34496f5dbd10b12\System.DirectoryServices.AccountManagement.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ed84c038dbce9cab34496f5dbd10b12\System.DirectoryServices.AccountManagement.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\10dea0183eb6ff30200d910dc34b872b\System.DirectoryServices.Protocols.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\10dea0183eb6ff30200d910dc34b872b\System.DirectoryServices.Protocols.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\91bf313faecb6262606fc2dbf5d69973\System.Data.Services.Design.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\91bf313faecb6262606fc2dbf5d69973\System.Data.Services.Design.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 944128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\0700bf444cb397425fce262fefab1408\System.Data.Services.Client.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 944128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\0700bf444cb397425fce262fefab1408\System.Data.Services.Client.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 759296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\3b11f7e568e1cd032a827b52c0b862e3\System.Data.Entity.Design.ni.dll + 2011-09-18 12:06 . 2011-09-18 12:06 759296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\3b11f7e568e1cd032a827b52c0b862e3\System.Data.Entity.Design.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 136704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\3a07be9c7597f6bb9ba7c25cc24f6024\System.Data.DataSetExtensions.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 136704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\3a07be9c7597f6bb9ba7c25cc24f6024\System.Data.DataSetExtensions.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll + 2011-09-18 11:57 . 2011-09-18 11:57 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\c3cfe8388734152100ff476350fb3ddb\System.Configuration.Install.ni.dll + 2011-09-18 11:59 . 2011-09-18 11:59 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\c3cfe8388734152100ff476350fb3ddb\System.Configuration.Install.ni.dll + 2011-09-18 11:57 . 2011-09-18 11:57 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\24421bf969f562eacc40eaa5c92a8645\System.AddIn.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\0d00826b5faadbfc192c3679e5ab30cf\System.AddIn.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\0d00826b5faadbfc192c3679e5ab30cf\System.AddIn.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\7879c86ded9fabda3e3285420ab3a406\sysglobl.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\7879c86ded9fabda3e3285420ab3a406\sysglobl.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\878ab210235309095edcd2565987503e\SMSvcHost.ni.exe + 2011-09-18 12:05 . 2011-09-18 12:05 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\878ab210235309095edcd2565987503e\SMSvcHost.ni.exe + 2011-09-18 11:59 . 2011-09-18 11:59 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca54e016986a14796591228eaa80cce1\SMDiagnostics.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca54e016986a14796591228eaa80cce1\SMDiagnostics.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\c0e48084525f817b13d79d7d2dec52cc\ServiceModelReg.ni.exe + 2011-09-18 12:05 . 2011-09-18 12:05 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\c0e48084525f817b13d79d7d2dec52cc\ServiceModelReg.ni.exe + 2011-09-18 12:05 . 2011-09-18 12:05 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a51a17cc3195c47d97be3f387f86c462\PresentationFramework.Luna.ni.dll - 2011-08-17 12:55 . 2011-08-17 12:55 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a51a17cc3195c47d97be3f387f86c462\PresentationFramework.Luna.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6a38f370d4e68b65106d1065d0b77067\PresentationFramework.Aero.ni.dll - 2011-08-17 12:55 . 2011-08-17 12:55 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6a38f370d4e68b65106d1065d0b77067\PresentationFramework.Aero.ni.dll - 2011-08-17 12:55 . 2011-08-17 12:55 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4aa958d331158aa1c46b80468c842a34\PresentationFramework.Classic.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4aa958d331158aa1c46b80468c842a34\PresentationFramework.Classic.ni.dll - 2011-08-17 12:56 . 2011-08-17 12:56 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0159274c97a3fa4d942e6b4e321b6a54\PresentationFramework.Royale.ni.dll
-
Combofix 2 of 4 - 2011-08-17 14:49 . 2011-08-17 14:49 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\c8750ecd71abac98fb26b2f4bf3a031a\Accessibility.ni.dll + 2011-09-18 11:57 . 2011-09-18 11:57 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\c8750ecd71abac98fb26b2f4bf3a031a\Accessibility.ni.dll - 2011-09-16 01:59 . 2011-09-16 01:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-09-18 12:57 . 2011-09-18 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-09-18 12:57 . 2011-09-18 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-09-16 01:59 . 2011-09-16 01:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-09-18 12:15 . 2011-09-18 12:15 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\1a890e72269abe36365d861bca8fca70\System.Xml.Serialization.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\e335cdfdb3e46fb0f75cb2ce83dabf48\dfsvc.ni.exe - 2010-03-18 12:43 . 2010-03-19 02:25 327680 c:\windows\SysWOW64\IME\IMEJP10\IMJPAPI.DLL + 2011-09-15 12:02 . 2011-07-26 16:04 327680 c:\windows\SysWOW64\IME\IMEJP10\IMJPAPI.DLL + 2009-06-27 02:03 . 2011-09-17 22:44 360664 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2006-11-02 15:45 . 2011-09-18 12:59 119486 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2006-11-02 12:46 . 2011-09-16 01:15 619512 c:\windows\system32\perfh009.dat + 2006-11-02 12:46 . 2011-09-17 23:11 619512 c:\windows\system32\perfh009.dat - 2006-11-02 12:46 . 2011-09-16 01:15 111140 c:\windows\system32\perfc009.dat + 2006-11-02 12:46 . 2011-09-17 23:11 111140 c:\windows\system32\perfc009.dat + 2011-09-15 12:02 . 2011-07-26 16:28 507904 c:\windows\system32\IME\IMEJP10\IMJPAPI.DLL - 2010-03-18 12:43 . 2010-03-19 02:19 507904 c:\windows\system32\IME\IMEJP10\IMJPAPI.DLL - 2011-02-10 16:14 . 2011-09-16 01:54 459416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-02-10 16:14 . 2011-09-18 12:55 459416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-04-06 20:48 . 2011-04-06 20:48 236880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Net.dll + 2011-05-17 14:08 . 2011-05-17 14:08 597832 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll - 2011-04-13 02:16 . 2011-04-13 02:16 597832 c:\windows\Microsoft.NET\Framework64\v4.0.30319\SOS.dll + 2011-04-06 21:45 . 2011-04-06 21:45 260448 c:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelReg.exe - 2010-03-18 18:27 . 2010-03-18 18:27 578896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll + 2011-05-17 14:08 . 2011-05-17 14:08 578896 c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll + 2011-04-06 20:48 . 2011-04-06 20:48 916312 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll + 2011-04-06 20:48 . 2011-04-06 20:48 236880 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll + 2011-05-17 13:27 . 2011-05-17 13:27 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll - 2011-04-12 19:11 . 2011-04-12 19:11 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll + 2011-04-06 20:48 . 2011-04-06 20:48 191840 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe + 2011-05-17 13:27 . 2011-05-17 13:27 413520 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll + 2011-05-17 13:27 . 2011-05-17 13:27 956240 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll - 2011-04-12 19:11 . 2011-04-12 19:11 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll + 2011-05-17 13:27 . 2011-05-17 13:27 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - 2011-08-17 03:01 . 2011-08-17 03:01 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2011-09-17 23:13 . 2011-09-17 23:13 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2011-09-17 23:13 . 2011-09-17 23:13 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll - 2011-08-17 03:01 . 2011-08-17 03:01 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll - 2011-08-17 03:01 . 2011-08-17 03:01 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2011-09-17 23:13 . 2011-09-17 23:13 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2011-09-17 23:13 . 2011-09-17 23:13 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll - 2011-08-17 03:01 . 2011-08-17 03:01 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll + 2011-09-17 23:13 . 2011-09-17 23:13 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2011-08-17 03:01 . 2011-08-17 03:01 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2011-08-17 03:01 . 2011-08-17 03:01 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll + 2011-09-17 23:13 . 2011-09-17 23:13 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll - 2011-08-17 03:00 . 2011-08-17 03:00 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2011-09-17 23:13 . 2011-09-17 23:13 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2011-09-17 23:13 . 2011-09-17 23:13 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll - 2011-08-17 03:01 . 2011-08-17 03:01 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll + 2011-09-17 23:13 . 2011-09-17 23:13 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll - 2011-08-17 03:01 . 2011-08-17 03:01 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll - 2011-08-17 03:01 . 2011-08-17 03:01 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll + 2011-09-17 23:13 . 2011-09-17 23:13 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll - 2011-08-17 03:00 . 2011-08-17 03:00 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2011-09-17 23:13 . 2011-09-17 23:13 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2011-09-17 23:13 . 2011-09-17 23:13 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2011-08-17 03:01 . 2011-08-17 03:01 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2011-09-17 23:13 . 2011-09-17 23:13 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2011-08-17 03:01 . 2011-08-17 03:01 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2011-08-17 03:01 . 2011-08-17 03:01 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll + 2011-09-17 23:13 . 2011-09-17 23:13 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll + 2011-09-17 23:13 . 2011-09-17 23:13 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll - 2011-08-17 03:01 . 2011-08-17 03:01 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2011-09-17 23:13 . 2011-09-17 23:13 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2011-09-17 23:13 . 2011-09-17 23:13 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2011-08-17 03:00 . 2011-08-17 03:00 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2011-09-17 23:13 . 2011-09-17 23:13 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll - 2011-08-17 03:01 . 2011-08-17 03:01 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll + 2011-09-17 23:13 . 2011-09-17 23:13 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll - 2011-08-17 03:01 . 2011-08-17 03:01 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll + 2011-09-17 23:13 . 2011-09-17 23:13 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll - 2011-08-17 03:01 . 2011-08-17 03:01 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll - 2011-08-17 03:01 . 2011-08-17 03:01 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll + 2011-09-17 23:13 . 2011-09-17 23:13 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll + 2011-09-17 23:13 . 2011-09-17 23:13 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll - 2011-08-17 03:00 . 2011-08-17 03:00 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll + 2011-09-17 23:13 . 2011-09-17 23:13 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2011-08-17 03:00 . 2011-08-17 03:00 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2011-09-17 23:13 . 2011-09-17 23:13 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2011-08-17 03:00 . 2011-08-17 03:00 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2011-08-17 03:00 . 2011-08-17 03:00 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2011-09-17 23:13 . 2011-09-17 23:13 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2011-08-17 03:00 . 2011-08-17 03:00 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll + 2011-09-17 23:13 . 2011-09-17 23:13 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll + 2011-09-17 23:13 . 2011-09-17 23:13 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2011-08-17 03:00 . 2011-08-17 03:00 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2011-08-17 03:00 . 2011-08-17 03:00 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2011-09-17 23:13 . 2011-09-17 23:13 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2011-09-17 23:13 . 2011-09-17 23:13 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll - 2011-08-17 03:01 . 2011-08-17 03:01 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll - 2011-08-17 03:01 . 2011-08-17 03:01 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll + 2011-09-17 23:13 . 2011-09-17 23:13 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll + 2011-09-17 23:13 . 2011-09-17 23:13 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2011-08-17 03:00 . 2011-08-17 03:00 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2011-08-17 03:01 . 2011-08-17 03:01 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll + 2011-09-17 23:13 . 2011-09-17 23:13 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll + 2011-09-17 23:13 . 2011-09-17 23:13 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll - 2011-08-17 03:01 . 2011-08-17 03:01 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll + 2011-09-17 23:13 . 2011-09-17 23:13 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll - 2011-08-17 03:01 . 2011-08-17 03:01 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll - 2011-08-17 03:01 . 2011-08-17 03:01 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll + 2011-09-17 23:13 . 2011-09-17 23:13 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll - 2011-08-17 03:00 . 2011-08-17 03:00 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2011-09-17 23:13 . 2011-09-17 23:13 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2011-09-17 23:13 . 2011-09-17 23:13 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2011-08-17 03:01 . 2011-08-17 03:01 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2011-08-17 03:01 . 2011-08-17 03:01 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll + 2011-09-17 23:13 . 2011-09-17 23:13 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll - 2011-08-17 03:01 . 2011-08-17 03:01 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2011-09-17 23:13 . 2011-09-17 23:13 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll - 2011-08-17 03:01 . 2011-08-17 03:01 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll + 2011-09-17 23:13 . 2011-09-17 23:13 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll - 2011-08-17 03:01 . 2011-08-17 03:01 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2011-09-17 23:13 . 2011-09-17 23:13 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll - 2011-08-17 03:01 . 2011-08-17 03:01 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2011-09-17 23:13 . 2011-09-17 23:13 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2011-09-17 23:13 . 2011-09-17 23:13 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2011-08-17 03:00 . 2011-08-17 03:00 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2011-09-17 23:13 . 2011-09-17 23:13 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2011-08-17 03:01 . 2011-08-17 03:01 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2011-09-17 23:13 . 2011-09-17 23:13 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll - 2011-08-17 03:01 . 2011-08-17 03:01 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll + 2011-09-17 23:13 . 2011-09-17 23:13 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2011-08-17 03:00 . 2011-08-17 03:00 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2011-08-17 03:00 . 2011-08-17 03:00 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll + 2011-09-17 23:13 . 2011-09-17 23:13 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll - 2011-08-17 03:01 . 2011-08-17 03:01 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll + 2011-09-17 23:13 . 2011-09-17 23:13 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - 2011-08-17 03:01 . 2011-08-17 03:01 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll + 2011-09-17 23:13 . 2011-09-17 23:13 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll + 2011-09-17 23:13 . 2011-09-17 23:13 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2011-08-17 03:00 . 2011-08-17 03:00 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2011-08-17 03:00 . 2011-08-17 03:00 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2011-09-17 23:13 . 2011-09-17 23:13 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2011-09-17 23:13 . 2011-09-17 23:13 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2011-08-17 03:01 . 2011-08-17 03:01 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2011-08-17 03:00 . 2011-08-17 03:00 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll + 2011-09-17 23:13 . 2011-09-17 23:13 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - 2011-08-17 03:00 . 2011-08-17 03:00 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll + 2011-09-17 23:13 . 2011-09-17 23:13 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll + 2011-09-17 23:12 . 2011-09-17 23:12 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2011-08-17 02:59 . 2011-08-17 02:59 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2011-09-17 23:12 . 2011-09-17 23:12 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2011-08-17 02:59 . 2011-08-17 02:59 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2011-09-17 23:12 . 2011-09-17 23:12 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2011-08-17 03:00 . 2011-08-17 03:00 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2011-06-20 03:33 . 2011-06-20 03:33 407552 c:\windows\Installer\220314.msp + 2011-08-22 03:19 . 2011-08-22 03:19 133120 c:\windows\Installer\22025e.msp
-
Combo fix 1 of 4 I would like try to fix the orphaned entries and errors in the OTL log. I have Microsoft Security Essentials as my antivirus program. Here is the combofix log. ComboFix 11-09-17.04 - Wayne Wagner 09/18/2011 8:40.3.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4026.1975 [GMT -4:00] Running from: c:\users\Wayne Wagner\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2011-08-18 to 2011-09-18 ))))))))))))))))))))))))))))))) . . 2011-09-18 12:54 . 2011-09-18 12:54 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-09-18 12:54 . 2011-09-18 12:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-18 12:05 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{961B5AA8-11CE-4474-962B-E2AC0DE6853F}\mpengine.dll 2011-09-16 00:49 . 2011-09-16 00:46 6656 ----a-w- c:\windows\system32\bcmwlrc.dll 2011-09-16 00:49 . 2011-09-16 00:49 -------- d-----w- c:\users\Wayne Wagner\AppData\Roaming\LaunchPad 2011-09-16 00:48 . 2011-09-16 00:46 3553280 ----a-w- c:\windows\system32\bcmihvui64.dll 2011-09-16 00:48 . 2011-09-16 00:46 2685432 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS 2011-09-16 00:43 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-09-15 12:06 . 2009-08-20 03:50 24416 ----a-r- c:\windows\system32\AdobePDFUI.dll 2011-09-15 12:02 . 2011-08-10 12:14 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat 2011-09-15 12:02 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-09-08 12:20 . 2010-11-30 15:43 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2427B391-6704-462D-A858-F05A02ACD766}\gapaengine.dll 2011-08-25 13:09 . 2011-07-11 13:45 2048 ----a-w- c:\windows\system32\tzres.dll 2011-08-25 13:09 . 2011-07-11 13:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-16 00:46 . 2009-05-24 10:36 95472 ----a-w- c:\windows\system32\bcmwlcoi.dll 2011-09-16 00:46 . 2009-05-24 10:36 3888640 ----a-w- c:\windows\system32\bcmihvsrv64.dll 2011-08-17 13:32 . 2011-05-13 10:00 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-08-05 10:02 . 2011-08-05 10:02 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-22 05:42 . 2011-08-17 13:03 2303488 ----a-w- c:\windows\system32\jscript9.dll 2011-07-22 05:36 . 2011-08-17 13:03 1389056 ----a-w- c:\windows\system32\wininet.dll 2011-07-22 05:32 . 2011-08-17 13:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-07-22 02:54 . 2011-08-17 13:03 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll 2011-07-22 02:48 . 2011-08-17 13:03 1126912 ----a-w- c:\windows\SysWow64\wininet.dll 2011-07-22 02:44 . 2011-08-17 13:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-07-13 04:53 . 2011-07-28 16:57 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll 2011-07-06 23:52 . 2011-01-25 21:57 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-06 23:52 . 2011-01-25 21:57 25912 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-06 15:49 . 2011-08-17 01:54 275456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys . . ((((((((((((((((((((((((((((( SnapShot@2011-09-16_02.01.08 ))))))))))))))))))))))))))))))))))))))))) . + 2008-01-21 02:23 . 2011-09-18 12:59 75350 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-06-25 22:49 . 2011-09-18 12:59 24156 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1463916579-3978265779-3180963287-1000_UserData.bin + 2011-04-06 20:48 . 2011-04-06 20:48 11120 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll + 2011-05-17 14:08 . 2011-05-17 14:08 67920 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - 2011-04-13 02:16 . 2011-04-13 02:16 67920 c:\windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll + 2011-05-17 14:08 . 2011-05-17 14:08 53072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Culture.dll - 2010-03-18 18:27 . 2010-03-18 18:27 53072 c:\windows\Microsoft.NET\Framework64\v4.0.30319\Culture.dll + 2011-04-06 20:48 . 2011-04-06 20:48 11120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll + 2011-05-17 13:27 . 2011-05-17 13:27 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - 2011-04-12 19:11 . 2011-04-12 19:11 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll + 2011-05-17 13:27 . 2011-05-17 13:27 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll - 2010-03-18 17:16 . 2010-03-18 17:16 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll + 2011-09-17 23:13 . 2011-09-17 23:13 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll - 2011-08-17 03:01 . 2011-08-17 03:01 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll - 2011-08-17 03:01 . 2011-08-17 03:01 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll + 2011-09-17 23:13 . 2011-09-17 23:13 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll + 2011-09-17 23:13 . 2011-09-17 23:13 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll - 2011-08-17 03:01 . 2011-08-17 03:01 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2011-09-17 23:13 . 2011-09-17 23:13 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll - 2011-08-17 03:01 . 2011-08-17 03:01 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2011-09-17 23:13 . 2011-09-17 23:13 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll - 2011-08-17 03:01 . 2011-08-17 03:01 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll + 2011-09-17 23:13 . 2011-09-17 23:13 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll + 2011-09-17 23:13 . 2011-09-17 23:13 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll - 2011-08-17 03:01 . 2011-08-17 03:01 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll + 2011-09-17 23:13 . 2011-09-17 23:13 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll - 2011-08-17 03:01 . 2011-08-17 03:01 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll + 2011-09-17 23:13 . 2011-09-17 23:13 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll - 2011-08-17 03:01 . 2011-08-17 03:01 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll + 2011-09-17 23:13 . 2011-09-17 23:13 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll - 2011-08-17 03:01 . 2011-08-17 03:01 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll - 2011-08-17 03:01 . 2011-08-17 03:01 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll + 2011-09-17 23:13 . 2011-09-17 23:13 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll - 2011-08-17 03:00 . 2011-08-17 03:00 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2011-09-17 23:13 . 2011-09-17 23:13 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2011-08-17 03:01 . 2011-08-17 03:01 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll + 2011-09-17 23:13 . 2011-09-17 23:13 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll - 2011-08-17 03:01 . 2011-08-17 03:01 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2011-09-17 23:13 . 2011-09-17 23:13 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2011-09-17 23:13 . 2011-09-17 23:13 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll - 2011-08-17 03:01 . 2011-08-17 03:01 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll + 2011-09-17 23:13 . 2011-09-17 23:13 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll - 2011-08-17 03:01 . 2011-08-17 03:01 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll + 2011-09-17 23:13 . 2011-09-17 23:13 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2011-08-17 03:00 . 2011-08-17 03:00 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2011-08-17 03:01 . 2011-08-17 03:01 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2011-09-17 23:13 . 2011-09-17 23:13 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2011-09-17 23:13 . 2011-09-17 23:13 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2011-08-17 03:00 . 2011-08-17 03:00 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2011-09-17 23:13 . 2011-09-17 23:13 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2011-08-17 03:00 . 2011-08-17 03:00 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2011-09-17 23:13 . 2011-09-17 23:13 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2011-08-17 03:00 . 2011-08-17 03:00 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2011-09-17 23:12 . 2011-09-17 23:12 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2011-08-17 02:59 . 2011-08-17 02:59 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2011-09-17 23:12 . 2011-09-17 23:12 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2011-08-17 02:59 . 2011-08-17 02:59 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2011-09-16 02:41 . 2011-09-16 02:41 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe - 2011-06-17 02:14 . 2011-06-17 02:14 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe + 2010-10-31 14:39 . 2011-09-16 02:40 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe - 2010-10-31 14:39 . 2011-08-17 03:06 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe + 2010-10-31 14:39 . 2011-09-16 02:40 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe - 2010-10-31 14:39 . 2011-08-17 03:06 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe + 2010-10-31 14:39 . 2011-09-16 02:40 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe - 2010-10-31 14:39 . 2011-08-17 03:06 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe + 2011-09-18 12:51 . 2011-09-18 12:51 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\ed59e15a2a29d02c59dc383215cc85fc\System.Xml.Serialization.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\1a9bcef8abe20b3c0d53c535d680350f\System.Windows.Presentation.ni.dll + 2011-09-18 12:50 . 2011-09-18 12:50 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\0ee56d53077b281408cbf186e80ab175\System.Web.ApplicationServices.ni.dll + 2011-09-18 12:47 . 2011-09-18 12:47 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\d53f3bf7a26f69ae3ad77f6732ebf9cf\System.AddIn.Contract.ni.dll + 2011-09-18 12:43 . 2011-09-18 12:43 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\fbc331d848cf65928cc84de68eba079f\Microsoft.VisualC.ni.dll + 2011-09-18 12:30 . 2011-09-18 12:30 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\c551f53c6da4e594269e79636aef9f62\dfsvc.ni.exe + 2011-09-18 12:30 . 2011-09-18 12:30 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\28f42eb8dddc9fd54d468171a8d2461d\Accessibility.ni.dll + 2011-09-18 12:11 . 2011-09-18 12:11 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\5e66ba90ab2f24317ca76582f3ea3948\UIAutomationProvider.ni.dll + 2011-09-18 12:15 . 2011-09-18 12:15 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\c42639bd8c7c7855c4d11be1f0ccdf97\System.Windows.Presentation.ni.dll + 2011-09-18 12:15 . 2011-09-18 12:15 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\3be20b4f9e9df41aaea426041f4f410a\System.Web.ApplicationServices.ni.dll + 2011-09-18 12:14 . 2011-09-18 12:14 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3bea7a34d24b4dc1e3925b0b9bc9d45b\System.ServiceModel.Channels.ni.dll + 2011-09-18 12:12 . 2011-09-18 12:12 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\882adb9ad5e9b434ef926193f595e757\System.AddIn.Contract.ni.dll + 2011-09-18 12:10 . 2011-09-18 12:10 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\7ee890ba3e1869ab04930948df453d3f\Microsoft.VisualC.ni.dll + 2011-09-18 12:09 . 2011-09-18 12:09 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\950b5b880e8d8af1709f06b6a1a854a0\Accessibility.ni.dll + 2011-09-18 12:29 . 2011-09-18 12:29 73728 c:\windows\assembly\NativeImages_v2.0.50727_64\UIXControls\59815a45740b4a7fe61088e1914380c0\UIXControls.ni.dll - 2011-08-17 14:40 . 2011-08-17 14:40 73728 c:\windows\assembly\NativeImages_v2.0.50727_64\UIXControls\59815a45740b4a7fe61088e1914380c0\UIXControls.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\00539d6e9bd5e7456bdbc98a47ab995c\System.Windows.Presentation.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\00539d6e9bd5e7456bdbc98a47ab995c\System.Windows.Presentation.ni.dll + 2011-09-18 12:28 . 2011-09-18 12:28 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\77e310c7ad8dd72ffc2bb041cb8b2844\System.Web.DynamicData.Design.ni.dll - 2011-08-17 14:39 . 2011-08-17 14:39 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\77e310c7ad8dd72ffc2bb041cb8b2844\System.Web.DynamicData.Design.ni.dll - 2011-08-17 14:36 . 2011-08-17 14:36 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\5038a4070cfc72e23a191ab4ba38c477\stdole.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\5038a4070cfc72e23a191ab4ba38c477\stdole.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\151ac6b026e8ca585e0dfd1ce33e8ecb\PresentationFontCache.ni.exe - 2011-08-17 14:38 . 2011-08-17 14:38 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\151ac6b026e8ca585e0dfd1ce33e8ecb\PresentationFontCache.ni.exe + 2011-09-18 12:23 . 2011-09-18 12:23 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\b81308b591d239f587cc0e113d43fa35\PresentationCFFRasterizer.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\b81308b591d239f587cc0e113d43fa35\PresentationCFFRasterizer.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\ec097538108aed5ed52aace1e4579f91\Microsoft.WSMan.Runtime.ni.dll - 2011-08-17 14:37 . 2011-08-17 14:37 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\ec097538108aed5ed52aace1e4579f91\Microsoft.WSMan.Runtime.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 84480 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\ef36ca8df51d610a00df7d11ba9550ba\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll - 2011-08-17 03:06 . 2011-08-17 03:06 71680 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\e256d7fb9cb20da65fba32adb7cb786c\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 71680 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\e256d7fb9cb20da65fba32adb7cb786c\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 44544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d3f4d5c1afb36954df9c8036bc0ac5f6\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll - 2011-08-17 03:06 . 2011-08-17 03:06 44544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d3f4d5c1afb36954df9c8036bc0ac5f6\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll - 2011-08-17 03:06 . 2011-08-17 03:06 44032 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cbd4e66d5b6559ca83c3b5a6c478adb1\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 44032 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cbd4e66d5b6559ca83c3b5a6c478adb1\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll - 2011-08-17 03:06 . 2011-08-17 03:06 87040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\9a391705fd6043e4750092d4d4fab3b7\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 87040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\9a391705fd6043e4750092d4d4fab3b7\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 93696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\4d75d46f23342308197e38ae3ba2ddde\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll - 2011-08-17 03:06 . 2011-08-17 03:06 59392 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\401fed3571b1e698134e930d9cb972fc\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:25 . 2011-09-18 12:25 59392 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\401fed3571b1e698134e930d9cb972fc\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll - 2011-08-17 03:06 . 2011-08-17 03:06 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\3911010a1f29d19bb37f818a6de6a7a5\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\3911010a1f29d19bb37f818a6de6a7a5\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:24 . 2011-09-18 12:24 89088 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\0db85b93b7f76097ec4ec1cf06685ad4\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll - 2011-08-17 03:05 . 2011-08-17 03:05 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\09f46722269da16f1a6d1abbb580d7ed\Microsoft.VisualC.ni.dll + 2011-09-18 12:17 . 2011-09-18 12:17 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\09f46722269da16f1a6d1abbb580d7ed\Microsoft.VisualC.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 62464 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtCOM\8856fca280c8ecf7d1f798ed5a66dff1\ehiExtCOM.ni.dll - 2011-08-17 03:11 . 2011-08-17 03:11 62464 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtCOM\8856fca280c8ecf7d1f798ed5a66dff1\ehiExtCOM.ni.dll - 2011-08-17 14:34 . 2011-08-17 14:34 62976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtCOM\071f35122c0c83d4791f7d7a5f2ae4a1\ehExtCOM.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 62976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtCOM\071f35122c0c83d4791f7d7a5f2ae4a1\ehExtCOM.ni.dll + 2011-09-18 12:19 . 2011-09-18 12:19 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\be7de592b7f3c30299328ddff449db59\dfsvc.ni.exe - 2011-08-17 03:11 . 2011-08-17 03:11 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\be7de592b7f3c30299328ddff449db59\dfsvc.ni.exe - 2011-08-17 03:05 . 2011-08-17 03:05 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\957ce139305f26be16614e23afa899a7\Accessibility.ni.dll + 2011-09-17 23:18 . 2011-09-17 23:18 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\957ce139305f26be16614e23afa899a7\Accessibility.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a6485a160959fbed092dc2ddbed3509e\UIAutomationProvider.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a6485a160959fbed092dc2ddbed3509e\UIAutomationProvider.ni.dll - 2011-08-17 15:02 . 2011-08-17 15:02 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3b0d2893e72d3baf1e67bcdb0b8737cf\System.Windows.Presentation.ni.dll + 2011-09-18 12:08 . 2011-09-18 12:08 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3b0d2893e72d3baf1e67bcdb0b8737cf\System.Windows.Presentation.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\f02fc02350dad1da369a9c200b8ef277\System.Web.DynamicData.Design.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\f02fc02350dad1da369a9c200b8ef277\System.Web.DynamicData.Design.ni.dll - 2011-08-17 15:01 . 2011-08-17 15:01 94720 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\14f3af785d2274e29da578f74081448b\System.ComponentModel.DataAnnotations.ni.dll + 2011-09-18 12:07 . 2011-09-18 12:07 94720 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\14f3af785d2274e29da578f74081448b\System.ComponentModel.DataAnnotations.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\971463f91825692f7cd123b2a3af721b\System.AddIn.Contract.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\971463f91825692f7cd123b2a3af721b\System.AddIn.Contract.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\b350a5cb539f16b07028cfa6483ee886\PresentationFontCache.ni.exe + 2011-09-18 12:05 . 2011-09-18 12:05 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\b350a5cb539f16b07028cfa6483ee886\PresentationFontCache.ni.exe - 2011-08-17 14:58 . 2011-08-17 14:58 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\4a2a3e502cc441c97350acf5c3dacc4e\PresentationCFFRasterizer.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\4a2a3e502cc441c97350acf5c3dacc4e\PresentationCFFRasterizer.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\78704655584ce2fd27a6c39573f6f36a\napcrypt.ni.dll + 2011-09-18 12:05 . 2011-09-18 12:05 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\78704655584ce2fd27a6c39573f6f36a\napcrypt.ni.dll - 2011-08-17 15:00 . 2011-08-17 15:00 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\018450526569962d4bb24564143c50f6\Microsoft.WSMan.Runtime.ni.dll + 2011-09-18 12:04 . 2011-09-18 12:04 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\018450526569962d4bb24564143c50f6\Microsoft.WSMan.Runtime.ni.dll - 2011-08-17 14:58 . 2011-08-17 14:58 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\748a5063c67235044f516d4c2c5f090a\Microsoft.Vsa.ni.dll + 2011-09-18 12:01 . 2011-09-18 12:01 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\748a5063c67235044f516d4c2c5f090a\Microsoft.Vsa.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f5ce086e4a0fecf91f98f3b14ecd1b93\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f5ce086e4a0fecf91f98f3b14ecd1b93\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e6db1e74fcb5f7ac992933052e719551\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e6db1e74fcb5f7ac992933052e719551\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dc8097ad95b542df89764803a305a2e8\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dc8097ad95b542df89764803a305a2e8\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dad7dbd7377b7936a6bf8a9a908de6bb\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dad7dbd7377b7936a6bf8a9a908de6bb\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c6bdaf7df1d32de276408735cd17bc79\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c6bdaf7df1d32de276408735cd17bc79\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll + 2011-09-18 11:57 . 2011-09-18 11:57 84992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c249e6ea71a862ef20d5523d0ea49fcf\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll + 2011-09-18 12:04 . 2011-09-18 12:04 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\90eb4523edc693d8790de574be997ba1\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\90eb4523edc693d8790de574be997ba1\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\587d22d9d259a9301eba38bf3a0a47c9\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\587d22d9d259a9301eba38bf3a0a47c9\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3e7bbfdc6158996014989a3ff7f327d1\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:02 . 2011-09-18 12:02 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3e7bbfdc6158996014989a3ff7f327d1\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:03 . 2011-09-18 12:03 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0d7665ef711fa829ecf057aced0fbac0\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll - 2011-08-17 14:59 . 2011-08-17 14:59 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0d7665ef711fa829ecf057aced0fbac0\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll + 2011-09-18 12:04 . 2011-09-18 12:04 84992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\07792cdc34b59d61d5ffd68227252f39\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll - 2011-08-17 14:50 . 2011-08-17 14:50 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\81bc126ce60194c5af7e6d4b1b03f6c1\Microsoft.VisualC.ni.dll + 2011-09-18 11:58 . 2011-09-18 11:58 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\81bc126ce60194c5af7e6d4b1b03f6c1\Microsoft.VisualC.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9c6b098a9a7ee64cc4ff276a7babb0da\Microsoft.Build.Framework.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9c6b098a9a7ee64cc4ff276a7babb0da\Microsoft.Build.Framework.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\09f4fc8e36b2012a5f3cb0a9d23b9e20\Microsoft.Build.Framework.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\09f4fc8e36b2012a5f3cb0a9d23b9e20\Microsoft.Build.Framework.ni.dll + 2011-09-18 12:00 . 2011-09-18 12:00 57856 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\b7dc08f390f95b199da497bba999b5dc\ehiUserXp.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 57856 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\b7dc08f390f95b199da497bba999b5dc\ehiUserXp.ni.dll - 2011-08-17 14:51 . 2011-08-17 14:51 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\710e9691861b597505a63f2b29e4d7d2\dfsvc.ni.exe + 2011-09-18 11:59 . 2011-09-18 11:59 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\710e9691861b597505a63f2b29e4d7d2\dfsvc.ni.exe
-
My computer would not shut down. It will only turn off if I press the power button more than 3 seconds. Also, Adobe reader would request for an install. I would install it. Then after restart, it would request for an install again. Malwarebytes MBAM log: Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7725 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 9/16/2011 10:29:59 AM mbam-log-2011-09-16 (10-29-59).txt Scan type: Quick scan Objects scanned: 183150 Time elapsed: 15 minute(s), 44 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) OTL text: OTL logfile created on: 9/16/2011 10:15:36 AM - Run 1 OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Wayne Wagner\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.93 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 44.30% Memory free 8.04 Gb Paging File | 5.58 Gb Available in Paging File | 69.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.51 Gb Total Space | 110.41 Gb Free Space | 38.67% Space Free | Partition Type: NTFS Drive D: | 12.58 Gb Total Space | 1.28 Gb Free Space | 10.15% Space Free | Partition Type: NTFS Computer Name: WAYNEWAGNER-PC | User Name: Wayne Wagner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Wayne Wagner\Downloads\OTL.scr (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.) PRC - C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.) PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe () PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe () PRC - C:\Program Files (x86)\SMINST\BLService.exe () ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4117485024b0f652b9fbb66ff5025896\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a6d889aa69fd51c100352f23c7cebd22\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5e58f10757c91da0ac05161ca8e11e8b\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\f2d2ebc3015150594787564a55d5abe9\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\f2d2ebc3015150594787564a55d5abe9\System.EnterpriseServices.Wrapper.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\7ae4f4dbbfd301d5b5f3897b6ea433bf\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6a38f370d4e68b65106d1065d0b77067\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\180849cb54aab0bc77a229c41f967c90\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\cbe5fbb2e20534d89c0588cc05418840\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9afe86eee3ddf79c5f6cf5d85873c464\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll () MOD - C:\Windows\SysWOW64\msjetoledb40.dll () MOD - C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\ECLibrary.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (CrashPlanService) -- C:\Program Files\CrashPlan\CrashPlanService.exe (CrashPlan) SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe (Microsoft Corporation) SRV:64bit: - (WMZuneComm) -- c:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation) SRV:64bit: - (ZuneNetworkSvc) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\STacSV64.exe (IDT, Inc.) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe (Andrea Electronics Corporation) SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\Hpservice.exe (Hewlett-Packard Corporation) SRV:64bit: - (AgereModemAudio) -- C:\Windows\SysNative\agr64svc.exe (Agere Systems) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (atashost) -- C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (TVCapSvc) TV Background Capture Service (TVBCS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe () SRV - (TVSched) TV Task Scheduler (TVTS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe () SRV - (Recovery Service for Windows) -- C:\Program Files (x86)\SMINST\BLService.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.) DRV:64bit: - (IntcHdmiAddService) Intel® -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel® Corporation) DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.) DRV:64bit: - (enecir) -- C:\Windows\SysNative\DRIVERS\enecir.sys (ENE TECHNOLOGY INC.) DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation ) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation) DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys (Hewlett-Packard Corporation) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys (Agere Systems) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\DRIVERS\serscan.sys (Microsoft Corporation) DRV:64bit: - (NETw3v64) Intel® -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys (Intel Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation) DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell) DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: No CLSID value found. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: runtime@panda3d.org:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2 FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Wayne Wagner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Wayne Wagner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Wayne Wagner\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Wayne Wagner\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/03 14:48:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/08 21:08:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/04 08:49:09 | 000,000,000 | ---D | M] [2011/01/11 13:06:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/05/11 20:34:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/09/07 21:51:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/12/02 19:53:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/01/20 23:37:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} () (No name found) -- C:\USERS\WAYNE WAGNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0B9WG7O0.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}.XPI [2010/05/15 17:36:38 | 000,000,000 | ---D | M] (Panda3D Game Engine Plug-In) -- C:\USERS\WAYNE WAGNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0B9WG7O0.DEFAULT\EXTENSIONS\RUNTIME@PANDA3D.ORG [2011/09/08 21:08:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011/05/23 06:39:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml O1 HOSTS File: ([2011/09/15 22:00:12 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files (x86)\SiteRanker\SiteRank.dll (Crawler, LLC) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll File not found O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 167.206.254.2 167.206.254.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{529F36CD-FA73-44CD-A7AF-1B5A972A52DA}: DhcpNameServer = 192.168.1.1 167.206.254.2 167.206.254.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2370A83-364F-4105-905A-275EB21DFC24}: DhcpNameServer = 167.206.254.1 167.206.254.2 O18:64bit: - Protocol\Handler\avgsecuritytoolbar - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Users\Wayne Wagner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Wayne Wagner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/09/16 10:06:15 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{54F0C0D5-8BB2-4850-8956-0B127916522D} [2011/09/16 10:05:59 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{991CB3BD-4EE2-44C0-9474-DD88BD5F8C7D} [2011/09/15 22:01:03 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/09/15 22:01:03 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN [2011/09/15 21:25:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/09/15 21:25:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/09/15 21:25:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/09/15 21:25:06 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/09/15 21:25:06 | 000,000,000 | ---D | C] -- \Qoobox [2011/09/15 20:48:55 | 003,553,280 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll [2011/09/15 20:48:29 | 002,685,432 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS [2011/09/15 20:17:39 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{2B6AE6AD-0FB7-4689-831B-DBA92883F3BF} [2011/09/15 20:17:24 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{AD30860F-AEC0-4D79-B60F-E0636BF68D1E} [2011/09/15 08:06:08 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll [2011/09/15 07:45:14 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{9E1F420B-67E2-464B-9ECA-98785D86E76A} [2011/09/15 07:45:01 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{28DE3E36-DAEC-403C-8153-D321E577119A} [2011/09/13 08:20:10 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{142A6C4B-6501-420C-947F-A3E5C1C03F53} [2011/09/13 08:19:57 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{F3E738D9-40A9-49A7-98FB-583D8A7D7ED2} [2011/09/12 20:19:10 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{2C981927-0C38-4490-A4E3-86650EAFBC5E} [2011/09/12 20:18:51 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{AAA8F85B-E477-431B-A1F2-F4A9D83405FB} [2011/09/11 09:15:41 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{CD1A7517-DAF9-48F5-8537-8C13370287B3} [2011/09/11 09:15:00 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{5EE2974A-69FB-43A0-86DF-069FEB1D5323} [2011/09/10 15:37:25 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{956C72E8-230A-4196-8FA7-69B78A3D6092} [2011/09/10 15:37:11 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{B877ABA4-1842-48CC-897F-9AB80F4550AA} [2011/09/08 20:16:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{A8671E86-E5D5-469A-937D-5460EF1F5623} [2011/09/08 20:16:38 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8BAFDDC9-305E-462C-AE04-4A398DCD3B6E} [2011/09/08 08:09:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{0F4F544F-9D12-4D38-9BA5-83AE8B01E786} [2011/09/08 08:09:37 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{0D1F9A44-34DD-4460-811F-32FFD0134EDD} [2011/09/06 21:08:01 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{D77B1119-8CBE-4920-8A1B-D1F51C92C19B} [2011/09/06 21:07:41 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8B869901-0C93-400D-AD92-32FE2F8DE134} [2011/09/06 08:36:28 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{2A7D4682-FE9C-40BB-9F6B-4A706068A2DD} [2011/09/06 08:36:15 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{770FFAA8-E44B-47BF-8658-66661F169EAE} [2011/09/05 20:35:41 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{142E2FDA-26FC-4EE1-BAD4-AA81A427C23A} [2011/09/05 08:35:12 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8BCCB06A-8449-4708-A519-36271E982ED3} [2011/09/05 08:34:59 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{AEB649FD-A761-4303-A666-0982AF42C413} [2011/09/04 20:34:11 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{98695C13-74E9-4170-A372-F8B2C230C6B6} [2011/09/04 20:33:25 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{184E568F-8B63-4115-A327-1E2939C3D293} [2011/09/04 08:24:09 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8B807566-38C2-4BE2-9764-9516DB4557CA} [2011/09/04 08:23:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{4AAF2909-7970-4603-B35C-0010C186D09E} [2011/09/03 15:27:29 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{1FD261FB-6E73-419E-A610-D66E9972F1BC} [2011/09/03 15:27:13 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8FB29E94-13D2-4289-AE8B-007CA53A59B9} [2011/09/01 21:26:11 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{2DDE5E99-1AB3-43F9-8A75-CEEF1C7EA1A0} [2011/09/01 21:25:21 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{7F73F182-1126-42BF-9311-B4FE780EACE0} [2011/09/01 07:58:34 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{854D5223-67A6-4375-BC3D-EA83F989E2E8} [2011/09/01 07:58:19 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{3960B3E3-DD2A-47CC-B1A0-E911825B5504} [2011/08/31 18:40:03 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{656A631A-1CFC-40D1-874C-D14179ACD56C} [2011/08/31 18:39:48 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{BA0C3CF1-9D0C-4E06-800C-61984F3BA65D} [2011/08/30 20:00:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{8CCC98B6-6FC4-485A-9CE6-4D35FE078F1C} [2011/08/30 20:00:39 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{47202C4A-4FD9-4D6B-BD3F-BECD82F93B74} [2011/08/30 07:59:56 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{339416B4-6C20-42E3-BB90-F41350FD8611} [2011/08/30 07:59:23 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{3AF33E5D-B8A0-4E6A-B4A6-8D911595232E} [2011/08/29 13:42:35 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{7BB87FE5-A806-4CA1-9342-B5177282517D} [2011/08/29 09:47:12 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{30592DDF-12D3-4BE0-B290-549EB5A2B78D} [2011/08/28 07:57:16 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{EDA08DB6-BEAB-430C-8813-AF3498A61905} [2011/08/28 07:57:00 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{304846A3-2493-47D9-AC06-BE44D6543804} [2011/08/27 13:34:52 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{3C602512-4630-482D-9A93-BAEB218782C5} [2011/08/27 13:34:34 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{26D4CBB2-7223-4836-9F8E-1B871CA591D9} [2011/08/26 22:12:44 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{F3C91668-E0A6-43D8-A6BE-E6592A14D62C} [2011/08/26 22:12:27 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{DA5022EA-E336-4A28-9E19-58927DA0C672} [2011/08/25 20:55:58 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{42AD7E05-8A59-4E6B-A756-BD215C7CC861} [2011/08/25 20:55:43 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{EFA63CB0-3FCA-4A4E-908C-A5A470712C58} [2011/08/25 08:54:54 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{C2A0DFA3-4A53-4AF4-987A-639769C6804C} [2011/08/25 08:54:35 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{4F6093E9-7147-4F57-A276-00CAC7AC23A9} [2011/08/23 20:23:45 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{C1C372B4-B119-4565-9CF3-4F69BD1F3C10} [2011/08/23 20:23:26 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{16F9E335-2B86-4FAB-865F-5B9B1322A0E7} [2011/08/23 08:21:56 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{78FE8580-1B90-4706-9EE1-7D9D3A13A4F6} [2011/08/23 08:21:41 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{F33C3259-7B6E-4CAD-926A-623DD4BF2AB0} [2011/08/21 08:36:09 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{6EDB7537-5DA9-40EB-B6C6-32D60CC704FA} [2011/08/21 08:35:53 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{62919326-C6C4-423E-BD05-51471CC8594A} [2011/08/20 13:43:36 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{FE275EB6-FC6D-47C5-B433-99D316F213BC} [2011/08/20 13:43:10 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{D3ECF886-0074-4F9D-B75E-49DF147C7E13} [2011/08/18 20:17:12 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{1631EC47-2594-4B02-85D0-70374C79F5D2} [2011/08/18 20:16:55 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{EBEAB14E-484A-4BDE-9FBB-2E6E9A35158A} [2011/08/18 07:57:21 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{FE6DBF06-F325-4E7F-AE0E-042A378FB99B} [2011/08/18 07:57:05 | 000,000,000 | ---D | C] -- C:\Users\Wayne Wagner\AppData\Local\{D06C9E63-E397-4C67-9EE6-7172FFCF7277} ========== Files - Modified Within 30 Days ========== [2011/09/16 10:04:09 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/09/16 10:04:08 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/09/16 10:03:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/09/16 10:03:30 | 4222,820,352 | -HS- | M] () -- C:\hiberfil.sys [2011/09/15 22:00:12 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/09/15 21:15:25 | 000,726,428 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/09/15 21:15:25 | 000,619,512 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/09/15 21:15:25 | 000,111,140 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/09/15 21:08:39 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWayne Wagner.job [2011/09/15 20:56:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1463916579-3978265779-3180963287-1000UA.job [2011/09/15 20:52:02 | 000,997,978 | ---- | M] () -- C:\Windows\SysNative\oem32.inf [2011/09/15 20:46:18 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll [2011/09/15 20:46:11 | 002,685,432 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS [2011/09/15 20:46:11 | 000,095,472 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll [2011/09/15 20:46:08 | 003,888,640 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll [2011/09/15 20:46:08 | 003,553,280 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll [2011/09/13 12:54:48 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI [2011/09/06 11:18:50 | 000,124,416 | ---- | M] () -- C:\Users\Wayne Wagner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/08/31 19:58:27 | 000,002,637 | ---- | M] () -- C:\Users\Wayne Wagner\Desktop\Microsoft Word 2010.lnk [2011/08/29 10:38:40 | 000,237,836 | ---- | M] () -- C:\Users\Wayne Wagner\Documents\david celis inital C4.pdf [2011/08/28 10:29:54 | 024,256,302 | ---- | M] () -- C:\Users\Wayne Wagner\angelica letter.bmp [2011/08/19 05:56:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1463916579-3978265779-3180963287-1000Core.job ========== Files Created - No Company Name ========== [2011/09/15 21:25:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011/09/15 21:25:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011/09/15 21:25:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/09/15 21:25:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/09/15 21:25:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/09/15 20:52:37 | 000,997,978 | ---- | C] () -- C:\Windows\SysNative\oem32.inf [2011/09/15 20:49:20 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll [2011/09/15 20:25:56 | 000,000,362 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForWayne Wagner.job [2011/08/29 15:13:50 | 024,256,302 | ---- | C] () -- C:\Users\Wayne Wagner\angelica letter.bmp [2011/08/29 10:26:11 | 000,237,836 | ---- | C] () -- C:\Users\Wayne Wagner\Documents\david celis inital C4.pdf [2011/05/05 14:40:56 | 4222,820,352 | -HS- | C] () -- \hiberfil.sys [2010/11/28 17:00:15 | 000,000,552 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\d3d8caps.dat [2010/09/18 23:56:13 | 000,000,100 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\fusioncache.dat [2010/09/18 23:54:46 | 000,741,432 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/07/31 22:07:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/09 08:59:21 | 000,000,000 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\prvlcl.dat [2010/03/23 16:23:51 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010/03/23 16:21:30 | 000,000,233 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2010/03/23 16:21:30 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini [2010/03/23 15:37:11 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL [2010/03/23 15:37:11 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI [2010/03/23 15:37:10 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2010/03/23 15:37:10 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2010/03/23 15:37:08 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2010/03/23 15:28:05 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini [2010/03/18 08:43:44 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2010/03/18 08:43:01 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010/03/18 08:42:19 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2010/03/11 22:06:47 | 000,000,732 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\d3d9caps64.dat [2009/09/12 21:17:43 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat [2009/07/24 08:51:31 | 000,000,405 | ---- | C] () -- C:\Windows\Lexstat.ini [2009/06/28 09:27:01 | 000,006,080 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\d3d9caps.dat [2009/06/25 22:28:03 | 000,124,416 | ---- | C] () -- C:\Users\Wayne Wagner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/06/25 21:42:49 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2009/01/13 12:35:00 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2008/10/28 04:32:24 | 002,026,604 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2008/10/28 04:32:24 | 000,445,796 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2008/10/28 04:32:24 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin [2008/06/09 02:01:12 | 000,333,257 | RHS- | C] () -- \bootmgr [2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2006/12/02 03:37:14 | 000,904,704 | ---- | C] () -- \msdia80.dll [2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin ========== LOP Check ========== [2011/09/15 22:41:13 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:09B199F1 < End of report > Extras.txt OTL Extras logfile created on: 9/16/2011 10:15:36 AM - Run 1 OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Wayne Wagner\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.93 Gb Total Physical Memory | 1.74 Gb Available Physical Memory | 44.30% Memory free 8.04 Gb Paging File | 5.58 Gb Available in Paging File | 69.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.51 Gb Total Space | 110.41 Gb Free Space | 38.67% Space Free | Partition Type: NTFS Drive D: | 12.58 Gb Total Space | 1.28 Gb Free Space | 10.15% Space Free | Partition Type: NTFS Computer Name: WAYNEWAGNER-PC | User Name: Wayne Wagner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = 41 10 4C 46 74 C8 CA 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00AA720B-85F7-483C-AD2B-D640AF4F2D81}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe | "{2494CCF5-4F7F-4233-B0F7-28E52F8AEC9A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{2903601D-C078-4D15-A642-6E6E38C284FA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{56D84CF9-B0AB-4F09-96B2-2A366480B938}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe | "{59520B26-62C5-4CC6-9377-39396C2B4086}" = rport=10243 | protocol=6 | dir=out | app=system | "{636E4FD3-CDE2-4897-8DA4-882CB0FB52D9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{64E06C58-CD1A-4B51-B3EE-B91B56B0D4B8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{710E8A0B-A078-420B-9D4A-417519AECFD7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{7E9CE439-199A-4F05-AD4D-06D5128669A4}" = lport=10243 | protocol=6 | dir=in | app=system | "{7FC8BAD5-369F-418F-9248-DF762953A69B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{881411BB-1D6A-416B-BF03-AFCFF5B63047}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{88520AA0-1FEF-4478-B34C-F60DE37FA7E9}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{905DA55A-FFE5-4B1A-933A-5F186111357E}" = lport=54925 | protocol=17 | dir=in | name=brother network scanner | "{9512CC1C-80E4-4D78-9AA1-C00810966CA8}" = lport=2869 | protocol=6 | dir=in | app=system | "{97EFC8F2-EA6F-497D-9E5C-9DDDB1679C92}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe | "{A7A56150-D466-4AA7-954A-8787EC0DB288}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{B4002D89-858F-4792-868F-A22A9E598D87}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B92BF8E4-9095-4E36-8899-44E824A239F7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CC789F8A-4DCD-414C-939E-9FBD26144F7F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D5ED12DC-A2FD-4089-90F7-0F8E439D3398}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe | "{EB7076E5-69AB-4C15-AF33-A219F159321B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01260288-05A2-44BB-8F92-08AD367D6E81}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | "{03B45BBA-C51D-4B00-9621-3A39F5F1344A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{05C05FEA-B45B-47B4-8E9E-5F385452657D}" = protocol=17 | dir=in | app=%programfiles%\zune\zunenss.exe | "{073D953A-29A7-4970-83FD-C2825B35792A}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | "{09FF6B69-5F45-449B-8BE9-C0DE2E2DE945}" = protocol=17 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe | "{110D266C-28ED-4EDE-B202-B92ADF067079}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{194F79A3-522F-46AD-BB23-462D16D2C30E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{282FD8D9-9529-4ADA-A415-E70CA6CE2265}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | "{2C26D412-83D5-4F75-9A7F-4E4A0424E160}" = protocol=6 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe | "{3940A3EF-9C2D-4329-B2CA-112374C08B2D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{40062E21-DC4F-427E-A9D7-938A5DCB3788}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{4324B573-1A52-48F3-B867-F24FC98417E5}" = protocol=17 | dir=in | app=c:\program files\crashplan\crashplanservice.exe | "{45F8B889-F419-48A7-8F2D-B02B7CA927FB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{47B535CA-6DDB-4A62-8B91-5F5B3C30A4C1}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | "{48C7C957-5DF5-46E6-8706-8F2A9F8853D4}" = protocol=17 | dir=in | app=c:\program files (x86)\windows media player\wmplayer.exe | "{50E37968-E04D-48AA-8F5A-A1800FC7CE17}" = protocol=6 | dir=out | app=%programfiles%\zune\zunenss.exe | "{6AB6C47F-51E0-4437-806B-2B2EF78572B5}" = protocol=6 | dir=out | app=system | "{707DCE4D-533A-4ECF-9724-CDAF33AE483B}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | "{859D0B40-1BC5-4BFF-8DB4-8AE5810A2DBA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{8A3C59C0-9BB2-4862-B33D-BE8397BD27B6}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{8B492EAF-609B-48C4-B2C8-42F39A99A2F2}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | "{929B5132-2317-44C9-93BB-9FEEBBF7B0BF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{93553F53-17B3-47FC-9CE5-D0DDE6D6D57A}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl08i\faxrx.exe | "{96FB22F8-8906-4865-82A0-8CB2007005DA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{9781B68A-01ED-426F-B074-79A17DACF115}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{ADF93BE0-C65D-4D59-B8C7-4E3C66C49011}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{B5C5FAFF-7C3D-4BFA-91C1-1393FB3F2372}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl08i\faxrx.exe | "{B9D801FE-6C54-45AE-BF87-B64C56112846}" = protocol=17 | dir=out | app=%programfiles%\zune\zunenss.exe | "{C44FDEB9-346D-4D75-ADD6-5FA3ECBCECA1}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{CE73174F-1406-439C-8A68-8D4B18D403D2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DE9BD535-A8CC-4322-97C0-1A3B300F62A2}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{DF4F1CD0-F06A-4B01-B06B-DFD3A4B7307F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{E4A32409-99B1-4A17-9F56-1FC864D93559}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{E8B1B58F-2EF7-4944-BCC5-CD143F1B09C1}" = protocol=6 | dir=in | app=c:\program files\crashplan\crashplanservice.exe | "{EC8745DD-2D7D-4DFB-BDBB-7BC38867AFD5}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | "{EFEB3174-5661-46C0-BABE-1CD7EBAC9B0D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{F736A7A0-9514-4842-A1B1-33060B5759F1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{FA663470-C556-4163-8336-59B22B6C0406}" = protocol=6 | dir=in | app=%programfiles%\zune\zunenss.exe | "{FA9FEB69-7390-4416-89E0-AD737E8ED57E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "TCP Query User{3784C76A-CCDB-488F-B0AF-8382388AEF6B}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe | "TCP Query User{5F1FEAA0-295F-4F0D-BCC9-EE4A09450CDB}F:\techwizard.exe" = protocol=6 | dir=in | app=f:\techwizard.exe | "TCP Query User{99614AAF-EEE3-4309-A3E6-94B251B257D0}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "TCP Query User{A60ECB96-B6F8-4C9F-8835-DAC4813A7305}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe | "TCP Query User{E0724F9B-AF95-4788-A2BE-E4E094F4E647}C:\program files\sports medicine\safran\jvm\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\sports medicine\safran\jvm\bin\java.exe | "UDP Query User{2C0F379C-1136-4851-9444-8C8970562404}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe | "UDP Query User{4625A3EC-BE05-41EB-9E1D-702017FABD41}C:\program files\sports medicine\safran\jvm\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\sports medicine\safran\jvm\bin\java.exe | "UDP Query User{50DA3A67-85A9-4CD3-A7E6-D9D7E26A45B2}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe | "UDP Query User{9D1EDBEC-68C5-403E-A498-484C519548DA}F:\techwizard.exe" = protocol=17 | dir=in | app=f:\techwizard.exe | "UDP Query User{DFDA6E14-6081-4EEC-8723-C3D316C7AEBE}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB) "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component "{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection "{39107B20-EA1C-4974-881C-607300BB3C99}" = MobileMe Control Panel "{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client "{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD) "{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP) "{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU) "{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA) "{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA) "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F738120D-8C78-4F79-9E1B-CA4527B9837A}" = CrashPlan "07B260955637F1FF7587ED2AA87459040DD09BF7" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) "Agere Systems Soft Modem" = Agere Systems HDA Modem "Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter "C62C7F8B4DBDBBC3DA11788634DAE156425CCA10" = Windows Driver Package - OEM (mr7911) Image (05/27/2008 1.0.0.0) "HDMI" = Intel® Graphics Media Accelerator Driver "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "SynTPDeinstKey" = Synaptics Pointing Device Driver "Zune" = Zune UNABLE TO POST ALL BECAUSE OF THE CHARACTER RESTRICTIONS. I AM ATTACHING FILE LOGS. Document.txt
-
The start up and shut down is much faster. I don't see any problems now. I think you were able to fix all the problems. Thank you very much!