kl3zero

New Thread infected

42 posts in this topic

My old thread was locked after being asked to re-run dds. the log is below

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514

Run by Kenny at 13:57:33 on 2012-04-18

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8154.4162 [GMT -4:00]

.

AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}

FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe

C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe

C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe

C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe

C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe

C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Razer\DeathAdder\razertra.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe

C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe

C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe

C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\splwow64.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskhost.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Kenny\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe

mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe

mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMLDEV~1.LNK - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

TCP: DhcpNameServer = 10.0.0.1

TCP: Interfaces\{2974AF31-68DF-4051-BABA-F4087719B278} : DhcpNameServer = 66.174.71.33 66.174.95.44

TCP: Interfaces\{9ED96CBE-0163-45C5-809A-A0E5A6B66958} : DhcpNameServer = 10.0.0.1

TCP: Interfaces\{A03277DF-EED8-4D24-AFEF-EAB28DD7C192} : DhcpNameServer = 66.174.71.33 66.174.95.44

TCP: Interfaces\{DFA93078-DA54-4FEA-97A3-023C28C93E97} : DhcpNameServer = 66.174.71.33 66.174.95.44

TCP: Interfaces\{F6686C60-CCA2-4D94-A745-DE3A04C9C75D} : DhcpNameServer = 66.174.71.33 66.174.95.44

TCP: Interfaces\{FD69F637-1584-4D1F-B07B-985014FB3416} : DhcpNameServer = 66.174.71.33 66.174.95.44

TCP: Interfaces\{FDF64BEE-96CD-49CC-893D-6943F3AE1C50} : DhcpNameServer = 66.174.71.33 66.174.95.44

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO-X64: AMD SteadyVideo BHO - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

mRun-x64: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

mRun-x64: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe

mRun-x64: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe

mRun-x64: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\system32\DRIVERS\AiChargerPlus.sys --> C:\Windows\system32\DRIVERS\AiChargerPlus.sys [?]

R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]

R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]

R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 TsVp;TsVp;C:\Windows\system32\DRIVERS\tsvp.sys --> C:\Windows\system32\DRIVERS\tsvp.sys [?]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-2-14 361984]

R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]

R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144]

R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-1 915584]

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-9-16 586880]

R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]

R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]

R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-9-22 974944]

R2 epfwwfpr;epfwwfpr;C:\Windows\system32\DRIVERS\epfwwfpr.sys --> C:\Windows\system32\DRIVERS\epfwwfpr.sys [?]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-18 652360]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-21 1153368]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]

R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 danewFltr;NewDeathAdder Mouse;C:\Windows\system32\drivers\danew.sys --> C:\Windows\system32\drivers\danew.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-8-27 156288]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]

R3 VKbms;Virtual HID Minidriver;C:\Windows\system32\DRIVERS\VKbms.sys --> C:\Windows\system32\DRIVERS\VKbms.sys [?]

S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-12 116648]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-10 253088]

S3 CV2K1;CommView Network Monitor;C:\Windows\system32\DRIVERS\cv2k1.sys --> C:\Windows\system32\DRIVERS\cv2k1.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-12 116648]

S3 htcusbnet;HTC USB-NDIS miniport;C:\Windows\system32\DRIVERS\htcusbnet.sys --> C:\Windows\system32\DRIVERS\htcusbnet.sys [?]

S3 Ma1FL;Mayflash 2801 Filter Service;C:\Windows\system32\Drivers\Ma1FL.sys --> C:\Windows\system32\Drivers\Ma1FL.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-9-16 30963576]

S3 SAlphamHid;SteelHIDSvc;C:\Windows\system32\DRIVERS\SAlpham64.sys --> C:\Windows\system32\DRIVERS\SAlpham64.sys [?]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted --> C:\Windows\System32\svchost.exe [?]

S3 tap0801;TAP-Win32 Adapter V8;C:\Windows\system32\DRIVERS\tap0801.sys --> C:\Windows\system32\DRIVERS\tap0801.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsVlb;TsVlb;C:\Windows\system32\DRIVERS\tsvlb.sys --> C:\Windows\system32\DRIVERS\tsvlb.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]

S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]

.

=============== Created Last 30 ================

.

2012-04-17 15:29:35 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1BB1642D-1C1F-4FA8-9B71-6805C8BEC389}\mpengine.dll

2012-04-14 00:31:17 -------- d-----w- C:\Program Files (x86)\Diablo III Beta

2012-04-13 22:52:13 -------- d-----w- C:\ProgramData\Battle.net

2012-04-11 15:10:22 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-04-11 15:10:21 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-04-11 15:10:20 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-04-11 07:20:13 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2012-04-11 07:20:13 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-04-11 07:20:12 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-04-11 07:20:12 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-04-11 07:20:12 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-04-11 07:20:12 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-04-11 07:20:12 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-04-11 03:22:13 8741536 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-04-11 02:29:12 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-04-11 01:56:19 -------- d-sh--w- C:\$RECYCLE.BIN

2012-04-08 19:40:06 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-04-08 19:40:03 8669240 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll

2012-03-29 22:46:47 -------- d-----w- C:\Users\Kenny\AppData\Local\QuickSFV

2012-03-21 23:15:03 -------- d-----w- C:\ProgramData\Kaspersky Lab

2012-03-21 18:19:55 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-03-21 16:36:54 -------- d-----w- C:\Program Files (x86)\AMD AVT

2012-03-21 16:36:51 -------- d-----w- C:\Program Files\AMD

2012-03-21 16:36:51 -------- d-----w- C:\Program Files (x86)\AMD

2012-03-21 16:31:45 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-03-21 16:31:41 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-21 16:31:40 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-21 16:30:48 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-21 16:30:48 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-21 16:30:48 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-21 16:30:47 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-21 16:30:47 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-03-21 16:30:47 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-21 16:30:47 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

.

==================== Find3M ====================

.

2012-04-14 18:22:05 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-03-11 21:13:41 43248 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys

2012-03-11 21:13:40 577824 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys

2012-03-11 21:13:38 22696 ----a-w- C:\Windows\System32\drivers\cmderd.sys

2012-03-11 21:13:20 41200 ----a-w- C:\Windows\System32\cmdcsr.dll

2012-03-11 21:13:18 301224 ----a-w- C:\Windows\SysWow64\guard32.dll

2012-03-11 21:13:17 389840 ----a-w- C:\Windows\System32\guard64.dll

2012-02-28 06:39:37 1188864 ----a-w- C:\Windows\System32\wininet.dll

2012-02-28 05:38:52 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 04:31:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2012-02-28 03:52:27 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-02-26 23:55:03 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-02-26 23:55:03 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll

2012-02-26 23:55:03 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll

2012-02-23 14:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-02-15 03:48:32 10856960 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2012-02-15 03:21:24 25839104 ----a-w- C:\Windows\System32\atio6axx.dll

2012-02-15 03:18:56 159744 ----a-w- C:\Windows\System32\atiapfxx.exe

2012-02-15 03:18:40 791040 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2012-02-15 03:17:04 957952 ----a-w- C:\Windows\System32\aticfx64.dll

2012-02-15 03:13:56 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2012-02-15 03:13:40 496128 ----a-w- C:\Windows\System32\atieclxx.exe

2012-02-15 03:13:00 235520 ----a-w- C:\Windows\System32\atiesrxx.exe

2012-02-15 03:11:42 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2012-02-15 03:10:58 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2012-02-15 03:10:54 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2012-02-15 03:10:48 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2012-02-15 03:07:44 6200320 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2012-02-15 02:58:56 19392000 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2012-02-15 02:52:28 7646208 ----a-w- C:\Windows\System32\atidxx64.dll

2012-02-15 02:41:28 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll

2012-02-15 02:40:54 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll

2012-02-15 02:40:42 4958208 ----a-w- C:\Windows\System32\atiumd6a.dll

2012-02-15 02:34:56 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2012-02-15 02:34:54 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2012-02-15 02:34:46 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2012-02-15 02:34:44 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2012-02-15 02:34:36 5954048 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2012-02-15 02:34:30 13859840 ----a-w- C:\Windows\System32\aticaldd64.dll

2012-02-15 02:29:52 5062656 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2012-02-15 02:29:50 11561984 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2012-02-15 02:25:06 7551488 ----a-w- C:\Windows\System32\atiumd64.dll

2012-02-15 02:16:38 58880 ----a-w- C:\Windows\System32\coinst.dll

2012-02-15 02:14:00 512000 ----a-w- C:\Windows\System32\atiadlxx.dll

2012-02-15 02:13:50 356352 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2012-02-15 02:13:36 17408 ----a-w- C:\Windows\System32\atig6pxx.dll

2012-02-15 02:13:32 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2012-02-15 02:13:32 14336 ----a-w- C:\Windows\System32\atiglpxx.dll

2012-02-15 02:13:28 39936 ----a-w- C:\Windows\System32\atig6txx.dll

2012-02-15 02:13:20 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2012-02-15 02:13:12 327680 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2012-02-15 02:12:22 43008 ----a-w- C:\Windows\System32\atiuxp64.dll

2012-02-15 02:12:14 33280 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2012-02-15 02:12:08 39936 ----a-w- C:\Windows\System32\atiu9p64.dll

2012-02-15 02:12:00 30208 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2012-02-15 02:11:22 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2012-02-15 02:11:16 54784 ----a-w- C:\Windows\System32\atimpc64.dll

2012-02-15 02:11:16 54784 ----a-w- C:\Windows\System32\amdpcom64.dll

2012-02-15 02:11:10 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2012-02-15 02:11:10 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2012-02-15 02:05:32 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll

2012-02-15 02:05:26 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2012-02-15 02:05:20 61952 ----a-w- C:\Windows\System32\OVDecode64.dll

2012-02-15 02:05:16 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2012-02-15 02:05:08 16507904 ----a-w- C:\Windows\System32\amdocl64.dll

2012-02-15 02:04:26 13238272 ----a-w- C:\Windows\SysWow64\amdocl.dll

2012-02-15 02:03:44 54272 ----a-w- C:\Windows\System32\OpenCL.dll

2012-02-15 02:03:38 48128 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2012-01-31 10:02:26 21504 ----a-w- C:\Windows\System32\kdbsdk64.dll

2012-01-31 10:00:24 16896 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll

2012-01-25 04:23:21 36864 ----a-w- C:\Windows\SysWow64\maplec.dll

2012-01-25 04:23:21 147456 ----a-w- C:\Windows\SysWow64\WMIMPLEX.dll

.

============= FINISH: 13:58:32.42 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 9/16/2011 2:12:25 PM

System Uptime: 4/14/2012 12:56:15 PM (97 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | M5A97

Processor: AMD Phenom II X6 1055T Processor | AM3r2 | 3258/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 687 GiB total, 280.672 GiB free.

D: is FIXED (NTFS) - 244 GiB total, 243.91 GiB free.

E: is CDROM (CDFS)

G: is CDROM ()

H: is FIXED (FAT32) - 596 GiB total, 28.39 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP168: 4/10/2012 6:58:56 PM - Windows Update

RP171: 4/11/2012 11:07:47 AM - Windows Update

RP172: 4/17/2012 11:29:03 AM - Windows Update

.

==== Installed Programs ======================

.

µTorrent

Acrobat.com

Adobe AIR

Adobe Reader 9.1

Adobe Shockwave Player 11.6

AI Suite II

AMD VISION Engine Control Center

Apple Application Support

Apple Software Update

Asmedia ASM104x USB 3.0 Host Controller Driver

Bitcoin

Browser Configuration Utility

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CommView

Comodo Dragon

COMODO GeekBuddy

Curse Client

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Diablo III Beta

Dolby Axon - 1.4.0.2

Dota 2

Empire: Total War

eReg

ESET Online Scanner v3

FileZilla Client 3.5.3

FL Studio 9

GOM Player

GOMTV Streamer

Google Chrome

Google Earth Plug-in

Google Update Helper

Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054)

HydraVision

Java Auto Updater

Java 6 Update 30

League of Legends

Live 8.1.1

Malwarebytes Anti-Malware version 1.60.1.1000

Maple 11

Mayflash Arcade Stick Driver Version Ver.1.02

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2008 Browser

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft Visual Basic 6.0 Enterprise Edition

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 Express - ENU

Microsoft Web Publishing Wizard 1.53

Mozilla Firefox 9.0.1 (x86 en-US)

MSVCRT

Napoleon: Total War

Native Instruments Massive v1.0.1.008 VSTi DXi RTAS

No-IP DUC

OpenVPN 2.1_rc22

Pando Media Booster

Plants vs. Zombies: Game of the Year

QuickTime

Razer BlackWidow Ultimate

Razer DeathAdder Mouse

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

rgcAudio z3ta Plus v1.40

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Visual C++ 2010 Express - ENU (KB2251489)

Spybot - Search & Destroy

Star Wars: The Old Republic

Steam

Super Street Fighter IV: Arcade Edition

swMSM

The Elder Scrolls V: Skyrim

Total War: SHOGUN 2

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553092)

VLC media player 2.0.1

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Upload Tool

WinPcap 4.1.2

WModem Driver Installer

XBSlink

XSplit

.

==== Event Viewer Messages From Past Week ========

.

4/14/2012 12:53:06 PM, Error: Service Control Manager [7000] - The AODDriver4.1 service failed to start due to the following error: The system cannot find the file specified.

4/13/2012 7:43:40 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1005] - Unable to produce a minidump file from the full dump file.

4/13/2012 7:43:40 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xffffffffc0000005, 0xfffffa80136b77a0, 0xfffff8800ec3a8e8, 0xfffff8800ec3a140). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .

4/13/2012 11:03:31 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR5.

4/13/2012 11:02:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.

4/13/2012 10:30:00 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

4/13/2012 10:29:58 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.

4/11/2012 6:43:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000000, 0x0000000000000002, 0x0000000000000008, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041112-14960-01.

4/11/2012 1:18:50 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000000, 0x0000000000000002, 0x0000000000000008, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041112-14242-01.

4/11/2012 1:02:02 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom4.

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Uninstall µTorrent and let me know what issues you're still having

Share this post


Link to post
Share on other sites

uninstalled last night still had the problem today. Something i have noticed in Comodo Firewall a program called svchost.exe will try to connect to my computer if i allow it the mouse clicking etc starts almost immediately after. If i deny it, it seems to shut out whoever is causing the clicks to happen., The problem is Comodo does not always ask as it will sometimes start happening with no alert form the firewall at all. Also i have continued to deny the request every time asked which has made the intrusions less but not gone.

Share this post


Link to post
Share on other sites

Uninstall Comodo Firewall and let me know what happens.

You can use Windows Firewall in the mean time.

Share this post


Link to post
Share on other sites

Unless you tell me, I won't know if that fixed the issue or not.

Share this post


Link to post
Share on other sites

i will update after a bit. It is not as if there is constant clicking it seems as though there is someone else controlling the clicks thus only happening at there will.

Share this post


Link to post
Share on other sites

yes still happening and will not stop now with out the firewall

Share this post


Link to post
Share on other sites

Please do not attach the scan results from Combofx. Use copy/paste.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  • Double click on ComboFix.exe & follow the prompts.
    Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
    Note: If you have XP SP3, use the XP SP2 package.
    If Vista or Windows 7, skip the Recovery Console part
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

Share this post


Link to post
Share on other sites

ComboFix 12-04-19.01 - Kenny 04/19/2012 17:44:58.4.6 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8154.6413 [GMT -4:00]

Running from: c:\users\Kenny\Desktop\ComboFix.exe

AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-03-19 to 2012-04-19 )))))))))))))))))))))))))))))))

.

.

2012-04-19 21:51 . 2012-04-19 21:51 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-04-19 21:51 . 2012-04-19 21:51 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-04-19 21:18 . 2012-04-19 21:19 -------- d-----w- c:\users\Kenny\AppData\Roaming\Stardock

2012-04-19 21:18 . 2012-04-19 21:18 -------- d-----w- c:\programdata\Gibraltar

2012-04-19 21:18 . 2012-04-19 21:18 -------- d-----w- c:\program files (x86)\Impulse

2012-04-19 21:18 . 2012-04-19 21:18 -------- d-----w- c:\programdata\Stardock

2012-04-19 21:18 . 2012-04-19 21:18 -------- dc-h--w- c:\programdata\{EB424B13-2E57-4A45-936F-A4DFB6DB1688}

2012-04-19 21:18 . 2012-04-19 21:18 -------- d-----w- c:\users\Kenny\AppData\Local\PackageAware

2012-04-19 20:15 . 2012-04-19 20:17 -------- d-----w- c:\users\Kenny\AppData\Local\TERA-Diagnostic

2012-04-19 20:13 . 2012-04-19 20:15 -------- d-----w- c:\program files (x86)\TERA

2012-04-19 20:13 . 2012-04-19 20:14 -------- d-----w- c:\users\Kenny\AppData\Local\TERA

2012-04-17 15:29 . 2012-03-20 07:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1BB1642D-1C1F-4FA8-9B71-6805C8BEC389}\mpengine.dll

2012-04-14 00:31 . 2012-04-15 00:29 -------- d-----w- c:\program files (x86)\Diablo III Beta

2012-04-13 22:52 . 2012-04-13 22:52 -------- d-----w- c:\programdata\Battle.net

2012-04-12 22:02 . 2012-04-12 22:03 -------- d-----w- c:\program files (x86)\Google

2012-04-11 15:10 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-11 15:10 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-04-11 15:10 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-04-11 07:20 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-04-11 07:20 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-04-11 07:20 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-04-11 07:20 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-04-11 07:20 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-04-11 07:20 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-04-11 07:20 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-04-11 03:22 . 2012-04-14 18:22 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-04-11 02:29 . 2012-04-14 18:22 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-03-30 02:28 . 2012-03-30 02:28 -------- d-----w- c:\users\Kenny\AppData\Roaming\ImgBurn

2012-03-30 00:43 . 2012-04-03 05:46 -------- d-----w- c:\program files (x86)\ImgBurn

2012-03-29 22:46 . 2012-03-29 22:46 -------- d-----w- c:\users\Kenny\AppData\Local\QuickSFV

2012-03-21 23:15 . 2012-03-21 23:15 -------- d-----w- c:\programdata\Kaspersky Lab

2012-03-21 18:19 . 2012-03-21 18:19 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-03-21 16:42 . 2012-03-21 16:42 -------- d-----w- c:\programdata\ATI

2012-03-21 16:36 . 2012-03-21 16:36 -------- d-----w- c:\program files (x86)\AMD AVT

2012-03-21 16:36 . 2012-03-21 16:36 -------- d-----w- c:\program files\AMD

2012-03-21 16:36 . 2012-03-21 16:36 -------- d-----w- c:\program files (x86)\AMD

2012-03-21 16:31 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-03-21 16:31 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-03-21 16:31 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-03-21 16:30 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-21 16:30 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-21 16:30 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-21 16:30 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-21 16:30 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-03-21 16:30 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-21 16:30 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-14 18:22 . 2011-09-23 17:26 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-26 23:55 . 2012-02-26 23:55 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2012-02-26 23:55 . 2012-02-26 23:55 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll

2012-02-26 23:55 . 2012-02-26 23:55 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll

2012-02-23 14:18 . 2011-09-16 18:30 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-02-15 03:48 . 2012-02-15 03:48 10856960 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2012-02-15 03:21 . 2012-02-15 03:21 25839104 ----a-w- c:\windows\system32\atio6axx.dll

2012-02-15 03:18 . 2012-02-15 03:18 159744 ----a-w- c:\windows\system32\atiapfxx.exe

2012-02-15 03:18 . 2012-02-15 03:18 791040 ----a-w- c:\windows\SysWow64\aticfx32.dll

2012-02-15 03:17 . 2011-04-20 06:07 957952 ----a-w- c:\windows\system32\aticfx64.dll

2012-02-15 03:13 . 2012-02-15 03:13 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll

2012-02-15 03:13 . 2012-02-15 03:13 496128 ----a-w- c:\windows\system32\atieclxx.exe

2012-02-15 03:13 . 2012-02-15 03:13 235520 ----a-w- c:\windows\system32\atiesrxx.exe

2012-02-15 03:11 . 2012-02-15 03:11 120320 ----a-w- c:\windows\system32\atitmm64.dll

2012-02-15 03:10 . 2012-02-15 03:10 21504 ----a-w- c:\windows\system32\atimuixx.dll

2012-02-15 03:10 . 2012-02-15 03:10 59392 ----a-w- c:\windows\system32\atiedu64.dll

2012-02-15 03:10 . 2012-02-15 03:10 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll

2012-02-15 03:07 . 2012-02-15 03:07 6200320 ----a-w- c:\windows\SysWow64\atidxx32.dll

2012-02-15 02:58 . 2012-02-15 02:58 19392000 ----a-w- c:\windows\SysWow64\atioglxx.dll

2012-02-15 02:52 . 2011-04-20 05:49 7646208 ----a-w- c:\windows\system32\atidxx64.dll

2012-02-15 02:41 . 2012-02-15 02:41 1113088 ----a-w- c:\windows\system32\atiumd6v.dll

2012-02-15 02:40 . 2012-02-15 02:40 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll

2012-02-15 02:40 . 2012-02-15 02:40 4958208 ----a-w- c:\windows\system32\atiumd6a.dll

2012-02-15 02:34 . 2012-02-15 02:34 51200 ----a-w- c:\windows\system32\aticalrt64.dll

2012-02-15 02:34 . 2012-02-15 02:34 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll

2012-02-15 02:34 . 2012-02-15 02:34 44544 ----a-w- c:\windows\system32\aticalcl64.dll

2012-02-15 02:34 . 2012-02-15 02:34 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll

2012-02-15 02:34 . 2012-02-15 02:34 5954048 ----a-w- c:\windows\SysWow64\atiumdag.dll

2012-02-15 02:34 . 2012-02-15 02:34 13859840 ----a-w- c:\windows\system32\aticaldd64.dll

2012-02-15 02:29 . 2012-02-15 02:29 5062656 ----a-w- c:\windows\SysWow64\atiumdva.dll

2012-02-15 02:29 . 2012-02-15 02:29 11561984 ----a-w- c:\windows\SysWow64\aticaldd.dll

2012-02-15 02:25 . 2012-02-15 02:25 7551488 ----a-w- c:\windows\system32\atiumd64.dll

2012-02-15 02:16 . 2011-09-16 21:16 58880 ----a-w- c:\windows\system32\coinst.dll

2012-02-15 02:14 . 2012-02-15 02:14 512000 ----a-w- c:\windows\system32\atiadlxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 356352 ----a-w- c:\windows\SysWow64\atiadlxy.dll

2012-02-15 02:13 . 2012-02-15 02:13 17408 ----a-w- c:\windows\system32\atig6pxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 39936 ----a-w- c:\windows\system32\atig6txx.dll

2012-02-15 02:13 . 2012-02-15 02:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 327680 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2012-02-15 02:12 . 2011-04-20 05:21 43008 ----a-w- c:\windows\system32\atiuxp64.dll

2012-02-15 02:12 . 2012-02-15 02:12 33280 ----a-w- c:\windows\SysWow64\atiuxpag.dll

2012-02-15 02:12 . 2012-02-15 02:12 39936 ----a-w- c:\windows\system32\atiu9p64.dll

2012-02-15 02:12 . 2012-02-15 02:12 30208 ----a-w- c:\windows\SysWow64\atiu9pag.dll

2012-02-15 02:11 . 2012-02-15 02:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2012-02-15 02:11 . 2012-02-15 02:11 54784 ----a-w- c:\windows\system32\atimpc64.dll

2012-02-15 02:11 . 2012-02-15 02:11 54784 ----a-w- c:\windows\system32\amdpcom64.dll

2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll

2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll

2012-02-15 02:05 . 2012-02-15 02:05 69632 ----a-w- c:\windows\system32\OpenVideo64.dll

2012-02-15 02:05 . 2012-02-15 02:05 59904 ----a-w- c:\windows\SysWow64\OpenVideo.dll

2012-02-15 02:05 . 2012-02-15 02:05 61952 ----a-w- c:\windows\system32\OVDecode64.dll

2012-02-15 02:05 . 2012-02-15 02:05 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll

2012-02-15 02:05 . 2012-02-15 02:05 16507904 ----a-w- c:\windows\system32\amdocl64.dll

2012-02-15 02:04 . 2012-02-15 02:04 13238272 ----a-w- c:\windows\SysWow64\amdocl.dll

2012-02-15 02:03 . 2012-02-15 02:03 54272 ----a-w- c:\windows\system32\OpenCL.dll

2012-02-15 02:03 . 2012-02-15 02:03 48128 ----a-w- c:\windows\SysWow64\OpenCL.dll

2012-01-31 10:02 . 2012-01-31 10:02 21504 ----a-w- c:\windows\system32\kdbsdk64.dll

2012-01-31 10:00 . 2012-01-31 10:00 16896 ----a-w- c:\windows\SysWow64\kdbsdk32.dll

2012-01-25 04:23 . 2012-01-25 04:23 36864 ----a-w- c:\windows\SysWow64\maplec.dll

2012-01-25 04:23 . 2012-01-25 04:23 147456 ----a-w- c:\windows\SysWow64\WMIMPLEX.dll

.

.

((((((((((((((((((((((((((((( SnapShot_2012-04-05_19.59.57 )))))))))))))))))))))))))))))))))))))))))

.

- 2012-02-14 22:55 . 2011-12-16 07:52 67072 c:\windows\SysWOW64\mshtmled.dll

+ 2012-04-10 23:03 . 2012-02-28 05:35 67072 c:\windows\SysWOW64\mshtmled.dll

- 2012-02-14 22:55 . 2011-12-16 07:54 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll

+ 2012-04-10 23:03 . 2012-02-28 05:38 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll

- 2012-02-14 22:55 . 2011-12-16 07:52 48128 c:\windows\SysWOW64\jsproxy.dll

+ 2012-04-10 23:03 . 2012-02-28 05:34 48128 c:\windows\SysWOW64\jsproxy.dll

+ 2012-02-24 07:14 . 2012-04-14 18:22 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

- 2012-02-24 07:14 . 2012-03-26 23:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

+ 2009-07-14 04:54 . 2012-04-14 18:22 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-03-26 23:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-03-26 23:28 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-04-14 18:22 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-03-26 23:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-04-14 18:22 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2012-03-21 18:19 . 2012-03-21 18:19 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat

+ 2012-03-21 18:19 . 2012-04-11 15:10 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat

+ 2011-09-16 19:11 . 2012-04-19 20:13 49420 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-04-19 20:13 33054 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-09-16 19:11 . 2012-04-19 20:13 11380 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2295437347-3248039214-128027799-1000_UserData.bin

+ 2012-04-10 23:03 . 2012-02-28 06:36 97280 c:\windows\system32\mshtmled.dll

- 2012-02-14 22:55 . 2011-12-16 08:45 97280 c:\windows\system32\mshtmled.dll

- 2012-02-14 22:55 . 2011-12-16 08:47 95232 c:\windows\system32\migration\WininetPlugin.dll

+ 2012-04-10 23:03 . 2012-02-28 06:39 95232 c:\windows\system32\migration\WininetPlugin.dll

- 2012-02-14 22:55 . 2011-12-16 08:45 64512 c:\windows\system32\jsproxy.dll

+ 2012-04-10 23:03 . 2012-02-28 06:35 64512 c:\windows\system32\jsproxy.dll

+ 2011-09-16 21:07 . 2012-04-19 21:11 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-09-16 21:07 . 2012-04-03 15:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-09-16 21:07 . 2012-04-19 21:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2011-09-16 21:07 . 2012-04-03 15:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-04-03 15:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-04-19 21:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-09-16 18:22 . 2012-04-19 21:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-09-16 18:22 . 2012-04-05 20:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-09-16 18:22 . 2012-04-19 21:54 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2011-09-16 18:22 . 2012-04-05 20:00 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-09-16 18:22 . 2012-04-19 21:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-09-16 18:22 . 2012-04-05 20:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-09-16 18:22 . 2012-04-05 19:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-09-16 18:22 . 2012-04-19 21:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-09-16 18:22 . 2012-04-05 19:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-09-16 18:22 . 2012-04-19 21:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-04-11 15:12 . 2012-04-11 15:12 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2012-04-12 22:02 . 2012-04-12 22:02 25600 c:\windows\Installer\50183af.msi

- 2011-09-18 19:24 . 2012-03-21 18:20 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe

+ 2012-04-12 22:03 . 2012-04-12 22:03 65536 c:\windows\Installer\{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe

+ 2012-04-12 22:03 . 2012-04-12 22:03 65536 c:\windows\Installer\{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}\ARPPRODUCTICON.exe

+ 2012-04-11 15:18 . 2012-04-11 15:18 53760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\987ad3f7a65b6f4671af5b4652ddf4d0\System.Web.DynamicData.Design.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 93184 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.SqlServer#\3e5d48004dfebcc66a8f4cdb9bf9e563\Microsoft.SqlServer.CustomControls.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 37888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.SqlServer#\13b474136f680bdfcb8aad2f39747c01\Microsoft.SqlServer.Dts.Design.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\e7efc73c52a5aeaf1fc83470ed455f4f\System.Web.DynamicData.Design.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 51200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\aab4ec1d7fb6e7d6a81c3348f46eee3d\Microsoft.VisualStudio.Platform.AppDomainManager.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\66b5c693a8aa660276216d7a521da5e2\System.Web.DynamicData.Design.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 83456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\8c556acb903d94e8f10d1e1d3eac58ae\Microsoft.SqlServer.Dts.Design.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\WBOCXLib\3345bf2f4818f85f7366c5ff34912852\WBOCXLib.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1371ed674fc04f510cb41524e2d4322d\System.Web.DynamicData.Design.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 50688 c:\windows\assembly\NativeImages_v2.0.50727_32\StardockCentralDSkin\6bdf289a7de3d5c7c1579f5c031750dd\StardockCentralDSkin.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 62464 c:\windows\assembly\NativeImages_v2.0.50727_32\Stardock.Central.Se#\4dc7b99e5965d305781cd8a11a7984fe\Stardock.Central.Security.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b1cc47e18b5121943de17e6ae34b1b94\Microsoft.SqlServer.Dts.Design.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 98816 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\83a9fbc132b8e68d1868d0aae3e2bbe3\Microsoft.SqlServer.DlgGrid.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.ShockwaveFl#\90520c3b809c5dfc3a9b30a3b4e58709\Interop.ShockwaveFlashObjects.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 57344 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.Shockwave#\cf4a7a60aec3702a27c88b8e560a0c27\AxInterop.ShockwaveFlashObjects.ni.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2012-04-11 17:03 . 2012-04-11 17:03 9560 c:\windows\system32\NetworkList\Icons\{814865E0-BEA3-4EB0-88D4-B46682DC2C5B}_48.bin

+ 2012-04-11 17:03 . 2012-04-11 17:03 4280 c:\windows\system32\NetworkList\Icons\{814865E0-BEA3-4EB0-88D4-B46682DC2C5B}_32.bin

+ 2012-04-11 17:03 . 2012-04-11 17:03 2456 c:\windows\system32\NetworkList\Icons\{814865E0-BEA3-4EB0-88D4-B46682DC2C5B}_24.bin

- 2012-04-05 19:59 . 2012-04-05 19:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-04-19 21:52 . 2012-04-19 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-04-05 19:59 . 2012-04-05 19:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-04-19 21:52 . 2012-04-19 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-02-14 22:55 . 2011-12-16 07:54 981504 c:\windows\SysWOW64\wininet.dll

+ 2012-04-10 23:03 . 2012-02-28 05:38 981504 c:\windows\SysWOW64\wininet.dll

- 2012-02-14 22:55 . 2011-12-16 07:54 132096 c:\windows\SysWOW64\url.dll

+ 2012-04-10 23:03 . 2012-02-28 05:38 132096 c:\windows\SysWOW64\url.dll

- 2012-02-14 22:55 . 2011-12-16 07:52 599552 c:\windows\SysWOW64\msfeeds.dll

+ 2012-04-10 23:03 . 2012-02-28 05:35 599552 c:\windows\SysWOW64\msfeeds.dll

+ 2012-04-14 18:22 . 2012-04-14 18:22 353440 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_Plugin.exe

+ 2012-04-14 17:22 . 2012-04-14 17:22 353440 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe

+ 2012-04-14 17:22 . 2012-04-14 17:22 424608 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.dll

+ 2012-04-11 02:29 . 2012-04-14 18:22 253088 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

+ 2012-04-10 23:03 . 2012-02-28 05:34 176640 c:\windows\SysWOW64\ieui.dll

- 2012-02-14 22:55 . 2011-12-16 07:52 176640 c:\windows\SysWOW64\ieui.dll

- 2012-02-14 22:55 . 2011-12-16 08:47 134144 c:\windows\system32\url.dll

+ 2012-04-10 23:03 . 2012-02-28 06:39 134144 c:\windows\system32\url.dll

+ 2009-07-14 02:36 . 2012-04-19 20:17 728608 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-04-19 20:17 146566 c:\windows\system32\perfc009.dat

+ 2012-04-10 23:03 . 2012-02-28 06:36 702464 c:\windows\system32\msfeeds.dll

- 2012-02-14 22:55 . 2011-12-16 08:45 702464 c:\windows\system32\msfeeds.dll

+ 2012-04-14 18:22 . 2012-04-14 18:22 630944 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_233_Plugin.exe

+ 2012-04-14 17:22 . 2012-04-14 17:22 630944 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_233_ActiveX.exe

+ 2012-04-14 17:22 . 2012-04-14 17:22 462496 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_233_ActiveX.dll

- 2012-02-14 22:55 . 2011-12-16 08:45 247808 c:\windows\system32\ieui.dll

+ 2012-04-10 23:03 . 2012-02-28 06:35 247808 c:\windows\system32\ieui.dll

- 2009-07-14 05:12 . 2012-04-03 15:05 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

+ 2009-07-14 05:12 . 2012-04-19 21:11 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat

+ 2009-07-14 04:46 . 2012-04-19 20:15 104520 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2009-07-14 05:01 . 2012-04-05 19:58 391096 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-04-19 21:51 391096 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2012-01-21 21:40 . 2012-01-21 21:40 616216 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll

+ 2012-04-10 23:03 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll

+ 2012-01-21 21:40 . 2012-01-21 21:40 616216 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll

+ 2012-04-10 23:03 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 616216 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll

+ 2012-02-04 00:44 . 2012-02-04 00:44 927744 c:\windows\Installer\50183b5.msi

+ 2012-04-19 21:18 . 2012-04-19 21:18 376832 c:\windows\Installer\3e1ead.msi

+ 2011-09-18 19:24 . 2012-04-11 15:10 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe

+ 2012-04-11 15:18 . 2012-04-11 15:18 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\3893bfa343bfd255531a743ffa660722\WindowsFormsIntegration.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 244736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\3baa7121b73af962dc8cd7dd95235a0c\System.Windows.Forms.DataVisualization.Design.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 451072 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity\24054b418b6bd8b575b4561d2a0090e3\System.Web.Entity.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 367104 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity.D#\ec94932881ce0b6abc0c91433a6b69f0\System.Web.Entity.Design.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 973824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\84b0d19714fbc794a1d639706cc60843\System.Web.DynamicData.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 331776 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\215f6508fa8f0fd1613c0cbfb7646d98\System.Web.DataVisualization.Design.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\a38a67bfd6245b2f72eb918a57d37bcd\System.ServiceProcess.ni.dll

+ 2012-04-11 15:17 . 2012-04-11 15:17 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\cdf11c8e0679ce7ff91dc37c6e1b5545\System.Messaging.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 292352 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing.Desi#\cb799cb414d94fdd0d6d0e73fb0c7032\System.Drawing.Design.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\b6c591378ae5158071d63be3fb88ef37\Microsoft.VisualBasic.Compatibility.Data.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 126464 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.SqlServer#\c327371d0085c5031ff3173a818593fc\Microsoft.SqlServer.DlgGrid.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 208896 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.SqlServer#\b36220335613ad026a248ee20cb282eb\Microsoft.SqlServer.DataStorage.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 997376 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.SqlServer#\4a5ee6ec05e2ea7b1866e9d5a9dfd775\Microsoft.SqlServer.ManagedDTS.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 691712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.SqlServer#\1ae381edbbca509145129e994f5aedf0\Microsoft.SqlServer.GridControl.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 276480 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.NetEnterp#\0dc4c656a96fe1ddcffeb14c44073171\Microsoft.NetEnterpriseServers.ExceptionMessageBox.ni.dll

+ 2012-04-11 15:21 . 2012-04-11 15:21 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ebd99d5801192b27f605630e2665db37\WindowsFormsIntegration.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 194560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\76a205e2eeeafe760194d69c2513c1aa\System.Windows.Forms.DataVisualization.Design.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 865280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\ccc79ac02cc9747798c7cc689e90899e\System.Web.Extensions.Design.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 335360 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\95b92fa75d2427a7cb496fddb3f394da\System.Web.Entity.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\504b4901d1f1039264d31d77fcd6e3f2\System.Web.Entity.Design.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 712192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\5283aa252d0efa81f23d2823615dd31b\System.Web.DynamicData.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 260608 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\a6fbeebf631e147104fbde01bcc6602c\System.Web.DataVisualization.Design.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\9cabbb335fc6dff10392376707a4d0a2\System.ServiceProcess.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\621d2aae96fd06f9ccf66d335d7f1232\System.Messaging.ni.dll

+ 2012-04-11 15:13 . 2012-04-11 15:13 226304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\7f51b59dc6c39bbc00776c9204d7525d\System.Drawing.Design.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 250368 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\f9a6016d1824f9b0d90a9627f098b70f\Microsoft.VisualStudio.Project.VS.Implementation.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 922624 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\df77407df89cd37222555979a80049d1\Microsoft.VisualStudio.AppDesigner.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 819712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\dd2f32bffcd5f9eda4a47dfc59f1b70f\Microsoft.VisualStudio.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 202752 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\d9c2fb12ad8f4b38fe9560381064d74d\Microsoft.VisualStudio.Language.CallHierarchy.Implementation.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 703488 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\b9400b0ddee973800fb6aa3b5ff7251c\Microsoft.VisualStudio.Diagnostics.Common.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 148992 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\ad16f5e0289a685d7b09657e823a0d45\Microsoft.VisualStudio.WizardFramework.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 206848 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\abb13d4270585ea2c41b9a48b08586d0\Microsoft.VisualStudio.Project.Contracts.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 563712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\73b8efa58703ef371811111971bd90ce\Microsoft.VisualStudio.Dialogs.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 920064 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\6478a369c8e834292da5740f6facc3d7\Microsoft.VisualStudio.Shell.9.0.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 848896 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\3d70ec3a2fd4c91d8200249689354509\Microsoft.VisualStudio.Shell.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 311808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\2c3237280630afde92fafef09171709a\Microsoft.VisualStudio.Configuration.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09237903b1f9e5c7a69a4995d85eaa35\Microsoft.VisualBasic.Compatibility.Data.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 852480 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\2965fcd151e21543887df9006519ed58\AspNetMMCExt.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\718e8186ee8de8555888be444b86d443\WindowsFormsIntegration.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\6138a7bf63fa559ffe856b586e369ba2\TaskScheduler.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\01e6d953aaaada7216112df9e0f39c11\System.Web.Routing.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\32b4d44198ecd16ca5deb1024642313f\System.Web.Entity.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\9d7b9e05e5bc7eab07de61a8dd70757a\System.Web.Entity.Design.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\e59cbe4ccb29922c44bf66d3ae044b32\System.Web.DynamicData.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\cb674da808088671f0633d46d1dade03\System.Web.Abstractions.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\2ea95f3113ace6c1adf4ab9f9fc4285e\System.ServiceProcess.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\c5bef7173a92e1a66e3f7a34eeed891f\System.Messaging.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\a94125636875d06389922fcd86b7a615\System.Drawing.Design.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 376832 c:\windows\assembly\NativeImages_v2.0.50727_64\SecurityAuditPolici#\7edcdb58fc8106cf1e2361f3482b368d\SecurityAuditPoliciesSnapIn.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\cc4082d64c96ff7569aa540b2bfb4e4e\napsnap.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\30d62e0be22cd4569141c32f8650773b\napinit.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\0da2c8a454593084e0215266b5572bf0\MMCFxCommon.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 230400 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cbb372c901c25e37a0e9a9b58f4d04b1\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\b4ca8eca3fb2b9e9eb4dcde40eca00b0\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\a792188c0f2a02150902678969112efa\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\5eb0e4a038c3e889df1bc9e83aa5414a\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 777728 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\583db918d8c4155fab760bb05f4bebc8\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 764928 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\414b1eb2ae325466102d90318537740d\Microsoft.SqlServer.GridControl.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 160768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\3613630c8f10360f60001f9281346d23\Microsoft.SqlServer.VSTAScriptingLib.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 157696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\2bca3a435653f82053e2bcec8878063d\Microsoft.SqlServer.DlgGrid.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\19cc48a04b1ff3d0943b653d5fe583cf\Microsoft.SqlServer.CustomControls.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 258048 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\061b72c5334b511063c1129a97d08660\Microsoft.SqlServer.DataStorage.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 937472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\762b104fb41272b94fbd442ee2ef97e2\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\44eecde37d940c1c9aaebb700ae81ed5\Microsoft.Office.Tools.v9.0.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\34553392a38728772446439adee8d1ef\Microsoft.Office.Tools.Outlook.v9.0.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 293376 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.NetEnterp#\0f1f5d63ca97b73ed229f2b9ccb1452b\Microsoft.NetEnterpriseServers.ExceptionMessageBox.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ecaf4199c3937827b85be8e8ac36de2b\Microsoft.MediaCenter.iTv.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\8dd963b1ac45ad4d484855d9853747bd\Microsoft.MediaCenter.ITVVM.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\fe924ef08b715e71e410270c60cc372c\Microsoft.ManagementConsole.ni.dll

Share this post


Link to post
Share on other sites

2nd part

+ 2012-04-11 15:36 . 2012-04-11 15:36 618496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\668798ebaebb3baa6a152d86e3e03364\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 423424 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\cb23b761d394d3db188d2d710459217e\Microsoft.ApplicationId.Framework.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 727040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\607e206ef66533feecd6a3786ad55560\Microsoft.ApplicationId.RuleWizard.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\857d04eadbf226277488bfabfda2a01d\mcplayerinterop.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\7a2e04f455b793a14e9d1df5fdd93bf7\mcGlidHostObj.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\56c25b27b777af0b93999261cfeec0cd\EventViewer.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\2c9f3eaa3e79d491c1e29ab58fdcc54a\ehExtHost.ni.exe

+ 2012-04-11 15:39 . 2012-04-11 15:39 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\688abb339fb8301c37b0889a0d01dfa3\WindowsFormsIntegration.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 335360 c:\windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\21ef5c08aa2e57bb6536c9273c91df6d\VistaBridgeLibrary.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 540672 c:\windows\assembly\NativeImages_v2.0.50727_32\VDialog\37597b7462453ff7054bbffaf36eb488\VDialog.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\97d8bd8f21969a91b7c5171031250d1e\TaskScheduler.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\2d9aab831590b771aa70cd6991f7af88\System.Web.Routing.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\47e3f7fa0b07e85e269f2e152e0e5e29\System.Web.Extensions.Design.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\3595f5769afb7d38aa5a05abef97364c\System.Web.Entity.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\7485eeab1b46532b35d7ab5814a43a30\System.Web.Entity.Design.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ec083a1d2f94e4c565545f9d090c5039\System.Web.DynamicData.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\88430faf21e241f93d02711e35173de6\System.Web.Abstractions.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c2c7f68605a42caef1b7a19c51de58b4\System.ServiceProcess.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\69b1de7425d09eb9fe42f81882d2896e\System.Messaging.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b64b898fd099d1644a8673137ac56011\System.Drawing.Design.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 294912 c:\windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\b7a94173e0bedb89545cbfa23e71b8e0\SecurityAuditPoliciesSnapIn.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd\4444131217ac554732bb2ded5a89bb00\Sd.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 459776 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.Zip\51c522c9a4b6bef06159c26eb9425678\Sd.Zip.ni.dll

+ 2012-04-19 21:18 . 2012-04-19 21:18 555520 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.Web\c31f47639e92d3cd079f82325d6210a2\Sd.Web.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 111616 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.Uninstall\4e1e511e361b5f0185ded88fdc0525e2\Sd.Uninstall.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 155648 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.UI\d50993db5ce61823570064ab8f1bf0f0\Sd.UI.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 804352 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.Irc\e4dfbe258f4b6a222f31bac388950a0f\Sd.Irc.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 388096 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.InstallManager\92acde8d89653739f57470c25a3695de\Sd.InstallManager.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 142848 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.Central.Archive\191548435e03d73b600deb2c2fdd7491\Sd.Central.Archive.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.Central.Archive.#\3d5dc19c01710a48c1c891b9f1144972\Sd.Central.Archive.XmlSerializers.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\2ffec892832457d3530d59a9da07324c\napsnap.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\1167a79ab309e2a4e6da2bd2dbea01a6\napinit.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 373760 c:\windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\a6a89f2d6dce099a07e602c763b3c898\MyDock.Util.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\c83df01d683dbeb36be10218cc50ff03\MMCFxCommon.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 290304 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WindowsAP#\6c32a7f25c7838f8af7209dbe64a0768\Microsoft.WindowsAPICodePack.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\aa2d1d92a9a473ff6d26b5c346f79ed0\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a278c91a9f9d7c4ea7e1aaf0c290684a\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\59e632701fd8a78afd5c55f448788096\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 191488 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\281fa57df00010546b86ca5162dd5973\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1e6ce30550b58e2baeec4b4390b6c78e\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 674304 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\2446d586f308b44168bfe994340d449a\Microsoft.SqlServer.Management.Controls.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1cb24b02a104804079643eb1e60566b2\Microsoft.SqlServer.DataStorage.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 532480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1c8d4d6dcf670cb7378227f8f4aa4e56\Microsoft.SqlServer.GridControl.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 601088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\04fd7e2e8503c3775e4340935c623df7\Microsoft.SqlServer.ManagedDTS.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\db99af884a053f153e7fc72fa3607710\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\bc6d314004153f93513ce097e141d4c2\Microsoft.Office.Tools.Common.v9.0.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\6b679cbfa6b5375b1284c775f0e4c776\Microsoft.Office.Tools.Outlook.v9.0.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\564ee7c52ff064b953ca9fe02e0a2067\Microsoft.Office.Tools.v9.0.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\1d12961cf880c893627ed0fa9e09998c\Microsoft.Office.Tools.Word.v9.0.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\68842b507f3ad7fa603bf57c813c6a0c\Microsoft.ManagementConsole.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 455168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\eff4e9083f7ff25c18f52542f9a1e596\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 233472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Exception#\fc8e6b2f91c27bbe5681663e340a4ab0\Microsoft.ExceptionMessageBox.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 316928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\b872774c6d7f49712c7b7cdd71f3204b\Microsoft.ApplicationId.Framework.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 587776 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\06f1bc0c2fa665d1d48597c77a5fee55\Microsoft.ApplicationId.RuleWizard.ni.dll

+ 2012-04-19 21:18 . 2012-04-19 21:18 100864 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\f6c3f063c0036bdb5601677b96f5f763\Interop.IWshRuntimeLibrary.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 726016 c:\windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\c0ceea8eed7e66d399151a4a80544d83\ICSharpCode.SharpZipLib.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\4e2b9e7e956dcee6a9721b57c8ccde60\EventViewer.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\380a1283ad9a74eb337feb276453a87f\ehExtHost32.ni.exe

+ 2012-04-10 23:03 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

- 2012-02-14 22:55 . 2011-12-16 07:54 1231360 c:\windows\SysWOW64\urlmon.dll

+ 2012-04-10 23:03 . 2012-02-28 05:38 1231360 c:\windows\SysWOW64\urlmon.dll

+ 2012-04-10 23:03 . 2012-02-28 05:35 5998080 c:\windows\SysWOW64\mshtml.dll

+ 2012-04-14 18:22 . 2012-04-14 18:22 8797344 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

- 2012-02-14 22:55 . 2011-12-16 07:52 2073600 c:\windows\SysWOW64\iertutil.dll

+ 2012-04-10 23:03 . 2012-02-28 05:34 2073600 c:\windows\SysWOW64\iertutil.dll

+ 2012-04-10 23:03 . 2012-02-28 06:39 1188864 c:\windows\system32\wininet.dll

- 2012-02-14 22:55 . 2011-12-16 08:47 1188864 c:\windows\system32\wininet.dll

+ 2012-04-10 23:03 . 2012-02-28 06:39 1494016 c:\windows\system32\urlmon.dll

- 2012-02-14 22:55 . 2011-12-16 08:47 1494016 c:\windows\system32\urlmon.dll

+ 2012-04-10 23:03 . 2012-02-28 06:36 9020928 c:\windows\system32\mshtml.dll

+ 2012-04-10 23:03 . 2012-02-28 06:35 2453504 c:\windows\system32\iertutil.dll

- 2009-07-14 04:45 . 2012-03-21 21:06 7378452 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2009-07-14 04:45 . 2012-04-19 20:14 7378452 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2011-09-16 22:56 . 2012-04-19 21:51 1974280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2011-09-16 22:56 . 2012-04-05 19:58 1974280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2011-09-16 21:45 . 2012-04-19 20:09 7427164 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2295437347-3248039214-128027799-1000-8192.dat

- 2012-03-21 18:17 . 2012-03-21 18:17 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2012-04-11 15:12 . 2012-04-11 15:12 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

- 2012-03-21 18:17 . 2012-03-21 18:17 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll

+ 2012-01-22 14:20 . 2012-01-22 14:20 1707520 c:\windows\Installer\5ab3c.msp

+ 2012-04-01 20:27 . 2012-04-01 20:27 3463168 c:\windows\Installer\5ab32.msp

+ 2005-09-23 07:32 . 2005-09-23 07:32 4022784 c:\windows\Installer\2f201.msi

- 2011-09-18 19:24 . 2012-03-21 18:20 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe

+ 2011-09-18 19:24 . 2012-04-11 15:10 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe

- 2011-09-18 19:24 . 2012-03-21 18:20 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe

+ 2012-04-11 15:16 . 2012-04-11 15:16 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\fb00cd7183b28470878a3b5687929a56\WindowsBase.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 1602560 c:\windows\assembly\NativeImages_v4.0.30319_64\System.WorkflowServ#\ba60dbd16ea036209a8601449b0a4cc1\System.WorkflowServices.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 5922304 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Com#\4f35e62df9517229ed11972a4561387f\System.Workflow.ComponentModel.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 3744768 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Act#\b9e2ffb187489a72bf92f054967824f2\System.Workflow.Activities.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\80de3f9f56bed3e05ba97741905abddb\System.Windows.Forms.DataVisualization.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 2964992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Mobile\2e491e13b4858e33488246db1f95c678\System.Web.Mobile.ni.dll

+ 2012-04-11 15:17 . 2012-04-11 15:17 3805184 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\5d29b4be05d79291f850ba4dd3cbdd78\System.Web.Extensions.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 1101312 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\51286ccbca7acb595da250f5de095a04\System.Web.Extensions.Design.ni.dll

+ 2012-04-11 15:18 . 2012-04-11 15:18 5618688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\ac4541a6eb47813c114a01bbc7572977\System.Web.DataVisualization.ni.dll

+ 2012-04-11 15:17 . 2012-04-11 15:17 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\21c096f214db354198e2664473875f06\System.Printing.ni.dll

+ 2012-04-11 15:15 . 2012-04-11 15:15 2303488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\9bcabb321026ee927401cbba73dff054\System.Drawing.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\90ec5a09a2329a45554d79e0fd9fbbee\System.Deployment.ni.dll

+ 2012-04-11 15:17 . 2012-04-11 15:17 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\45d4a9fa235f5658f8c9b89f6a4f691f\System.Activities.Presentation.ni.dll

+ 2012-04-11 15:17 . 2012-04-11 15:17 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\8ad595c3d0668d10777d8ce28b88cc7c\ReachFramework.ni.dll

+ 2012-04-11 15:17 . 2012-04-11 15:17 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\cb31bfb24a52f83cf826c00979827ba6\PresentationUI.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 1829888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6845c178054282fe6476fdfb0e9a9e6a\Microsoft.VisualBasic.Compatibility.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\5281ac494089700d1c72c16478ab3363\Microsoft.VisualBasic.ni.dll

+ 2012-04-11 15:15 . 2012-04-11 15:15 1112576 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.SqlServer#\fecedb25a100856aabe6033bcfda3c67\Microsoft.SqlServer.WizardFramework.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 1908224 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.DataTrans#\5114387e7a3d7fe245566e7dbc36c7ef\Microsoft.DataTransformationServices.Controls.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 3820544 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Tas#\9f1c45888c7f1f15d04f30c9437f8bf2\Microsoft.Build.Tasks.v4.0.ni.dll

+ 2012-04-11 15:15 . 2012-04-11 15:15 1592320 c:\windows\assembly\NativeImages_v4.0.30319_64\DTSWizard\849e4031c02a9bbd7c0cd9e452234812\DTSWizard.ni.exe

+ 2012-04-11 15:15 . 2012-04-11 15:15 1007104 c:\windows\assembly\NativeImages_v4.0.30319_64\AspNetMMCExt\becc41859bd5d01b57cacff13fd51787\AspNetMMCExt.ni.dll

+ 2012-04-11 15:13 . 2012-04-11 15:13 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\02ea3ff3b5908b51da47e1aeb9e75b04\WindowsBase.ni.dll

+ 2012-04-11 15:21 . 2012-04-11 15:21 4041216 c:\windows\assembly\NativeImages_v4.0.30319_32\VsDebugPresentation#\2f777c16452fd3fef9e5dcd7d2a58b00\VsDebugPresentationPackage.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 1226752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\abfe51993df8d3de6f000297de7ead9d\System.WorkflowServices.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 4476416 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\03a20bf18f39c7d1a98769c6bcb46830\System.Workflow.ComponentModel.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 2872320 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\533c90d6e55e0529feb68df7f0dad47b\System.Workflow.Activities.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\acae13e8725a0a5da6dcda3e309cb9d2\System.Windows.Forms.DataVisualization.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 2334720 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\cfd26c0116fafc3f71408fb255ff824a\System.Web.Mobile.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 3127296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\d526d6e7d41aa2a5b3e5871cdb6597f1\System.Web.Extensions.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 4575232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\ff3ad02fb7f572ec84afc681fda661fc\System.Web.DataVisualization.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\7175344bfab919484674d37de776a82f\System.Printing.ni.dll

+ 2012-04-11 15:13 . 2012-04-11 15:13 1665536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c02325260bdcecd695a87bbb24547df2\System.Drawing.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\d0ae88ebdc709e940fbd0c6bafcab13c\System.Deployment.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\f4311e621d2bbf4de0d32bae765b1484\System.Activities.Presentation.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\f4ab7bc19b981163de613143a1e1c997\ReachFramework.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\3e896ba1c3cc8d62c267508dccd7aa5a\PresentationUI.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 3295744 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.XmlEditor\15ee6c0ad3d15470a7c71b6a784e0161\Microsoft.XmlEditor.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 2346496 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\e95bff8574cb1a044440a995163003da\Microsoft.VisualStudio.Platform.WindowManagement.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 5588480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\e812704d77d7290ed5bd7fbdc52fd09d\Microsoft.VisualStudio.Platform.VSEditor.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 2826752 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\cf7e3692792241d2d965a7b30fc07a37\Microsoft.VisualStudio.Project.VisualC.VCProjectEngine.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 2717184 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\c725f8aa14563faee81f158a1f13d2be\Microsoft.VisualStudio.Shell.10.0.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 1157632 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\b6f242d311c4568d36e2b69246b1c22d\Microsoft.VisualStudio.CommonIDE.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 1870848 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\9e03563fcdda4bec5b36dbfb615e0601\Microsoft.VisualStudio.Shell.UI.Internal.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 1376256 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\8d65a337041a378bd93ef3ac86e091bd\Microsoft.VisualStudio.ExtensionManager.Implementation.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 6051328 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\6cf4dfb9dcd622790f3a8e2c49974a42\Microsoft.VisualStudio.Editors.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 1318400 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\6a28594f402fbb3afa2ef01d1b314a1d\Microsoft.VisualStudio.Windows.Forms.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 1830912 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\559c2b81de48507005d5208582f8b864\Microsoft.VisualStudio.Design.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 1467392 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\4bee29e730aa34de9c293e4ebb047ae5\Microsoft.VisualStudio.Shell.Design.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 2655232 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\2cb231b3d3dc314c4682f591491d3388\Microsoft.VisualStudio.Editor.Implementation.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\7511c9da502ed9c4e630a902d462cdef\Microsoft.VisualBasic.Compatibility.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1f54c28f39e25b121c374480ad50d384\Microsoft.VisualBasic.ni.dll

+ 2012-04-11 15:19 . 2012-04-11 15:19 2877440 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\98d8d80f4b2d74cb4c5dc31483793bfb\Microsoft.Build.Tasks.v4.0.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\8f4bee781d2709ba927b31c6bee8abce\System.WorkflowServices.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\d26e6d07c2e10bc55c2bfd2440ec14bc\System.Workflow.ComponentModel.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\f044eaa5dc79454c4081bdbea81bf67e\System.Workflow.Activities.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\57631b92442dcbaa782800614f11eed4\System.Web.Mobile.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\f21b305ec2cacfd1737aba590508716a\System.Web.Extensions.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\01e5bdd5a9c2db218cf64aff1875bf10\System.Web.Extensions.Design.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\7e62d5f06809c96b0e957cc948d98d7c\System.Printing.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 2317312 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\95d41ace5d8803b9318366ad5f0fbdff\System.Drawing.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\7e705656ef1ee9078e0d51699d9e0858\System.Deployment.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 1530368 c:\windows\assembly\NativeImages_v2.0.50727_64\SrpUxSnapIn\9208a9d4acc76688fb7b07a3b99d1c5e\SrpUxSnapIn.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\df3b4d20eaf81da80db9be811947e475\ReachFramework.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\8e76dcfa3f4676022f95437037c8ad51\PresentationUI.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\92ab2a505e2b1e55887248752fc8791b\Narrator.ni.exe

+ 2012-04-11 15:37 . 2012-04-11 15:37 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\b843ee3c17f0b9d517f74f2fc2cef321\MMCEx.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\ff499b53b4b43e5cf6175a7d95fb15ea\MIGUIControls.ni.dll

+ 2012-04-11 15:37 . 2012-04-11 15:37 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\a2368cca7264c3f047d16fefcb29ca66\Microsoft.VisualBasic.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 1135616 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\6b1e6f72a37811a6dc7a062c2000d47a\Microsoft.SqlServer.ManagedDTS.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\a365fda36604d8f8b6ea67667dc3dd46\Microsoft.PowerShell.Editor.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\a1c24b217f836d73170c0f32b7dda5c2\Microsoft.PowerShell.Commands.Utility.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 1093632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\cfbc753f3f325eb8b3d36e527ea232cc\Microsoft.Office.Tools.Common.v9.0.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 1186304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\4e89e5352d5e2c2bcd37bfc39cb36ba2\Microsoft.Office.Tools.Word.v9.0.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 1875456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\3af9f1d6e4df5a9054bfcd9a3352a9b4\Microsoft.Office.Tools.Excel.v9.0.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\8dff78b6458b3995288e7e89aa7ae34a\Microsoft.MediaCenter.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\88b7272ddb53920b927a7ef59fd3ad6a\Microsoft.MediaCenter.UI.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\1225d00b36449afd4a4314eadcb8bf58\Microsoft.MediaCenter.Bml.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\9e91d7c4464a12eb7d2c174ffc56c168\Microsoft.Ink.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 1971200 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.DataTrans#\a6dc879a2f7697a8519f2776c02f22be\Microsoft.DataTransformationServices.Controls.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\a67cf1480b9711c9e9da320bc5114879\Microsoft.Build.Tasks.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\7b5c7863043af7cd47dfb104c0fe6879\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2012-04-11 15:35 . 2012-04-11 15:35 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\a1c741fa6d3e2635dd2a2a77890c87b5\mcstore.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d362f68d3bf954ba55a4494a659492af\System.WorkflowServices.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6d2f8bad410dae6049507d7bc097a62d\System.Workflow.ComponentModel.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\31fd6842b7ccb502dc2f5f11c1f991bd\System.Workflow.Activities.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\a118322b0f5ffc0e67c06658e8788e1d\System.Web.Mobile.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e6747d0470e8a42907df14af10862844\System.Web.Extensions.ni.dll

+ 2012-04-11 15:30 . 2012-04-11 15:30 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\0b27d6da6e6bc319c3805435b818c1e5\System.Printing.ni.dll

+ 2012-04-11 15:30 . 2012-04-11 15:30 1590784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll

+ 2012-04-11 15:30 . 2012-04-11 15:30 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\e45611cad86870a7011bb18b9e993861\System.Deployment.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 1351168 c:\windows\assembly\NativeImages_v2.0.50727_32\SrpUxSnapIn\e304bbb529be3c6839fcc740c0850141\SrpUxSnapIn.ni.dll

+ 2012-04-19 21:18 . 2012-04-19 21:18 2034176 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.Common\c628908ab793c7e3fc3bec3507092977\Sd.Common.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 1266688 c:\windows\assembly\NativeImages_v2.0.50727_32\Sd.Common.XmlSerial#\70e1f8311a6a3af44a3c386072f037b3\Sd.Common.XmlSerializers.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 1241600 c:\windows\assembly\NativeImages_v2.0.50727_32\sd.central.cvp.serv#\025797dee9729e315020b12368a33871\sd.central.cvp.server.ni.dll

+ 2012-04-11 15:30 . 2012-04-11 15:30 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\ffe872f5d03f8bf4d1e1aca71274aec4\ReachFramework.ni.dll

+ 2012-04-11 15:30 . 2012-04-11 15:30 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\167ae650f54f5cd46c07329972f179ad\PresentationUI.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\a61a4567bd8a09a0068db7fcc46151e1\Narrator.ni.exe

+ 2012-04-11 15:39 . 2012-04-11 15:39 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\a8ac3e062a13d75ff8d632bed75358b0\MMCEx.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\2a348513f0f83117bedeb39a7d10b034\MIGUIControls.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 1746944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WindowsAP#\c3808dc1c53acef593ba8713625d967f\Microsoft.WindowsAPICodePack.Shell.ni.dll

+ 2012-04-11 15:39 . 2012-04-11 15:39 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ce70b84dbb9970e1893672c5d430c80\Microsoft.VisualBasic.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a7364db379808ebdee5cd876d5af2656\Microsoft.PowerShell.Editor.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2a9dff80feb7cf8dbac17adb959159ca\Microsoft.PowerShell.Commands.Utility.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\3479d56c12393b4d3ddc8ed221176d96\Microsoft.Office.Tools.Excel.v9.0.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 1787904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\a02baa286bb9d65f7825d7cb460a1c8a\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 2091520 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\fed0dfcc4570199541e56d9187e85bf0\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 4743168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\fcfe7d48e050d2baa505d5c1e8e01350\Microsoft.Office.BusinessApplications.SyncServices.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\4a603d10666b9ee9487e7f0ce27c1c68\Microsoft.MediaCenter.UI.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\142b59a72b233db75ede02941b86291d\Microsoft.MediaCenter.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\ffc29e128c4ddebb991189d617ed1bf7\Microsoft.Ink.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\0c9d80e810caa6aeb85bd4d253281434\Microsoft.Build.Tasks.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\008b235de7df9c690e3f289f3c776eda\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2012-04-11 15:38 . 2012-04-11 15:38 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\227b7eaefe6ae6b78190516516793b4b\mcstore.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 7772672 c:\windows\assembly\NativeImages_v2.0.50727_32\Impulse\cc05e4768ac8a29a2583ee568f4777c4\Impulse.ni.exe

- 2012-02-24 03:28 . 2012-02-24 03:28 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2012-02-24 03:28 . 2012-02-24 03:28 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-19 20:14 . 2012-04-19 20:14 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2012-04-10 23:03 . 2012-02-28 05:34 10992640 c:\windows\SysWOW64\ieframe.dll

+ 2009-07-14 02:34 . 2012-04-11 15:28 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat

- 2009-07-14 02:34 . 2012-03-21 21:02 10747904 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2011-09-16 21:21 . 2012-04-11 15:08 57249312 c:\windows\system32\MRT.exe

+ 2012-04-14 18:22 . 2012-04-14 18:22 11589280 c:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll

+ 2012-04-10 23:03 . 2012-02-28 06:35 12264448 c:\windows\system32\ieframe.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 17353728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\c80f2e11e938ed65b843f750add94b35\System.Windows.Forms.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 15762432 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web\bf66e2b2a4dfefe1064dc172723b2cdd\System.Web.ni.dll

+ 2012-04-11 15:16 . 2012-04-11 15:16 13314048 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Design\8d8f7d5ddfee1cd87ca1396946aa18f7\System.Design.ni.dll

+ 2012-04-11 15:17 . 2012-04-11 15:17 24407040 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\b93196152e384bd43b9abf1e20c8d067\PresentationFramework.ni.dll

+ 2012-04-11 15:17 . 2012-04-11 15:17 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\fc074b5198bd925a4f5b48403bba0e34\PresentationCore.ni.dll

+ 2012-04-11 15:13 . 2012-04-11 15:13 13197312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\0b36565a61f83137806e71b287d81042\System.Windows.Forms.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 12079616 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\a0fb4bd3ae9ce574167ae3a79b7a1aa5\System.Web.ni.dll

+ 2012-04-11 15:13 . 2012-04-11 15:13 11021824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Design\cd7e0c408cc063860fbccce73bbc9c8d\System.Design.ni.dll

+ 2012-04-11 15:13 . 2012-04-11 15:13 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7786f3e95a399a8b6691170ae2fe0e1c\PresentationFramework.ni.dll

+ 2012-04-11 15:13 . 2012-04-11 15:13 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\239eba799555dbe10760ee80c8c8df7c\PresentationCore.ni.dll

+ 2012-04-11 15:20 . 2012-04-11 15:20 10670080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VSDesigner\cff18f154d98505d07a01503d0062cc1\Microsoft.VSDesigner.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\3466442b4168ba11787961fcfd410adf\System.Windows.Forms.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\79c8a2e836c01784bb8e3e2d0ed26850\System.Web.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\552733f73f5483946cce9229b27bdcb2\System.Design.ni.dll

+ 2012-04-11 15:32 . 2012-04-11 15:32 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\b87e4cff3eb13680c55a5f4ee9786b56\PresentationFramework.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\1233412b58120995b639428b5e6d998e\PresentationCore.ni.dll

+ 2012-04-11 15:36 . 2012-04-11 15:36 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\d9a8c2b82b4370a5b0f537a65d867f49\ehshell.ni.dll

+ 2012-04-11 15:30 . 2012-04-11 15:30 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\507b4ca18da9d2fde2e51a1f04593443\System.Web.ni.dll

+ 2012-04-11 15:31 . 2012-04-11 15:31 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\846a51eb446bee41a26a6914a95e38cd\System.Design.ni.dll

+ 2012-04-11 15:30 . 2012-04-11 15:30 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\43e23da6683962ea1168aaf007bbc35d\PresentationFramework.ni.dll

+ 2012-04-11 15:30 . 2012-04-11 15:30 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\74d980e52c1791f1b8608d767a393144\PresentationCore.ni.dll

+ 2012-04-19 21:19 . 2012-04-19 21:19 10530304 c:\windows\assembly\NativeImages_v2.0.50727_32\Gibraltar.Agent\530cddf453ad1840c9605a03a51c2fea\Gibraltar.Agent.ni.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-01-13 393216]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-26 375000]

"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-15 636032]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]

"Razer Blackwidow Driver"="c:\program files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2011-05-16 887712]

"DeathAdder"="c:\program files (x86)\Razer\DeathAdder\razerhid.exe" [2011-03-21 248320]

"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2012-01-02 325728]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

.

c:\users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Impulse Now.lnk - c:\program files (x86)\Impulse\Now\ImpulseNow.exe [2011-10-13 2042088]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AML Device Install.lnk - c:\program files (x86)\AMD AVT\bin\kdbsync.exe [2012-1-31 10752]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-01-04 55936]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 116648]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]

R3 ALSysIO;ALSysIO;c:\users\Kenny\AppData\Local\Temp\ALSysIO64.sys [x]

R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 116648]

R3 htcusbnet;HTC USB-NDIS miniport;c:\windows\system32\DRIVERS\htcusbnet.sys [x]

R3 Ma1FL;Mayflash 2801 Filter Service;c:\windows\system32\Drivers\Ma1FL.sys [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 SAlphamHid;SteelHIDSvc;c:\windows\system32\DRIVERS\SAlpham64.sys [x]

R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsVlb;TsVlb;c:\windows\system32\DRIVERS\tsvlb.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]

R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]

R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]

S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys [x]

S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]

S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]

S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

S1 TsVp;TsVp;c:\windows\system32\DRIVERS\tsvp.sys [x]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-02-15 361984]

S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-01-04 55936]

S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]

S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]

S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]

S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]

S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]

S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]

S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]

S3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]

S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 18:22]

.

2012-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 22:02]

.

2012-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 22:02]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 10.0.0.1

.

- - - - ORPHANS REMOVED - - - -

.

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\DAODx.exe

c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe

c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe

c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe

c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe

c:\program files (x86)\Razer\DeathAdder\razertra.exe

c:\program files (x86)\Razer\DeathAdder\razerofa.exe

c:\program files (x86)\Razer\DeathAdder\vdDaemon.exe

c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe

.

**************************************************************************

.

Completion time: 2012-04-19 17:57:32 - machine was rebooted

ComboFix-quarantined-files.txt 2012-04-19 21:57

ComboFix2.txt 2012-04-08 16:41

ComboFix3.txt 2012-04-05 20:04

ComboFix4.txt 2012-03-02 03:54

.

Pre-Run: 313,232,388,096 bytes free

Post-Run: 313,305,944,064 bytes free

.

- - End Of File - - 8B71F4F843D95B4CA57DFC710AFA3E57

Share this post


Link to post
Share on other sites

I think it's this program calling home.

Copy/paste the text in the Codebox below into notepad:

Here's how to do that:

Click Start > Run type Notepad click OK.

This will open an empty notepad file:

Take your mouse, and place your cursor at the beginning of the text in the box below, then click and hold the left mouse button, while pulling your mouse over the text. This should highlight the text. Now release the left mouse button. Now, with the cursor over the highlighted text, right click the mouse for options, and select 'copy'. Now over the empty Notepad box, right click your mouse again, and select 'paste' and you will have copied and pasted the text.

KillAll::

File::
c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

ClearJavaCache::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=-

Save this file to your desktop, Save this as "CFScript"

Here's how to do that:

1.Click File;

2.Click Save As... Change the directory to your desktop;

3.Change the Save as type to "All Files";

4.Type in the file name: CFScript

5.Click Save ...

CFScriptB-4.gif

Drag CFScript.txt into ComboFix.exe

Then post the results log using Copy / Paste

Also please describe how your computer behaves at the moment.

Share this post


Link to post
Share on other sites

ComboFix 12-04-19.01 - Kenny 04/19/2012 18:19:35.5.6 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8154.6175 [GMT -4:00]

Running from: c:\users\Kenny\Desktop\ComboFix.exe

Command switches used :: c:\users\Kenny\Desktop\CFScript.txt

AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-03-19 to 2012-04-19 )))))))))))))))))))))))))))))))

.

.

2012-04-19 22:26 . 2012-04-19 22:26 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-04-19 22:26 . 2012-04-19 22:26 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-04-19 21:18 . 2012-04-19 21:19 -------- d-----w- c:\users\Kenny\AppData\Roaming\Stardock

2012-04-19 21:18 . 2012-04-19 21:18 -------- d-----w- c:\programdata\Gibraltar

2012-04-19 21:18 . 2012-04-19 21:18 -------- d-----w- c:\program files (x86)\Impulse

2012-04-19 21:18 . 2012-04-19 21:18 -------- d-----w- c:\programdata\Stardock

2012-04-19 21:18 . 2012-04-19 21:18 -------- dc-h--w- c:\programdata\{EB424B13-2E57-4A45-936F-A4DFB6DB1688}

2012-04-19 21:18 . 2012-04-19 21:18 -------- d-----w- c:\users\Kenny\AppData\Local\PackageAware

2012-04-19 20:15 . 2012-04-19 20:17 -------- d-----w- c:\users\Kenny\AppData\Local\TERA-Diagnostic

2012-04-19 20:13 . 2012-04-19 20:15 -------- d-----w- c:\program files (x86)\TERA

2012-04-19 20:13 . 2012-04-19 20:14 -------- d-----w- c:\users\Kenny\AppData\Local\TERA

2012-04-17 15:29 . 2012-03-20 07:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1BB1642D-1C1F-4FA8-9B71-6805C8BEC389}\mpengine.dll

2012-04-14 00:31 . 2012-04-15 00:29 -------- d-----w- c:\program files (x86)\Diablo III Beta

2012-04-13 22:52 . 2012-04-13 22:52 -------- d-----w- c:\programdata\Battle.net

2012-04-12 22:02 . 2012-04-12 22:03 -------- d-----w- c:\program files (x86)\Google

2012-04-11 15:10 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-11 15:10 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-04-11 15:10 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-04-11 07:20 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-04-11 07:20 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-04-11 07:20 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-04-11 07:20 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-04-11 07:20 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-04-11 07:20 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-04-11 07:20 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-04-11 03:22 . 2012-04-14 18:22 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-04-11 02:29 . 2012-04-14 18:22 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-03-30 02:28 . 2012-03-30 02:28 -------- d-----w- c:\users\Kenny\AppData\Roaming\ImgBurn

2012-03-30 00:43 . 2012-04-03 05:46 -------- d-----w- c:\program files (x86)\ImgBurn

2012-03-29 22:46 . 2012-03-29 22:46 -------- d-----w- c:\users\Kenny\AppData\Local\QuickSFV

2012-03-21 23:15 . 2012-03-21 23:15 -------- d-----w- c:\programdata\Kaspersky Lab

2012-03-21 18:19 . 2012-03-21 18:19 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-03-21 16:42 . 2012-03-21 16:42 -------- d-----w- c:\programdata\ATI

2012-03-21 16:36 . 2012-03-21 16:36 -------- d-----w- c:\program files (x86)\AMD AVT

2012-03-21 16:36 . 2012-03-21 16:36 -------- d-----w- c:\program files\AMD

2012-03-21 16:36 . 2012-03-21 16:36 -------- d-----w- c:\program files (x86)\AMD

2012-03-21 16:31 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-03-21 16:31 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-03-21 16:31 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-03-21 16:30 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-21 16:30 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-21 16:30 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-21 16:30 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-21 16:30 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-03-21 16:30 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-21 16:30 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-14 18:22 . 2011-09-23 17:26 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-26 23:55 . 2012-02-26 23:55 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2012-02-26 23:55 . 2012-02-26 23:55 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll

2012-02-26 23:55 . 2012-02-26 23:55 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll

2012-02-23 14:18 . 2011-09-16 18:30 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-02-15 03:48 . 2012-02-15 03:48 10856960 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2012-02-15 03:21 . 2012-02-15 03:21 25839104 ----a-w- c:\windows\system32\atio6axx.dll

2012-02-15 03:18 . 2012-02-15 03:18 159744 ----a-w- c:\windows\system32\atiapfxx.exe

2012-02-15 03:18 . 2012-02-15 03:18 791040 ----a-w- c:\windows\SysWow64\aticfx32.dll

2012-02-15 03:17 . 2011-04-20 06:07 957952 ----a-w- c:\windows\system32\aticfx64.dll

2012-02-15 03:13 . 2012-02-15 03:13 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll

2012-02-15 03:13 . 2012-02-15 03:13 496128 ----a-w- c:\windows\system32\atieclxx.exe

2012-02-15 03:13 . 2012-02-15 03:13 235520 ----a-w- c:\windows\system32\atiesrxx.exe

2012-02-15 03:11 . 2012-02-15 03:11 120320 ----a-w- c:\windows\system32\atitmm64.dll

2012-02-15 03:10 . 2012-02-15 03:10 21504 ----a-w- c:\windows\system32\atimuixx.dll

2012-02-15 03:10 . 2012-02-15 03:10 59392 ----a-w- c:\windows\system32\atiedu64.dll

2012-02-15 03:10 . 2012-02-15 03:10 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll

2012-02-15 03:07 . 2012-02-15 03:07 6200320 ----a-w- c:\windows\SysWow64\atidxx32.dll

2012-02-15 02:58 . 2012-02-15 02:58 19392000 ----a-w- c:\windows\SysWow64\atioglxx.dll

2012-02-15 02:52 . 2011-04-20 05:49 7646208 ----a-w- c:\windows\system32\atidxx64.dll

2012-02-15 02:41 . 2012-02-15 02:41 1113088 ----a-w- c:\windows\system32\atiumd6v.dll

2012-02-15 02:40 . 2012-02-15 02:40 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll

2012-02-15 02:40 . 2012-02-15 02:40 4958208 ----a-w- c:\windows\system32\atiumd6a.dll

2012-02-15 02:34 . 2012-02-15 02:34 51200 ----a-w- c:\windows\system32\aticalrt64.dll

2012-02-15 02:34 . 2012-02-15 02:34 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll

2012-02-15 02:34 . 2012-02-15 02:34 44544 ----a-w- c:\windows\system32\aticalcl64.dll

2012-02-15 02:34 . 2012-02-15 02:34 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll

2012-02-15 02:34 . 2012-02-15 02:34 5954048 ----a-w- c:\windows\SysWow64\atiumdag.dll

2012-02-15 02:34 . 2012-02-15 02:34 13859840 ----a-w- c:\windows\system32\aticaldd64.dll

2012-02-15 02:29 . 2012-02-15 02:29 5062656 ----a-w- c:\windows\SysWow64\atiumdva.dll

2012-02-15 02:29 . 2012-02-15 02:29 11561984 ----a-w- c:\windows\SysWow64\aticaldd.dll

2012-02-15 02:25 . 2012-02-15 02:25 7551488 ----a-w- c:\windows\system32\atiumd64.dll

2012-02-15 02:16 . 2011-09-16 21:16 58880 ----a-w- c:\windows\system32\coinst.dll

2012-02-15 02:14 . 2012-02-15 02:14 512000 ----a-w- c:\windows\system32\atiadlxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 356352 ----a-w- c:\windows\SysWow64\atiadlxy.dll

2012-02-15 02:13 . 2012-02-15 02:13 17408 ----a-w- c:\windows\system32\atig6pxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 39936 ----a-w- c:\windows\system32\atig6txx.dll

2012-02-15 02:13 . 2012-02-15 02:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll

2012-02-15 02:13 . 2012-02-15 02:13 327680 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2012-02-15 02:12 . 2011-04-20 05:21 43008 ----a-w- c:\windows\system32\atiuxp64.dll

2012-02-15 02:12 . 2012-02-15 02:12 33280 ----a-w- c:\windows\SysWow64\atiuxpag.dll

2012-02-15 02:12 . 2012-02-15 02:12 39936 ----a-w- c:\windows\system32\atiu9p64.dll

2012-02-15 02:12 . 2012-02-15 02:12 30208 ----a-w- c:\windows\SysWow64\atiu9pag.dll

2012-02-15 02:11 . 2012-02-15 02:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2012-02-15 02:11 . 2012-02-15 02:11 54784 ----a-w- c:\windows\system32\atimpc64.dll

2012-02-15 02:11 . 2012-02-15 02:11 54784 ----a-w- c:\windows\system32\amdpcom64.dll

2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll

2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll

2012-02-15 02:05 . 2012-02-15 02:05 69632 ----a-w- c:\windows\system32\OpenVideo64.dll

2012-02-15 02:05 . 2012-02-15 02:05 59904 ----a-w- c:\windows\SysWow64\OpenVideo.dll

2012-02-15 02:05 . 2012-02-15 02:05 61952 ----a-w- c:\windows\system32\OVDecode64.dll

2012-02-15 02:05 . 2012-02-15 02:05 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll

2012-02-15 02:05 . 2012-02-15 02:05 16507904 ----a-w- c:\windows\system32\amdocl64.dll

2012-02-15 02:04 . 2012-02-15 02:04 13238272 ----a-w- c:\windows\SysWow64\amdocl.dll

2012-02-15 02:03 . 2012-02-15 02:03 54272 ----a-w- c:\windows\system32\OpenCL.dll

2012-02-15 02:03 . 2012-02-15 02:03 48128 ----a-w- c:\windows\SysWow64\OpenCL.dll

2012-01-31 10:02 . 2012-01-31 10:02 21504 ----a-w- c:\windows\system32\kdbsdk64.dll

2012-01-31 10:00 . 2012-01-31 10:00 16896 ----a-w- c:\windows\SysWow64\kdbsdk32.dll

2012-01-25 04:23 . 2012-01-25 04:23 36864 ----a-w- c:\windows\SysWow64\maplec.dll

2012-01-25 04:23 . 2012-01-25 04:23 147456 ----a-w- c:\windows\SysWow64\WMIMPLEX.dll

.

.

((((((((((((((((((((((((((((( SnapShot_2012-04-19_21.53.10 )))))))))))))))))))))))))))))))))))))))))

.

+ 2011-09-16 19:11 . 2012-04-19 21:54 49834 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-04-19 21:54 33054 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2009-07-14 05:10 . 2012-04-19 20:13 33054 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-09-16 19:11 . 2012-04-19 21:54 11440 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2295437347-3248039214-128027799-1000_UserData.bin

- 2011-09-16 18:22 . 2012-04-19 21:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-09-16 18:22 . 2012-04-19 22:27 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-09-16 18:22 . 2012-04-19 22:27 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2011-09-16 18:22 . 2012-04-19 21:54 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-09-16 18:22 . 2012-04-19 22:27 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-09-16 18:22 . 2012-04-19 21:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-09-16 18:22 . 2012-04-19 22:27 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-09-16 18:22 . 2012-04-19 21:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-09-16 18:22 . 2012-04-19 22:27 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-09-16 18:22 . 2012-04-19 21:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2012-04-19 21:52 . 2012-04-19 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-04-19 22:27 . 2012-04-19 22:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-04-19 22:27 . 2012-04-19 22:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-04-19 21:52 . 2012-04-19 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 02:36 . 2012-04-19 20:17 728608 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-04-19 21:57 728608 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-04-19 21:57 146566 c:\windows\system32\perfc009.dat

- 2009-07-14 02:36 . 2012-04-19 20:17 146566 c:\windows\system32\perfc009.dat

+ 2009-07-14 04:46 . 2012-04-19 22:01 104728 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2009-07-14 05:01 . 2012-04-19 21:51 391096 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-04-19 22:26 391096 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2011-09-16 22:56 . 2012-04-19 22:26 1974280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2011-09-16 22:56 . 2012-04-19 21:51 1974280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-15 636032]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]

"Razer Blackwidow Driver"="c:\program files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2011-05-16 887712]

"DeathAdder"="c:\program files (x86)\Razer\DeathAdder\razerhid.exe" [2011-03-21 248320]

"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2012-01-02 325728]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

.

c:\users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Impulse Now.lnk - c:\program files (x86)\Impulse\Now\ImpulseNow.exe [2011-10-13 2042088]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AML Device Install.lnk - c:\program files (x86)\AMD AVT\bin\kdbsync.exe [2012-1-31 10752]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-01-04 55936]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 116648]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]

R3 ALSysIO;ALSysIO;c:\users\Kenny\AppData\Local\Temp\ALSysIO64.sys [x]

R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 116648]

R3 htcusbnet;HTC USB-NDIS miniport;c:\windows\system32\DRIVERS\htcusbnet.sys [x]

R3 Ma1FL;Mayflash 2801 Filter Service;c:\windows\system32\Drivers\Ma1FL.sys [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 SAlphamHid;SteelHIDSvc;c:\windows\system32\DRIVERS\SAlpham64.sys [x]

R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsVlb;TsVlb;c:\windows\system32\DRIVERS\tsvlb.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]

R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]

R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]

S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys [x]

S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]

S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]

S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

S1 TsVp;TsVp;c:\windows\system32\DRIVERS\tsvp.sys [x]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-02-15 361984]

S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-01-04 55936]

S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]

S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]

S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]

S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]

S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]

S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]

S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]

S3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]

S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 18:22]

.

2012-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 22:02]

.

2012-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 22:02]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 10.0.0.1

.

- - - - ORPHANS REMOVED - - - -

.

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\DAODx.exe

c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe

c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe

c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe

c:\program files (x86)\Razer\DeathAdder\razertra.exe

c:\program files (x86)\Razer\DeathAdder\razerofa.exe

c:\program files (x86)\Razer\DeathAdder\vdDaemon.exe

c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe

c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe

.

**************************************************************************

.

Completion time: 2012-04-19 18:31:38 - machine was rebooted

ComboFix-quarantined-files.txt 2012-04-19 22:31

ComboFix2.txt 2012-04-19 21:57

ComboFix3.txt 2012-04-08 16:41

ComboFix4.txt 2012-04-05 20:04

ComboFix5.txt 2012-04-19 22:18

.

Pre-Run: 311,275,397,120 bytes free

Post-Run: 311,187,668,992 bytes free

.

- - End Of File - - A51CDBCA31A12D0979CAFFBEAC54144A

Share this post


Link to post
Share on other sites

just got back from class and started happening again. This time the person was also able to minimize the window i had open. Was running a fullscreen game when the attacker kept clicking and minimizing the window.

Share this post


Link to post
Share on other sites

So you were playing a online game?

Have you changed your passwords?

Are you using a router?

I'm not seeing anything so far.

Please download RogueKiller.exe and save it to your desktop.

Save it to the Desktop.

Once the program is on the Desktop, close all open programs.

For Vista/Windows 7, right click the file and select: Run as Administrator

For XP, double-click RogueKiller.exe

Note: If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

When the program runs, a screen with the following choices appears:

1 Scan

2 Delete

3 Hosts Fix

4 Proxy Fix

5 DNS Fix

6 Shortcuts HJ Fix

0 Exit

When prompted, type 1 and hit Enter.

When done, an RKreport.txt and an RK Quarantine folder appear on the Desktop.

(Note: If the program is blocked, do not hesitate to try several times.

If it really does not work (it could happen), rename it to winlogon.exe)

Please post the contents of the >RKreport.txt< in your reply.

Share this post


Link to post
Share on other sites

Yes i was playing a game and since this starting happening i have changed some passwords and not some others but nothing has happened with emails, games, etc. No my school does not allow us to use routers.

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Kenny [Admin rights]

Mode: Scan -- Date: 04/20/2012 16:24:21

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] DAODx.exe -- C:\Windows\DAODx.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 4 ¤¤¤

[sUSP PATH] RunDAOD.job @ : C:\Windows\DAODx.exe -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST310005 24AS SATA Disk Device +++++

--- User ---

[MBR] 4bae7843436cba63a0565a737b3019f0

[bSP] 0250c08d0ca6f964760689f83af1d624 : Windows 7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 703767 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1441521664 | Size: 249999 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Share this post


Link to post
Share on other sites

Close all open windows and browsers

Vista/Seven: Right-click RogueKilller and select 'Run as Administrator'

When prompted, type 2 (DELETE) and then press Enter

A new RKreport.txt opens on your Desktop. (Shows the following in Mode: Delete or Remove)

Then, copy/paste the Delete/Remove RKreport.txt in your reply.

Share this post


Link to post
Share on other sites

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Kenny [Admin rights]

Mode: Remove -- Date: 04/20/2012 16:33:02

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤

[sUSP PATH] RunDAOD.job @ : C:\Windows\DAODx.exe -> DELETED

[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST310005 24AS SATA Disk Device +++++

--- User ---

[MBR] 4bae7843436cba63a0565a737b3019f0

[bSP] 0250c08d0ca6f964760689f83af1d624 : Windows 7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 703767 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1441521664 | Size: 249999 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[3].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

Share this post


Link to post
Share on other sites

Also do this

Check the settings.

1. Click Start, click Control Panel, and then click User Accounts.

2. Click the Advanced tab.

3. In the "Secure logon" section, select the "Require users to press Ctrl+Alt+Delete" check box.

Make sure the guest account is disabled and you have a user login and passowrd.

Share this post


Link to post
Share on other sites

i have applied the changes but have not really had time to verify if the issue is still happening as it is finals week here. I will try to look when i have time and update with further info.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.