Solved IE redirection to apype.com

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{5BCB97E1-0D36-4183-90D7-0A2E2EE20560}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
@="Bing"
"URL"="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
"DisplayName"="@ieframe.dll,-12512"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5BCB97E1-0D36-4183-90D7-0A2E2EE20560}]
"DisplayName"="Yahoo! Search"
"URL"="http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-psdt"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"DisplayName"="Google"
"URL"="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"
"FaviconURL"="http://www.google.com/favicon.ico"
"SuggestionsURL"="http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}"
"ShowSearchSuggestions"=dword:00000001
"SortIndex"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{91AB8233-EFEF-4DE1-B215-35D6E262F804}]
"DisplayName"="Live Search"
"URL"="http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HQDUS7"

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
"UpgradeTime"=hex:73,3d,7f,d9,69,75,cc,01
"ShowSearchSuggestionsGlobal"=dword:00000001
"DisplayQuickPick"=dword:00000001
"DownloadRetries"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"SuggestionsURLFallback"="http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}"
"FaviconURLFallback"="http://www.google.com/favicon.ico"
"FaviconPath"="C:\\Users\\Michele\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{6A1806CD-94D4-4689-BA73-E35EA1EA9990}.ico"
 
For some reason my fix didn't work.

Re-run instructions from my reply #46 but this time run it from safe mode.
Let me know if the "merge" executed successfully.
 
Thanks Broni,

I've done as instructed and it still redirects. Also run the scan from #44 and here's the log:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{5BCB97E1-0D36-4183-90D7-0A2E2EE20560}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
@="Bing"
"URL"="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
"DisplayName"="@ieframe.dll,-12512"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5BCB97E1-0D36-4183-90D7-0A2E2EE20560}]
"DisplayName"="Yahoo! Search"
"URL"="http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-psdt"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"DisplayName"="Google"
"URL"="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"
"FaviconURL"="http://www.google.com/favicon.ico"
"SuggestionsURL"="http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}"
"ShowSearchSuggestions"=dword:00000001
"SortIndex"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{91AB8233-EFEF-4DE1-B215-35D6E262F804}]
"DisplayName"="Live Search"
"URL"="http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HQDUS7"

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
"UpgradeTime"=hex:8f,54,6e,23,fe,e8,cb,01
"ShowSearchSuggestionsGlobal"=dword:00000001
"DisplayQuickPick"=dword:00000001
"DownloadRetries"=dword:00000000
"Version"=dword:00000003
"DownloadUpdates"=dword:00000001
"KnownProvidersUpgradeTime"=hex:8f,de,e6,20,fe,e8,cb,01

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5BCB97E1-0D36-4183-90D7-0A2E2EE20560}]
"DisplayName"="Yahoo! Search"
"URL"="http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-psdt"
"SuggestionsURLFallback"="http://ie.search.yahoo.com/os?appid=ie8&command={SearchTerms}"
"FaviconURLFallback"="http://search.yahoo.com/favicon.ico"
"FaviconPath"="C:\\Users\\Broni\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{5BCB97E1-0D36-4183-90D7-0A2E2EE20560}.ico"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"SuggestionsURLFallback"="http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}"
"FaviconURLFallback"="http://www.google.com/favicon.ico"
"FaviconPath"="C:\\Users\\Broni\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{6A1806CD-94D4-4689-BA73-E35EA1EA9990}.ico"
"DisplayName"="Google"
"URL"="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBF"
"TopResultURLFallback"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{91AB8233-EFEF-4DE1-B215-35D6E262F804}]
"DisplayName"="Live Search"
"URL"="http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HQDUS7"
"SuggestionsURLFallback"="http://api.search.live.com/qsml.aspx?query={searchTerms}&src=IE-SearchBox&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IE8SSC&market={Language}"
"FaviconURLFallback"="http://www.live.com/favicon.ico"
"FaviconPath"="C:\\Users\\Broni\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{91AB8233-EFEF-4DE1-B215-35D6E262F804}.ico"
 
I haven't pasted any custom scan/fix, here it is:

OTL logfile created on: 2/29/2012 8:45:17 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michele\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Netherlands | Language: NLD | Date Format: d-M-yyyy

7.91 Gb Total Physical Memory | 5.43 Gb Available Physical Memory | 68.61% Memory free
15.82 Gb Paging File | 12.17 Gb Available in Paging File | 76.92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 105.00 Gb Total Space | 44.90 Gb Free Space | 42.76% Space Free | Partition Type: NTFS
Drive D: | 467.62 Gb Total Space | 131.27 Gb Free Space | 28.07% Space Free | Partition Type: NTFS
Drive E: | 5.68 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: SAMSUNGRF711 | User Name: Michele | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/28 22:26:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/12 23:12:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michele\Desktop\OTL.exe
PRC - [2011/12/20 14:52:04 | 002,783,312 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
PRC - [2011/12/12 18:21:54 | 022,459,984 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2011/12/01 21:43:52 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/11/13 08:47:28 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011/11/02 16:51:54 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/05/18 21:40:06 | 002,016,504 | ---- | M] (UltraVNC) -- C:\Program Files (x86)\UltraVNC\winvnc.exe
PRC - [2010/12/15 00:01:16 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/12/06 12:44:36 | 000,943,984 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010/12/06 12:44:28 | 007,058,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
PRC - [2010/11/29 06:42:38 | 000,775,848 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
PRC - [2010/11/23 08:07:20 | 001,755,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/11/17 09:24:54 | 004,387,632 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2010/11/14 16:30:49 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2010/11/10 00:03:52 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010/10/22 17:58:34 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010/10/06 06:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 06:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/08/25 21:07:38 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/07/23 11:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2010/02/10 15:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2010/02/02 16:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/11/02 06:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/28 22:26:10 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/18 09:35:09 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2010/07/05 11:42:58 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
MOD - [2010/05/07 15:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009/11/02 06:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 06:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006/08/12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/07/15 01:01:04 | 000,510,024 | ---- | M] (Aventail Corporation) [Auto | Running] -- C:\Windows\SysNative\ngvpnmgr.exe -- (NgVpnMgr)
SRV:64bit: - [2010/10/22 17:58:34 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/10/08 01:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/22 10:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/09 20:04:12 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:64bit: - [2010/01/27 15:27:24 | 000,665,320 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\atwtusb.exe -- (WTService)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/05/18 21:40:06 | 002,016,504 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files (x86)\UltraVNC\WinVNC.exe -- (uvnc_service)
SRV - [2010/12/15 00:01:16 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/10/06 06:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/10/06 06:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/08/25 04:07:38 | 000,246,256 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010/07/23 11:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/06/03 18:48:28 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/10/27 02:25:52 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2011/10/27 02:25:52 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2011/10/27 02:25:52 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2011/10/27 02:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/10/27 02:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/10/27 02:25:42 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/10/27 02:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/07/15 00:30:50 | 000,103,496 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ngvpn.sys -- (NgVpn)
DRV:64bit: - [2011/07/15 00:30:50 | 000,031,304 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nglog.sys -- (NgLog)
DRV:64bit: - [2011/07/15 00:30:50 | 000,028,744 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ngwfp.sys -- (NgWfp)
DRV:64bit: - [2011/07/15 00:30:50 | 000,026,184 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ngfilter.sys -- (NgFilter)
DRV:64bit: - [2011/03/24 08:53:02 | 000,196,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2011/03/24 08:53:02 | 000,094,208 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2011/03/24 08:53:02 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/03/24 08:53:02 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2011/03/24 08:53:02 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2011/03/24 08:53:00 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/12/15 00:01:14 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2010/12/03 05:55:32 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/03 05:55:32 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/29 06:23:16 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/25 20:31:32 | 000,409,192 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/10 00:04:14 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/10/15 09:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/10/08 01:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/09/21 18:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/09/21 08:20:30 | 000,348,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2010/09/14 23:59:16 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/09/14 23:59:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/09/13 10:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/31 02:13:02 | 000,118,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/08/21 01:21:38 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/29 01:23:08 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/03/02 08:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/08/26 12:15:10 | 000,007,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\walvhid.sys -- (vhidmini)
DRV:64bit: - [2009/08/07 02:35:34 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/28 07:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2009/03/08 18:16:14 | 000,007,680 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\moufiltr.sys -- (moufiltr)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2011/04/21 12:33:15 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-981944830-553675151-235582288-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
IE - HKU\S-1-5-21-981944830-553675151-235582288-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-981944830-553675151-235582288-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
IE - HKU\S-1-5-21-981944830-553675151-235582288-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Michele\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/02/25 16:12:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/02/25 16:12:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/02/25 16:13:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/01 21:44:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/02/11 23:29:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/28 22:26:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\FireFox\Extensions\\MFToolbar@skywebsearch.com: C:\Program Files (x86)\MusicFrost\Music Frost Toolbar\FF [2011/07/28 18:59:37 | 000,000,000 | ---D | M]

[2012/02/16 22:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michele\AppData\Roaming\Mozilla\Extensions
[2012/02/16 22:05:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/11 23:29:18 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/02/28 22:26:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/08 18:12:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/08 18:12:58 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/02/12 22:17:46 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-981944830-553675151-235582288-1002\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [MacroKeyManager] C:\Windows\SysNative\WTMKM.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1002..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1002..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1002..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1002..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-981944830-553675151-235582288-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-981944830-553675151-235582288-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-981944830-553675151-235582288-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-981944830-553675151-235582288-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Compila - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Compila Modulo - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Salva - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Salva Moduli - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RF Barra strumenti - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1124307C-7A8D-4C66-BC36-96DF5CA914B4}: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A679AC9-4D35-4556-83E4-50FE04BA6306}: NameServer = 62.240.110.197 62.240.110.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8086BF51-4CF3-44C4-AD59-1D93FA29A6AF}: DhcpNameServer = 212.54.40.25 212.54.35.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/27 21:43:20 | 000,000,000 | ---D | C] -- C:\Users\Michele\Desktop\temp
[2012/02/21 20:51:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverUninstall
[2012/02/21 20:50:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SupportAppXL
[2012/02/19 22:43:06 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Roaming\Vodafone
[2012/02/19 22:42:36 | 000,196,608 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys
[2012/02/19 22:42:35 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2012/02/19 22:42:33 | 000,094,208 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2012/02/19 22:42:31 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdfcoinstaller01007.dll
[2012/02/19 22:42:31 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2012/02/19 22:42:31 | 000,085,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2012/02/19 22:42:30 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2012/02/19 22:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2012/02/19 22:41:32 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\{39C0E0A2-0193-49A4-9D69-DABD740C37FE}

---- CONTINUES -----
 
----- part 2 of OTL -----

[2012/02/16 22:05:56 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Roaming\Mozilla
[2012/02/16 22:05:56 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\Mozilla
[2012/02/16 22:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/02/16 20:46:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/16 18:16:57 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/16 18:16:54 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/16 18:16:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/16 18:16:48 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/16 18:16:24 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/02/16 18:16:24 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/16 18:16:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/16 18:16:22 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/16 18:16:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/16 18:16:21 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/16 18:16:21 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/16 18:07:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/02/15 19:57:41 | 004,404,931 | R--- | C] (Swearware) -- C:\Users\Michele\Desktop\ComboFix.exe
[2012/02/12 23:11:57 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Michele\Desktop\OTL.exe
[2012/02/12 22:23:05 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/02/12 22:10:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/12 22:10:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/12 22:10:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/12 22:10:04 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/12 22:10:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/12 21:50:23 | 000,000,000 | ---D | C] -- C:\Users\Michele\Documents\CyberLink
[2012/02/12 21:50:20 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\Windows Live
[2012/02/12 21:50:03 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\{F1145FCE-9C8D-4734-A8DF-0C50300376AE}
[2012/02/12 21:50:03 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\{944DC6AD-DE67-4321-8831-CCA791652721}
[2012/02/12 21:37:06 | 001,932,256 | ---- | C] (Symantec Corporation) -- C:\Users\Michele\Desktop\FixTDSS.exe
[2012/02/12 21:17:00 | 002,059,824 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michele\Desktop\tdsskiller.exe
[2012/02/12 09:41:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/02/12 08:58:18 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\Michele\Desktop\aswMBR.exe
[2012/02/11 23:29:26 | 000,304,472 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/02/11 23:29:26 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/02/11 23:29:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/02/11 23:29:25 | 000,591,192 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/02/11 23:29:25 | 000,058,712 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/02/11 23:29:25 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2012/02/11 23:29:24 | 000,256,960 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/02/11 23:29:24 | 000,066,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/02/11 23:29:14 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/02/11 23:29:13 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/02/11 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/02/11 23:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/02/11 22:31:16 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Michele\Desktop\dds.scr
[2012/02/11 22:11:24 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Roaming\Malwarebytes
[2012/02/11 22:10:53 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/02/11 22:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/11 22:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/02/11 22:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/11 22:06:25 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Michele\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/05 20:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\40tude Dialog
[2012/02/05 20:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\40tude Dialog
[2012/02/04 11:09:43 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\Unity
[2012/01/31 06:15:10 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/31 06:15:09 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/31 06:15:09 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/31 06:15:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/31 06:15:09 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/31 06:15:09 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll

========== Files - Modified Within 30 Days ==========

[2012/02/29 19:50:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/29 18:57:14 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/29 18:57:14 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/29 18:49:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/29 18:48:52 | 4201,766,911 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/27 21:43:07 | 000,001,716 | ---- | M] () -- C:\Users\Michele\Desktop\temp.zip
[2012/02/27 19:50:18 | 000,351,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/21 21:14:53 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/21 21:14:53 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/21 21:14:53 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/19 22:43:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2012/02/19 22:43:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2012/02/19 22:42:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012/02/18 09:35:09 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/02/17 09:41:39 | 000,001,310 | ---- | M] () -- C:\Users\Michele\Desktop\searchscopes.reg
[2012/02/16 22:05:45 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/15 19:57:50 | 004,404,931 | R--- | M] (Swearware) -- C:\Users\Michele\Desktop\ComboFix.exe
[2012/02/13 21:38:56 | 000,000,302 | ---- | M] () -- C:\Users\Michele\.Xauthority
[2012/02/12 23:12:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michele\Desktop\OTL.exe
[2012/02/12 22:17:46 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/02/12 21:37:08 | 001,932,256 | ---- | M] (Symantec Corporation) -- C:\Users\Michele\Desktop\FixTDSS.exe
[2012/02/12 21:17:52 | 002,059,824 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michele\Desktop\tdsskiller.exe
[2012/02/12 20:18:21 | 000,800,637 | ---- | M] () -- C:\Users\Michele\Desktop\ListParts64.exe
[2012/02/12 09:40:44 | 1426,810,472 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/12 09:12:18 | 000,083,968 | ---- | M] (Esage Lab) -- C:\Users\Michele\Desktop\boot_cleaner.exe
[2012/02/12 09:11:53 | 000,044,607 | ---- | M] () -- C:\Users\Michele\Desktop\bootkit_remover.zip
[2012/02/12 09:11:16 | 000,000,512 | ---- | M] () -- C:\Users\Michele\Desktop\MBR.dat
[2012/02/12 08:58:29 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Users\Michele\Desktop\aswMBR.exe
[2012/02/11 23:29:26 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/02/11 23:29:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/02/11 22:31:22 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Michele\Desktop\dds.scr
[2012/02/11 22:28:13 | 000,302,592 | ---- | M] () -- C:\Users\Michele\Desktop\km76dy5k.exe
[2012/02/11 22:10:53 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/11 22:09:59 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Michele\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/06 18:56:27 | 004,442,360 | ---- | M] () -- C:\Users\Michele\Desktop\Mattia Ancis.png
[2012/02/05 20:14:10 | 000,000,952 | ---- | M] () -- C:\Users\Michele\Desktop\40tude Dialog.lnk
[2012/01/31 18:19:48 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

========== Files Created - No Company Name ==========

[2012/02/27 21:43:00 | 000,001,716 | ---- | C] () -- C:\Users\Michele\Desktop\temp.zip
[2012/02/19 22:43:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2012/02/19 22:43:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2012/02/19 22:42:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012/02/17 09:41:38 | 000,001,310 | ---- | C] () -- C:\Users\Michele\Desktop\searchscopes.reg
[2012/02/16 22:05:45 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/16 22:05:45 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/12 22:10:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/12 22:10:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/12 22:10:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/12 22:10:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/12 22:10:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/12 20:18:09 | 000,800,637 | ---- | C] () -- C:\Users\Michele\Desktop\ListParts64.exe
[2012/02/12 09:40:44 | 1426,810,472 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/02/12 09:11:45 | 000,044,607 | ---- | C] () -- C:\Users\Michele\Desktop\bootkit_remover.zip
[2012/02/12 09:11:16 | 000,000,512 | ---- | C] () -- C:\Users\Michele\Desktop\MBR.dat
[2012/02/11 23:29:26 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/02/11 23:29:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/02/11 22:23:57 | 000,302,592 | ---- | C] () -- C:\Users\Michele\Desktop\km76dy5k.exe
[2012/02/11 22:10:53 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/06 18:56:27 | 004,442,360 | ---- | C] () -- C:\Users\Michele\Desktop\Mattia Ancis.png
[2012/02/05 20:14:10 | 000,000,952 | ---- | C] () -- C:\Users\Michele\Desktop\40tude Dialog.lnk
[2011/10/31 11:22:42 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/10/31 11:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/10/31 11:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/10/31 11:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/10/31 11:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/10/24 22:45:09 | 000,001,879 | ---- | C] () -- C:\Users\Michele\AppData\Roaming\SAS7_000.DAT
[2011/10/22 19:35:53 | 000,008,265 | ---- | C] () -- C:\Windows\aiptbl.ini
[2011/10/08 14:07:26 | 000,000,600 | ---- | C] () -- C:\Users\Michele\AppData\Local\PUTTY.RND
[2011/07/30 14:28:22 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/07/28 15:06:00 | 000,484,656 | ---- | C] () -- C:\Windows\ssndii.exe
[2011/07/28 15:05:47 | 000,258,864 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2011/07/28 15:05:37 | 000,142,704 | ---- | C] () -- C:\Windows\wiainst64.exe
[2011/07/15 01:06:18 | 000,215,112 | ---- | C] () -- C:\Windows\ngmsi.dll
[2011/07/15 01:04:14 | 000,021,064 | ---- | C] () -- C:\Windows\ngutil.exe
[2011/02/26 07:06:34 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/02/26 07:06:32 | 000,206,952 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/02/26 07:06:31 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/02/25 16:12:07 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2011/02/25 14:28:48 | 000,001,927 | ---- | C] () -- C:\Windows\HotFixList.ini
[2011/02/25 13:58:06 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010/02/10 16:00:44 | 000,130,280 | ---- | C] () -- C:\Windows\RmTablet.exe
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0FF263E8

< End of report >
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
O3 - HKU\S-1-5-21-981944830-553675151-235582288-1002\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1124307C-7A8D-4C66-BC36-96DF5CA914B4}: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A679AC9-4D35-4556-83E4-50FE04BA6306}: NameServer = 62.240.110.197 62.240.110.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8086BF51-4CF3-44C4-AD59-1D93FA29A6AF}: DhcpNameServer = 212.54.40.25 212.54.35.25

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply. Only one log will be created.
 
Run Fix result:

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-981944830-553675151-235582288-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1124307C-7A8D-4C66-BC36-96DF5CA914B4}\\DhcpNameServer| /E : value set successfully!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7A679AC9-4D35-4556-83E4-50FE04BA6306}\\NameServer| /E : value set successfully!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8086BF51-4CF3-44C4-AD59-1D93FA29A6AF}\\DhcpNameServer| /E : value set successfully!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Michele
->Temp folder emptied: 19958064 bytes
->Temporary Internet Files folder emptied: 101962815 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 87272717 bytes
->Flash cache emptied: 1919 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 173659 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50400 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 200.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Default

User: Default User

User: Michele
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Michele
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02292012_225010

Files\Folders moved on Reboot...
C:\Users\Michele\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Michele\AppData\Local\Temp\~DF0AD9E193ACA642D2.TMP not found!
File\Folder C:\Users\Michele\AppData\Local\Temp\~DF73DE5D943FDD37E5.TMP not found!
File\Folder C:\Users\Michele\AppData\Local\Temp\~DF854BBC316B5B82E9.TMP not found!
File\Folder C:\Users\Michele\AppData\Local\Temp\~DFC971C7301D349614.TMP not found!
File\Folder C:\Users\Michele\AppData\Local\Temp\~DFE160690E453EA9E9.TMP not found!
File\Folder C:\Users\Michele\AppData\Local\Temp\~DFFEB6E5A63B339049.TMP not found!
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MAY1RH1K\comments[1].htm moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MAY1RH1K\fastbutton[1].htm moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MAY1RH1K\fastbutton[2].htm moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\833AHXTO\topic177409-4[1].html moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6IFIJF80\ifrgen[1].htm moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6IFIJF80\like[1].htm moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5535KC10\ads[3].htm moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5535KC10\like[1].htm moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5535KC10\tweet_button.1330467312[1].html moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWB89W3B\background-nag-web2626-expiring[1].jpg moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E839DOAN\background_footer[1].png moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E839DOAN\background_yellow_title_triangle3_avast[2].png moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BVMXW5H4\i44_button-grey[1].png moved successfully.
C:\Users\Michele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BVMXW5H4\i44_button[1].png moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
 
Quick Scan result:

OTL logfile created on: 2/29/2012 10:57:13 PM - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michele\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Netherlands | Language: NLD | Date Format: d-M-yyyy

7.91 Gb Total Physical Memory | 6.18 Gb Available Physical Memory | 78.15% Memory free
15.83 Gb Paging File | 13.99 Gb Available in Paging File | 88.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 105.00 Gb Total Space | 45.08 Gb Free Space | 42.93% Space Free | Partition Type: NTFS
Drive D: | 467.62 Gb Total Space | 131.27 Gb Free Space | 28.07% Space Free | Partition Type: NTFS
Drive E: | 5.68 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: SAMSUNGRF711 | User Name: Michele | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/12 23:12:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michele\Desktop\OTL.exe
PRC - [2011/12/12 18:21:54 | 022,459,984 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2011/12/01 21:43:52 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/11/02 16:52:06 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/11/02 16:51:54 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/05/18 21:40:06 | 002,016,504 | ---- | M] (UltraVNC) -- C:\Program Files (x86)\UltraVNC\winvnc.exe
PRC - [2010/12/15 00:01:16 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/12/06 12:44:36 | 000,943,984 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010/12/06 12:44:28 | 007,058,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
PRC - [2010/11/20 13:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/11/17 09:24:54 | 004,387,632 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2010/11/14 16:30:49 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2010/11/10 00:03:52 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010/10/22 17:58:34 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010/10/06 06:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 06:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/08/25 21:07:38 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/07/23 11:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2010/02/10 15:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2010/02/02 16:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/11/02 06:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/29 22:56:05 | 000,115,137 | ---- | M] () -- C:\Users\Michele\AppData\Local\Temp\b3ac04aa-9413-4ecb-ac45-ed44495e62a6\CliSecureRT.dll
MOD - [2012/02/16 20:28:27 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\dbc78bf6ea5ba346651f88cd45febe94\System.Management.ni.dll
MOD - [2012/02/16 20:27:25 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\47a28c9724ca2af1e8a808b6a4492fdc\System.Runtime.Remoting.ni.dll
MOD - [2012/02/16 20:27:20 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ecf7f8a10cf3e6c3944936c7562ffd69\System.Xaml.ni.dll
MOD - [2012/02/16 19:36:09 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\de7b98adae0cf9ef3ee34eba29b9e0d9\PresentationFramework.ni.dll
MOD - [2012/02/16 19:35:58 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7d0085af8163b715488f2ed72d2b404\PresentationCore.ni.dll
MOD - [2012/02/16 19:35:54 | 013,138,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\8f178c27be36f9a08ab5ef6b26edd53c\System.Windows.Forms.ni.dll
MOD - [2012/02/16 19:35:51 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e6a421765ab129b5a12db40f1ad11b33\System.Core.ni.dll
MOD - [2012/02/16 19:35:51 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\328128459fb93ae5bb4d813f1c25f882\System.Xml.ni.dll
MOD - [2012/02/16 19:35:46 | 003,857,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ed88e619ee2f7890f095327c9e6c4f47\WindowsBase.ni.dll
MOD - [2012/02/16 19:35:44 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\48763e13ab42d7d355deba3265ea3223\System.Drawing.ni.dll
MOD - [2012/02/16 19:35:44 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\8bddd0d3155a3edec42e3039493095c7\PresentationFramework.Aero.ni.dll
MOD - [2012/02/16 19:35:42 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\dc9a87796af6bbda69eb6415f081d7d5\System.ni.dll
MOD - [2011/11/02 16:52:06 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/10/14 21:38:48 | 014,408,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e360aa959e1b83be7026670d129c0a93\mscorlib.ni.dll
MOD - [2010/05/07 15:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009/11/02 06:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 06:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006/08/12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/07/15 01:01:04 | 000,510,024 | ---- | M] (Aventail Corporation) [Auto | Running] -- C:\Windows\SysNative\ngvpnmgr.exe -- (NgVpnMgr)
SRV:64bit: - [2010/10/22 17:58:34 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/10/08 01:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/22 10:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/09 20:04:12 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:64bit: - [2010/01/27 15:27:24 | 000,665,320 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\atwtusb.exe -- (WTService)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/05/18 21:40:06 | 002,016,504 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files (x86)\UltraVNC\WinVNC.exe -- (uvnc_service)
SRV - [2010/12/15 00:01:16 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/10/06 06:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/10/06 06:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/08/25 04:07:38 | 000,246,256 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010/07/23 11:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/06/03 18:48:28 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/10/27 02:25:52 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2011/10/27 02:25:52 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2011/10/27 02:25:52 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2011/10/27 02:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/10/27 02:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/10/27 02:25:42 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/10/27 02:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/07/15 00:30:50 | 000,103,496 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ngvpn.sys -- (NgVpn)
DRV:64bit: - [2011/07/15 00:30:50 | 000,031,304 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nglog.sys -- (NgLog)
DRV:64bit: - [2011/07/15 00:30:50 | 000,028,744 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ngwfp.sys -- (NgWfp)
DRV:64bit: - [2011/07/15 00:30:50 | 000,026,184 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ngfilter.sys -- (NgFilter)
DRV:64bit: - [2011/03/24 08:53:02 | 000,196,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2011/03/24 08:53:02 | 000,094,208 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2011/03/24 08:53:02 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/03/24 08:53:02 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2011/03/24 08:53:02 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2011/03/24 08:53:00 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/12/15 00:01:14 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2010/12/03 05:55:32 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/03 05:55:32 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/29 06:23:16 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/25 20:31:32 | 000,409,192 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/10 00:04:14 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/10/15 09:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/10/08 01:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/09/21 18:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/09/21 08:20:30 | 000,348,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2010/09/14 23:59:16 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/09/14 23:59:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/09/13 10:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/31 02:13:02 | 000,118,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/08/21 01:21:38 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/29 01:23:08 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/03/02 08:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/08/26 12:15:10 | 000,007,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\walvhid.sys -- (vhidmini)
DRV:64bit: - [2009/08/07 02:35:34 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/28 07:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2009/03/08 18:16:14 | 000,007,680 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\moufiltr.sys -- (moufiltr)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2011/04/21 12:33:15 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-981944830-553675151-235582288-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
IE - HKU\S-1-5-21-981944830-553675151-235582288-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-981944830-553675151-235582288-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
IE - HKU\S-1-5-21-981944830-553675151-235582288-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Michele\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/02/25 16:12:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/02/25 16:12:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/02/25 16:13:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/01 21:44:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/02/11 23:29:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/28 22:26:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\FireFox\Extensions\\MFToolbar@skywebsearch.com: C:\Program Files (x86)\MusicFrost\Music Frost Toolbar\FF [2011/07/28 18:59:37 | 000,000,000 | ---D | M]

------------- follows part 2 -------------
 
----------- Quick Fix part 2 --------------

[2012/02/16 22:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michele\AppData\Roaming\Mozilla\Extensions
[2012/02/16 22:05:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/11 23:29:18 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/02/28 22:26:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/08 18:12:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/08 18:12:58 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/02/12 22:17:46 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [MacroKeyManager] C:\Windows\SysNative\WTMKM.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1002..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1002..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1002..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-981944830-553675151-235582288-1002..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-981944830-553675151-235582288-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-981944830-553675151-235582288-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-981944830-553675151-235582288-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-981944830-553675151-235582288-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Compila - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Compila Modulo - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Salva - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Salva Moduli - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RF Barra strumenti - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1124307C-7A8D-4C66-BC36-96DF5CA914B4}: DhcpNameServer = 212.54.40.25 212.54.35.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/27 21:43:20 | 000,000,000 | ---D | C] -- C:\Users\Michele\Desktop\temp
[2012/02/21 20:51:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverUninstall
[2012/02/21 20:50:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SupportAppXL
[2012/02/19 22:43:06 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Roaming\Vodafone
[2012/02/19 22:42:36 | 000,196,608 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys
[2012/02/19 22:42:35 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2012/02/19 22:42:33 | 000,094,208 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2012/02/19 22:42:31 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2012/02/19 22:42:31 | 000,085,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2012/02/19 22:42:30 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2012/02/19 22:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2012/02/19 22:41:32 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\{39C0E0A2-0193-49A4-9D69-DABD740C37FE}
[2012/02/16 22:05:56 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Roaming\Mozilla
[2012/02/16 22:05:56 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\Mozilla
[2012/02/16 22:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/02/16 20:46:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/16 18:07:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/02/15 19:57:41 | 004,404,931 | R--- | C] (Swearware) -- C:\Users\Michele\Desktop\ComboFix.exe
[2012/02/12 23:11:57 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Michele\Desktop\OTL.exe
[2012/02/12 22:23:05 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/02/12 22:10:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/12 22:10:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/12 22:10:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/12 22:10:04 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/12 22:10:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/12 21:50:23 | 000,000,000 | ---D | C] -- C:\Users\Michele\Documents\CyberLink
[2012/02/12 21:50:20 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\Windows Live
[2012/02/12 21:50:03 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\{F1145FCE-9C8D-4734-A8DF-0C50300376AE}
[2012/02/12 21:50:03 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\{944DC6AD-DE67-4321-8831-CCA791652721}
[2012/02/12 21:37:06 | 001,932,256 | ---- | C] (Symantec Corporation) -- C:\Users\Michele\Desktop\FixTDSS.exe
[2012/02/12 21:17:00 | 002,059,824 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michele\Desktop\tdsskiller.exe
[2012/02/12 09:41:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/02/12 08:58:18 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\Michele\Desktop\aswMBR.exe
[2012/02/11 23:29:26 | 000,304,472 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/02/11 23:29:26 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/02/11 23:29:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/02/11 23:29:25 | 000,591,192 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/02/11 23:29:25 | 000,058,712 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/02/11 23:29:25 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2012/02/11 23:29:24 | 000,256,960 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/02/11 23:29:24 | 000,066,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/02/11 23:29:14 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/02/11 23:29:13 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/02/11 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/02/11 23:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/02/11 22:31:16 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Michele\Desktop\dds.scr
[2012/02/11 22:11:24 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Roaming\Malwarebytes
[2012/02/11 22:10:53 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/02/11 22:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/11 22:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/02/11 22:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/11 22:06:25 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Michele\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/05 20:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\40tude Dialog
[2012/02/05 20:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\40tude Dialog
[2012/02/04 11:09:43 | 000,000,000 | ---D | C] -- C:\Users\Michele\AppData\Local\Unity

========== Files - Modified Within 30 Days ==========

[2012/02/29 23:02:10 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/29 23:02:10 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/29 22:54:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/29 22:53:56 | 4202,995,711 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/29 22:50:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/27 21:43:07 | 000,001,716 | ---- | M] () -- C:\Users\Michele\Desktop\temp.zip
[2012/02/27 19:50:18 | 000,351,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/21 21:14:53 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/21 21:14:53 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/21 21:14:53 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/19 22:43:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2012/02/19 22:43:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2012/02/19 22:42:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012/02/17 09:41:39 | 000,001,310 | ---- | M] () -- C:\Users\Michele\Desktop\searchscopes.reg
[2012/02/16 22:05:45 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/15 19:57:50 | 004,404,931 | R--- | M] (Swearware) -- C:\Users\Michele\Desktop\ComboFix.exe
[2012/02/13 21:38:56 | 000,000,302 | ---- | M] () -- C:\Users\Michele\.Xauthority
[2012/02/12 23:12:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michele\Desktop\OTL.exe
[2012/02/12 22:17:46 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/02/12 21:37:08 | 001,932,256 | ---- | M] (Symantec Corporation) -- C:\Users\Michele\Desktop\FixTDSS.exe
[2012/02/12 21:17:52 | 002,059,824 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michele\Desktop\tdsskiller.exe
[2012/02/12 20:18:21 | 000,800,637 | ---- | M] () -- C:\Users\Michele\Desktop\ListParts64.exe
[2012/02/12 09:40:44 | 1426,810,472 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/12 09:12:18 | 000,083,968 | ---- | M] (Esage Lab) -- C:\Users\Michele\Desktop\boot_cleaner.exe
[2012/02/12 09:11:53 | 000,044,607 | ---- | M] () -- C:\Users\Michele\Desktop\bootkit_remover.zip
[2012/02/12 09:11:16 | 000,000,512 | ---- | M] () -- C:\Users\Michele\Desktop\MBR.dat
[2012/02/12 08:58:29 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Users\Michele\Desktop\aswMBR.exe
[2012/02/11 23:29:26 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/02/11 23:29:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/02/11 22:31:22 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Michele\Desktop\dds.scr
[2012/02/11 22:28:13 | 000,302,592 | ---- | M] () -- C:\Users\Michele\Desktop\km76dy5k.exe
[2012/02/11 22:10:53 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/11 22:09:59 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Michele\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/06 18:56:27 | 004,442,360 | ---- | M] () -- C:\Users\Michele\Desktop\Mattia Ancis.png
[2012/02/05 20:14:10 | 000,000,952 | ---- | M] () -- C:\Users\Michele\Desktop\40tude Dialog.lnk
[2012/01/31 18:19:48 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

========== Files Created - No Company Name ==========

[2012/02/27 21:43:00 | 000,001,716 | ---- | C] () -- C:\Users\Michele\Desktop\temp.zip
[2012/02/19 22:43:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2012/02/19 22:43:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2012/02/19 22:42:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012/02/17 09:41:38 | 000,001,310 | ---- | C] () -- C:\Users\Michele\Desktop\searchscopes.reg
[2012/02/16 22:05:45 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/16 22:05:45 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/12 22:10:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/12 22:10:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/12 22:10:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/12 22:10:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/12 22:10:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/12 20:18:09 | 000,800,637 | ---- | C] () -- C:\Users\Michele\Desktop\ListParts64.exe
[2012/02/12 09:40:44 | 1426,810,472 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/02/12 09:11:45 | 000,044,607 | ---- | C] () -- C:\Users\Michele\Desktop\bootkit_remover.zip
[2012/02/12 09:11:16 | 000,000,512 | ---- | C] () -- C:\Users\Michele\Desktop\MBR.dat
[2012/02/11 23:29:26 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/02/11 23:29:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/02/11 22:23:57 | 000,302,592 | ---- | C] () -- C:\Users\Michele\Desktop\km76dy5k.exe
[2012/02/11 22:10:53 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/06 18:56:27 | 004,442,360 | ---- | C] () -- C:\Users\Michele\Desktop\Mattia Ancis.png
[2012/02/05 20:14:10 | 000,000,952 | ---- | C] () -- C:\Users\Michele\Desktop\40tude Dialog.lnk
[2011/10/31 11:22:42 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/10/31 11:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/10/31 11:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/10/31 11:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/10/31 11:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/10/24 22:45:09 | 000,001,879 | ---- | C] () -- C:\Users\Michele\AppData\Roaming\SAS7_000.DAT
[2011/10/22 19:35:53 | 000,008,265 | ---- | C] () -- C:\Windows\aiptbl.ini
[2011/10/08 14:07:26 | 000,000,600 | ---- | C] () -- C:\Users\Michele\AppData\Local\PUTTY.RND
[2011/07/30 14:28:22 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/07/28 15:06:00 | 000,484,656 | ---- | C] () -- C:\Windows\ssndii.exe
[2011/07/28 15:05:47 | 000,258,864 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2011/07/28 15:05:37 | 000,142,704 | ---- | C] () -- C:\Windows\wiainst64.exe
[2011/07/15 01:06:18 | 000,215,112 | ---- | C] () -- C:\Windows\ngmsi.dll
[2011/07/15 01:04:14 | 000,021,064 | ---- | C] () -- C:\Windows\ngutil.exe
[2011/02/26 07:06:34 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/02/26 07:06:32 | 000,206,952 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/02/26 07:06:31 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/02/25 16:12:07 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2011/02/25 14:28:48 | 000,001,927 | ---- | C] () -- C:\Windows\HotFixList.ini
[2011/02/25 13:58:06 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010/02/10 16:00:44 | 000,130,280 | ---- | C] () -- C:\Windows\RmTablet.exe
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/10/08 13:35:40 | 000,000,000 | ---D | M] -- C:\Users\Michele\AppData\Roaming\Aventail
[2011/12/18 23:02:45 | 000,000,000 | ---D | M] -- C:\Users\Michele\AppData\Roaming\DVDVideoSoft
[2012/01/08 22:17:55 | 000,000,000 | ---D | M] -- C:\Users\Michele\AppData\Roaming\gtk-2.0
[2011/10/24 22:37:01 | 000,000,000 | ---D | M] -- C:\Users\Michele\AppData\Roaming\Nuance
[2012/01/14 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Michele\AppData\Roaming\ooVoo Details
[2011/11/28 21:00:11 | 000,000,000 | ---D | M] -- C:\Users\Michele\AppData\Roaming\Samsung
[2012/02/11 22:17:04 | 000,000,000 | ---D | M] -- C:\Users\Michele\AppData\Roaming\uTorrent
[2012/02/19 22:43:06 | 000,000,000 | ---D | M] -- C:\Users\Michele\AppData\Roaming\Vodafone
[2012/01/09 17:51:49 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0FF263E8

< End of report >
 
ComboFix 12-03-01.01 - Michele 01-03-2012 18:31:46.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1033.18.8103.6317 [GMT 1:00]
Gestart vanuit: c:\users\Michele\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-02-01 to 2012-03-01 ))))))))))))))))))))))))))))))
.
.
2012-03-01 17:37 . 2012-03-01 17:37 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-01 17:37 . 2012-03-01 17:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-01 17:37 . 2012-03-01 17:37 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-02-28 16:50 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{29E6971B-E985-4460-A80C-E4A7DE2D2DB6}\mpengine.dll
2012-02-21 19:51 . 2012-02-21 19:51 -------- d-----w- c:\program files (x86)\DriverUninstall
2012-02-21 19:50 . 2012-02-21 20:15 -------- d-----w- c:\windows\SysWow64\SupportAppXL
2012-02-19 21:43 . 2012-02-19 21:43 -------- d-----w- c:\users\Michele\AppData\Roaming\Vodafone
2012-02-19 21:42 . 2011-03-24 07:53 196608 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2012-02-19 21:42 . 2011-03-24 07:53 28672 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2012-02-19 21:42 . 2011-03-24 07:53 94208 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2012-02-19 21:42 . 2011-03-24 07:53 85504 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2012-02-19 21:42 . 2011-03-24 07:53 1490656 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2012-02-19 21:42 . 2011-03-24 07:53 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2012-02-19 21:42 . 2011-03-24 07:53 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2012-02-19 21:42 . 2012-02-19 21:42 -------- d-----w- c:\programdata\Vodafone
2012-02-19 21:41 . 2012-02-19 21:41 -------- d-----w- c:\users\Michele\AppData\Local\{39C0E0A2-0193-49A4-9D69-DABD740C37FE}
2012-02-16 21:05 . 2012-02-16 21:05 -------- d-----w- c:\users\Michele\AppData\Local\Mozilla
2012-02-16 19:46 . 2012-02-16 19:46 -------- d-----w- C:\_OTL
2012-02-12 20:50 . 2012-02-12 20:50 -------- d-----w- c:\users\Michele\AppData\Local\Windows Live
2012-02-11 22:29 . 2011-11-28 17:53 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-02-11 22:29 . 2011-11-28 17:51 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-11 22:29 . 2011-11-28 17:54 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-11 22:29 . 2011-11-28 17:52 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-02-11 22:29 . 2011-11-28 17:52 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-02-11 22:29 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
2012-02-11 22:29 . 2011-11-28 17:52 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-02-11 22:29 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-02-11 22:29 . 2011-11-28 18:01 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-02-11 22:29 . 2012-02-11 22:29 -------- d-----w- c:\programdata\AVAST Software
2012-02-11 22:29 . 2012-02-11 22:29 -------- d-----w- c:\program files\AVAST Software
2012-02-11 21:11 . 2012-02-11 21:11 -------- d-----w- c:\users\Michele\AppData\Roaming\Malwarebytes
2012-02-11 21:10 . 2012-02-11 21:10 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-11 21:10 . 2012-02-11 21:10 -------- d-----w- c:\programdata\Malwarebytes
2012-02-11 21:10 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-05 19:14 . 2012-02-05 19:27 -------- d-----w- c:\program files (x86)\40tude Dialog
2012-02-04 10:09 . 2012-02-04 10:09 -------- d-----w- c:\users\Michele\AppData\Local\Unity
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-18 08:35 . 2011-10-03 18:00 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-29 04:10 . 2011-07-28 14:12 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-12_21.17.52 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-12-15 17:42 . 2011-11-05 04:31 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2012-02-16 17:16 . 2011-12-16 07:52 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2012-02-16 17:16 . 2011-12-16 07:54 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2011-12-15 17:42 . 2011-11-05 04:35 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-02-16 17:16 . 2011-12-16 07:52 48128 c:\windows\SysWOW64\jsproxy.dll
- 2011-12-15 17:42 . 2011-11-05 04:30 48128 c:\windows\SysWOW64\jsproxy.dll
- 2009-07-14 04:54 . 2012-02-12 20:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-01 16:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-02-12 20:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-01 16:47 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-12 20:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-01 16:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-25 14:39 . 2012-03-01 16:55 54216 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-01 16:55 36156 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-07-28 13:56 . 2012-03-01 16:55 11946 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-981944830-553675151-235582288-1002_UserData.bin
+ 2012-02-16 17:16 . 2011-12-16 08:45 97280 c:\windows\system32\mshtmled.dll
- 2011-12-15 17:42 . 2011-11-05 05:38 97280 c:\windows\system32\mshtmled.dll
- 2011-12-15 17:42 . 2011-11-05 05:41 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-02-16 17:16 . 2011-12-16 08:47 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-02-16 17:16 . 2011-12-16 08:45 64512 c:\windows\system32\jsproxy.dll
- 2011-12-15 17:42 . 2011-11-05 05:37 64512 c:\windows\system32\jsproxy.dll
- 2009-07-14 05:30 . 2012-01-07 12:47 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-02-21 20:12 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-02-21 20:11 . 2011-03-26 09:37 11776 c:\windows\system32\DriverStore\FileRepository\massfilter.inf_amd64_neutral_0ba85f6024886faf\massfilter.sys
+ 2011-03-24 07:53 . 2011-03-24 07:53 32768 c:\windows\system32\DriverStore\FileRepository\ewdcsc.inf_amd64_neutral_9651007e461d9f45\ewdcsc.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 28672 c:\windows\system32\DriverStore\FileRepository\ew_juextctrl.inf_amd64_neutral_60353f278a22b60d\ew_juextctrl.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 94208 c:\windows\system32\DriverStore\FileRepository\ew_jucdcmdm.inf_amd64_neutral_f9b558d66f79a19d\ew_jucdcacm.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 55296 c:\windows\system32\DriverStore\FileRepository\ew_jucdcecm.inf_amd64_neutral_a0e4740fb326371d\ew_jucdcecm.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 94208 c:\windows\system32\DriverStore\FileRepository\ew_jucdcacm.inf_amd64_neutral_33d8ad670ece1363\ew_jucdcacm.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 85504 c:\windows\system32\DriverStore\FileRepository\ew_jubusenum.inf_amd64_neutral_9e8ca0803b24cb19\ew_jubusenum.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 13952 c:\windows\system32\DriverStore\FileRepository\ew_busfilter.inf_amd64_neutral_d519d6ca421b9ee0\ew_usbenumfilter.sys
- 2011-07-28 13:47 . 2012-02-07 06:14 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-07-28 13:47 . 2012-02-27 19:43 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-02-07 06:14 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-27 19:43 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-28 13:56 . 2012-03-01 16:48 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-07-28 13:56 . 2012-02-12 20:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-02-21 20:15 96656 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:46 . 2012-02-12 19:18 96656 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-07-28 13:56 . 2012-03-01 16:48 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-07-28 13:56 . 2012-02-12 20:41 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-07-28 13:56 . 2012-03-01 16:48 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-07-28 13:56 . 2012-02-12 20:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-28 14:09 . 2012-03-01 17:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-07-28 14:09 . 2012-02-12 21:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-07-28 14:09 . 2012-02-12 21:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-28 14:09 . 2012-03-01 17:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-02-16 18:35 . 2012-02-16 18:35 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-01-09 02:02 . 2012-01-09 02:02 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-01-09 02:01 . 2012-01-09 02:01 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-02-16 18:34 . 2012-02-16 18:34 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-01-09 02:01 . 2012-01-09 02:01 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-02-16 18:34 . 2012-02-16 18:34 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-07-28 15:04 . 2012-01-12 02:03 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
- 2011-07-28 15:04 . 2012-01-12 02:03 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
- 2011-07-28 15:04 . 2012-01-12 02:03 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
- 2011-02-25 14:46 . 2011-10-14 20:41 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-02-25 14:46 . 2012-02-16 18:33 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\42d44cc48edbf4d5b19af6d6afc6cd62\System.Windows.Presentation.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\5c5a54c265c044f359659e6eeff29171\System.Web.ApplicationServices.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 55808 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\6ad234b2d96d9510391c2fbb486e3a71\Microsoft.Office.Tools.v4.0.Framework.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\a28951ccb762ff913f976225335d5022\System.Windows.Presentation.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\9d6e5a83184024c95c21b2248ff9afe8\System.Web.ApplicationServices.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6ee107580651a8d528464cc1f86a8c65\System.ServiceModel.Channels.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 45056 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\5af38e635c831794954883af1381bdc7\Microsoft.Office.Tools.v4.0.Framework.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\265f654b8eed2ac1e42d225a30433c37\System.Windows.Presentation.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\62889e05923a83fa32400e7f3b28f9c6\System.Web.DynamicData.Design.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\c1577aa4e5874f1debc9a63343e5a0d7\PresentationFontCache.ni.exe
+ 2012-02-16 18:44 . 2012-02-16 18:44 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\697c9c4ec947a0a5e21bc9e4c6471b74\PresentationCFFRasterizer.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\2d80e48139b13bf06e85c0c1db06bc20\Microsoft.WSMan.Runtime.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\df5c0dac9e7db175acc8a9755942f87f\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\8a9356f77bd1d1155202f59119ee57c9\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4e53199f22c13aa3e4bc6f063da0aee7\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\0f361440d7cbda4bf5b44bfbd4623812\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 87040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\e8d8257e7685fcdbec1d55c91ef849b9\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\8878ca8ff774e592cbbb264fc72f4ac6\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 84992 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\60011d8c51e32dffe9342397dabf4e5d\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 86016 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\54372f6724e4b83e703b68a13bf72066\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 93696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\1bfd71e2bb2110f637dadfdad19c6089\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\0c7c182d287c4aaab55bbf98171391bb\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f8f0b08845fb76dfcf57e00d86fc13fc\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\8cd347067dbe1ec5a79c9d261d2d75d9\LoadMxf.ni.exe
+ 2012-02-16 18:57 . 2012-02-16 18:57 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\4089bf2cec6e1a1539076c5bd6d95ce7\ehiTVMSMusic.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\f15fa2345f2673b95ac0570da21525f2\WindowsLiveWriter.ni.exe
+ 2012-02-16 19:24 . 2012-02-16 19:24 81408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bcfabefedbeb1188aa4e53769aeac91b\WindowsLive.Writer.Passport.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\df6e2f050af3e7a7676650240ef9d7e5\System.Windows.Presentation.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\e66fcffbc602b284e20b6c49f4ac64b6\System.Web.DynamicData.Design.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2463cb2600fc129e38f67974f3553368\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\bef92fc6725738f2a261600dab88cd66\PresentationFontCache.ni.exe
+ 2012-02-16 18:41 . 2012-02-16 18:41 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\dcdbd6714f689d7be2a15fe8ed1bc095\PresentationCFFRasterizer.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\7834abeef71f9188bb9d9253d8f807ab\Microsoft.WSMan.Runtime.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ef668f1802501935d634458ef637f5e7\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\a66c7d26f61bb8e12960441a77159102\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\61a8d567fe6450b5b77584b0044a6979\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\52785c0dca46f1e08b5cf9299fba9ae0\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\183073b14873e3b18951879ae4a8b425\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\824d2cc6a8193a2458ce90e579c8b8f5\Microsoft.Vsa.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 86016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ce9000c313686c2efb886796f9fc1a84\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 51712 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b63cd78bf6dd3e9df6dd1b3b8e550c03\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a290ea7a45914e4466803b05cdd1153c\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9cd2ba0393b01eabb090905becda3d1c\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\625efeb26f5791302a0777b08feeae18\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\207589160a3dd1da72d4237f9cbf72e6\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0c7d30a3d4b7a03d5d150b40befb02fa\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-04-21 12:09 . 2012-02-12 21:25 4864 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-02-21 19:48 . 2012-02-21 19:48 9560 c:\windows\system32\NetworkList\Icons\{97EE4B71-83C1-4B62-A882-D85F14E78495}_48.bin
+ 2012-02-21 19:48 . 2012-02-21 19:48 4280 c:\windows\system32\NetworkList\Icons\{97EE4B71-83C1-4B62-A882-D85F14E78495}_32.bin
+ 2012-02-21 19:48 . 2012-02-21 19:48 2456 c:\windows\system32\NetworkList\Icons\{97EE4B71-83C1-4B62-A882-D85F14E78495}_24.bin
+ 2012-02-19 21:46 . 2012-02-20 09:23 9560 c:\windows\system32\NetworkList\Icons\{74DB619A-2D77-4747-9A5A-58BAAB037EC8}_48.bin
+ 2012-02-19 21:46 . 2012-02-20 09:23 4280 c:\windows\system32\NetworkList\Icons\{74DB619A-2D77-4747-9A5A-58BAAB037EC8}_32.bin
+ 2012-02-19 21:46 . 2012-02-20 09:23 2456 c:\windows\system32\NetworkList\Icons\{74DB619A-2D77-4747-9A5A-58BAAB037EC8}_24.bin
+ 2012-02-21 19:58 . 2012-02-21 19:58 9560 c:\windows\system32\NetworkList\Icons\{4F9E5BF6-620B-409B-95E4-21448A772A78}_48.bin
+ 2012-02-21 19:58 . 2012-02-21 19:58 4280 c:\windows\system32\NetworkList\Icons\{4F9E5BF6-620B-409B-95E4-21448A772A78}_32.bin
+ 2012-02-21 19:58 . 2012-02-21 19:58 2456 c:\windows\system32\NetworkList\Icons\{4F9E5BF6-620B-409B-95E4-21448A772A78}_24.bin
+ 2012-02-19 20:32 . 2012-02-19 20:32 9560 c:\windows\system32\NetworkList\Icons\{4AEB870A-B9E1-416B-B00B-65527900FAC3}_48.bin
+ 2012-02-19 20:32 . 2012-02-19 20:32 4280 c:\windows\system32\NetworkList\Icons\{4AEB870A-B9E1-416B-B00B-65527900FAC3}_32.bin
+ 2012-02-19 20:32 . 2012-02-19 20:32 2456 c:\windows\system32\NetworkList\Icons\{4AEB870A-B9E1-416B-B00B-65527900FAC3}_24.bin
+ 2012-02-19 20:55 . 2012-02-19 20:55 9560 c:\windows\system32\NetworkList\Icons\{30AABEF8-EAFC-4314-99D6-9F699FC1D12E}_48.bin
+ 2012-02-19 20:55 . 2012-02-19 20:55 4280 c:\windows\system32\NetworkList\Icons\{30AABEF8-EAFC-4314-99D6-9F699FC1D12E}_32.bin
+ 2012-02-19 20:55 . 2012-02-19 20:55 2456 c:\windows\system32\NetworkList\Icons\{30AABEF8-EAFC-4314-99D6-9F699FC1D12E}_24.bin
+ 2011-02-26 05:55 . 2012-02-29 22:08 3359 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-02-26 05:55 . 2012-02-12 21:16 3359 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-03-01 16:46 . 2012-03-01 16:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-12 21:16 . 2012-02-12 21:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-01 16:46 . 2012-03-01 16:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-02-12 21:16 . 2012-02-12 21:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-12-15 17:42 . 2011-11-05 04:35 981504 c:\windows\SysWOW64\wininet.dll
+ 2012-02-16 17:16 . 2011-12-16 07:54 981504 c:\windows\SysWOW64\wininet.dll
- 2011-12-15 17:42 . 2011-11-05 04:34 132096 c:\windows\SysWOW64\url.dll
+ 2012-02-16 17:16 . 2011-12-16 07:54 132096 c:\windows\SysWOW64\url.dll
- 2011-07-30 10:54 . 2010-11-20 12:20 442880 c:\windows\SysWOW64\ntshrui.dll
+ 2012-02-16 17:16 . 2012-01-04 08:58 442880 c:\windows\SysWOW64\ntshrui.dll
+ 2012-02-16 17:16 . 2011-12-16 07:52 690688 c:\windows\SysWOW64\msvcrt.dll
- 2009-07-13 23:12 . 2009-07-14 01:15 690688 c:\windows\SysWOW64\msvcrt.dll
- 2011-12-15 17:42 . 2011-11-05 04:31 599552 c:\windows\SysWOW64\msfeeds.dll
+ 2012-02-16 17:16 . 2011-12-16 07:52 599552 c:\windows\SysWOW64\msfeeds.dll
+ 2012-02-18 08:35 . 2012-02-18 08:35 250016 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11f_Plugin.exe
- 2011-12-15 17:42 . 2011-11-11 05:40 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-02-16 17:16 . 2011-12-16 07:52 176640 c:\windows\SysWOW64\ieui.dll
+ 2011-09-25 12:58 . 2012-02-19 21:31 218050 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-04-21 11:44 . 2012-02-19 20:55 294508 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2012-02-16 17:16 . 2011-12-16 08:47 134144 c:\windows\system32\url.dll
- 2011-12-15 17:42 . 2011-11-05 05:41 134144 c:\windows\system32\url.dll
- 2009-07-14 02:36 . 2012-01-10 21:09 616008 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-02-21 20:14 616008 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-02-21 20:14 106388 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-01-10 21:09 106388 c:\windows\system32\perfc009.dat
- 2011-07-30 10:54 . 2010-11-20 13:27 509952 c:\windows\system32\ntshrui.dll
+ 2012-02-16 17:16 . 2012-01-04 10:44 509952 c:\windows\system32\ntshrui.dll
- 2009-07-13 23:19 . 2009-07-14 01:41 634880 c:\windows\system32\msvcrt.dll
+ 2012-02-16 17:16 . 2011-12-16 08:46 634880 c:\windows\system32\msvcrt.dll
- 2011-12-15 17:42 . 2011-11-05 05:38 702464 c:\windows\system32\msfeeds.dll
+ 2012-02-16 17:16 . 2011-12-16 08:45 702464 c:\windows\system32\msfeeds.dll
+ 2012-02-18 08:35 . 2012-02-18 08:35 465056 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe
+ 2012-02-16 17:16 . 2011-12-16 08:45 247808 c:\windows\system32\ieui.dll
- 2011-12-15 17:42 . 2011-11-11 06:49 247808 c:\windows\system32\ieui.dll
- 2009-07-14 04:45 . 2011-12-16 17:59 351848 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2012-02-27 18:50 351848 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:30 . 2012-02-21 20:12 239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-01-07 12:47 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-02-21 20:11 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-02-21 20:11 . 2011-03-26 09:37 123520 c:\windows\system32\DriverStore\FileRepository\zteusbnmea.inf_amd64_neutral_6b2b9897a53d9089\ZTEusbnmea.sys
+ 2012-02-21 20:11 . 2011-03-26 09:37 123520 c:\windows\system32\DriverStore\FileRepository\zteusbmodem.inf_amd64_neutral_aaa4846fe8adfdfe\ZTEusbmdm6k.sys
+ 2012-02-21 20:11 . 2011-03-26 09:37 123520 c:\windows\system32\DriverStore\FileRepository\zteusbdiag.inf_amd64_neutral_aef52ad4818a48b2\ZTEusbser6k.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 219008 c:\windows\system32\DriverStore\FileRepository\ewser2k.inf_amd64_neutral_754041a59bc261c0\ewusbmdm.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 413696 c:\windows\system32\DriverStore\FileRepository\ewnet.inf_amd64_neutral_5b0f5f41fa3b558d\ewusbnet.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 219008 c:\windows\system32\DriverStore\FileRepository\ewmdm2k.inf_amd64_neutral_d670923ab73bf037\ewusbmdm.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 196608 c:\windows\system32\DriverStore\FileRepository\ew_juwwanecm.inf_amd64_neutral_53c202d62c0c6ea3\ew_juwwanecm.sys
+ 2012-02-19 21:42 . 2011-03-24 07:53 117248 c:\windows\system32\DriverStore\FileRepository\ew_hwusbdev.inf_amd64_neutral_5a10d7bd35ee4189\ew_hwusbdev.sys
+ 2012-02-16 17:16 . 2011-12-28 03:59 498688 c:\windows\system32\drivers\afd.sys
+ 2009-07-14 05:12 . 2012-02-19 22:23 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-02-04 22:34 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-07-28 13:56 . 2011-07-30 10:28 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-07-28 13:56 . 2012-02-16 18:42 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-02-12 21:16 322520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-02-29 22:08 322520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-02-18 09:53 . 2012-02-18 09:53 323288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-981944830-553675151-235582288-1002-12288.dat
- 2012-01-09 02:02 . 2012-01-09 02:02 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
--- part 2 follows ---
 
+ 2012-02-16 18:35 . 2012-02-16 18:35 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-01-09 02:01 . 2012-01-09 02:01 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 18:34 . 2012-02-16 18:34 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-01-09 02:01 . 2012-01-09 02:01 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-02-16 18:34 . 2012-02-16 18:34 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-02-16 18:34 . 2012-02-16 18:34 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-01-09 02:01 . 2012-01-09 02:01 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2011-07-28 15:04 . 2012-01-12 02:03 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
- 2011-07-28 15:04 . 2012-01-12 02:03 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2011-07-28 15:04 . 2012-01-12 02:03 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
- 2011-07-28 15:04 . 2012-01-12 02:03 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2012-02-16 19:24 . 2012-02-16 19:24 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\6bdb6c455153a223a2180c883ea5a06c\WindowsFormsIntegration.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\8df6331b51fe3ae5b9d0cf8c582d3f84\UIAutomationClient.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 528896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\6bc2cf9d31ae7e22349af3ddb1306c96\System.Xml.Linq.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\f9e5fcb862d898327924fcac2ff47c4d\System.Windows.Input.Manipulations.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\5f61f0305f22aed705e0680f58fc5d89\System.Transactions.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\6afb4b90a21aae2e499f577b92102b85\System.ServiceProcess.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\bfb5e1c0961fe330c89c043a188cc807\System.ServiceModel.Routing.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\671c48760746239f2dfb0b64a7413624\System.ServiceModel.Channels.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 946688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\d8342f4b914e190a9e5c89c7703dd11f\System.Security.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 376832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\9426384a1d2d2e815e093a0fe88da585\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 987648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\73d3849c909668636452b43f54edb54e\System.Runtime.Remoting.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\21fa922f90a47d10fd11107efff5ea4f\System.Net.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\c07fc2256ec2210bfd7f7abf1639833e\System.Messaging.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\655c314109b3ab211e13b88d0769651b\System.Management.Instrumentation.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\cf1c0c4152c5548179dd3e2870f25cc4\System.IO.Log.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\d8dc2ea040e12c679b5d779370a19e58\System.IdentityModel.Selectors.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\fef2650a5b3bf39527150b4058762611\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 512000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\994e60f26b11755207e9c7ebb9fd688b\System.Dynamic.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\bc62e3c6c42db6e63c18038e9bac5a5c\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\5373b5adf6f12ca3ac8806827259a986\System.Device.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\938f42c2d694b3935ca890fee7d0c8a7\System.Data.DataSetExtensions.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\cde466cd9b88dc7857c40ac43bf7632c\System.Configuration.Install.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\081bebeff0574ed1969b05eafab5b342\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\e88489a8cc6a68a7ebb4617d1a20e5e7\System.AddIn.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\ba36345815c2011c3f054ebee01a0569
\System.Activities.DurableInstancing.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\70edc7fbf7505880ab1652b35f6e9517\SMSvcHost.ni.exe
+ 2012-02-16 19:21 . 2012-02-16 19:21 185344 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\9d160b8d7c69ce50ac1db59a8fa2bcb5\SMDiagnostics.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 622592 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\dbb2bb145d0bac0d0615f52739ad2702\PresentationFramework.Aero.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 428032 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\4d9a6f376f83a6ea5b71a678566ee1de\PresentationFramework.Royale.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 802304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\3ec560f5f3b643e02b6025363034d624\PresentationFramework.Luna.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 349184 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\1767cdd5d245b5087045d1ad2fbdd8fd\PresentationFramework.Classic.ni.dll
+ 2012-02-16 19:20 . 2012-02-16 19:20 169984 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\f9c85f625fe8a0ab8f6b1cf912ee4d52\Microsoft.VisualStudio.Tools.Applications.Runtime.ni.dll
+ 2012-02-16 19:20 . 2012-02-16 19:20 864256 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\c157ae509bf92baea4e9e471adb04a65\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
+ 2012-02-16 19:20 . 2012-02-16 19:20 992256 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\ae43c26bbe8f723e56d0252448254fff\Microsoft.VisualStudio.Tools.Applications.ServerDocument.ni.dll
+ 2012-02-16 19:20 . 2012-02-16 19:20 232448 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\66398340b98fd0e8e54e91254b3b1595\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
+ 2012-02-16 19:20 . 2012-02-16 19:20 475136 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\37e48dfff98a726773a893a9d22e7ad9\Microsoft.VisualStudio.Tools.Applications.Hosting.ni.dll
+ 2012-02-16 19:20 . 2012-02-16 19:20 247808 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\02b0bdbbc05d0d9db69af37c7e8fa6d7\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
+ 2012-02-16 19:20 . 2012-02-16 19:20 422400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\3002d0322acd6f6dd016bd8105bedf51\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\385ffb17c4890d76682d1d0c81f39e09\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 993280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\abaa5cea25cd2e464dd37f2957c3364a\Microsoft.Office.Tools.Excel.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 199680 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\a2a7bb8653919bd516bae531d649269c\Microsoft.Office.Tools.Outlook.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 408064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\0f201dc5d271649a21f7bbe4eea2650f\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\03650c210ae6c44c7c9882268c4bba27\Microsoft.Office.Tools.Common.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\db262b537b3e126638becbb9e800f6f4\WindowsFormsIntegration.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\65f2715d637bfa0e86efb9be6827a603\UIAutomationClient.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\573510ac70c9f906828dfabff8154a68\System.Xml.Linq.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\72d8a9748232081ad4d341bc048a19a0\System.Windows.Input.Manipulations.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\eea6e969f65e8abd7a5c0e5cc5de91e0\System.Transactions.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d0c51a642ed9f9815b3c4fdd079fe598\System.ServiceProcess.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f6bb0d89da4631fdfe3ba21bc679abc8\System.ServiceModel.Routing.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\703bbf6d22fe6f51247312b93ebf4877\System.Security.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\f0631ec0d86b1f6c93e0c2beb6f3eef8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\47a28c9724ca2af1e8a808b6a4492fdc\System.Runtime.Remoting.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\d4ea87b3a293a399d1c9f992844337a0\System.Net.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\34de45dfd565cde0a41693f69699196e\System.Messaging.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\f70f41e97345ba5fdad2c3a2ea2f0bc0\System.Management.Instrumentation.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\b70a65d51c58655ccea84bc52f63b871\System.IO.Log.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\6e851ab472fcdb01e8d2de10b86c744e\System.IdentityModel.Selectors.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\aa05ffba3fb49fc45c0bb1c865483f14\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\aa05ffba3fb49fc45c0bb1c865483f14\System.EnterpriseServices.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\6e9d1c9f8736aed6e51205e0d8e1c8ca\System.Dynamic.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\d2136c698861ae4f333a53dbe1375564\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\76dc77aba32960ecb7fbcfc4766799ec\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\7fdcaa0d8edd3616cb00ce49613a0a56\System.Device.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\46144968f3c9ece6e721bed406bde8ca\System.Data.DataSetExtensions.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\245091a424804833e585abbe0d01cb16\System.Configuration.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\b57aae16a63be60b207bd39a54a189f7\System.Configuration.Install.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\77041c801eb51dc4143494c04674b2f3\System.ComponentModel.Composition.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\5305be5350569e2b178207f1dd8a1674\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\2d183a996706e4d84d6206f2c7bd21e6\System.AddIn.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\9d6848fa01a2d9ad31af5cb528aabec3\System.Activities.DurableInstancing.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\804cb1ecd92e9bf8fffe1ca6f56eff99\SMSvcHost.ni.exe
+ 2012-02-16 19:27 . 2012-02-16 19:27 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4df17dcc839cf4971f4e4af8a4c3aa97\SMDiagnostics.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bb7f4122b51c95bb01c455ae4fee374c\PresentationFramework.Luna.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\8bddd0d3155a3edec42e3039493095c7\PresentationFramework.Aero.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\43aac190922c6a1f5f693a1bb3c44114\PresentationFramework.Royale.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\23a8cea1760582360d1e0fcd3f98aed7\PresentationFramework.Classic.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 364544 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\e915bf7495f99b30164a7be0c2e0716d\Microsoft.VisualStudio.Tools.Applications.Hosting.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 177152 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\aced1ac5e25149b53f71a53025c31072\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 738304 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\70209ce8a2f0e9970a135e1a8d9a51c3\Microsoft.VisualStudio.Tools.Applications.ServerDocument.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 210432 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\674ce37ca7912853774c77df68232fb9\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 135680 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\33bd51548328c3b268dbfcb78b730821\Microsoft.VisualStudio.Tools.Applications.Runtime.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 708096 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\0d784c0fe7921b328510ce274497f100\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\05c013cbfa8bcef43fe1cf8d5a05a424\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\c620718c44ed9ab19881269fcfd20e4d\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 864768 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\eff8b027cf5b84835eca2b156eb2f165\Microsoft.Office.Tools.Common.Implementation.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 730624 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\db3d7f17908de436f89e77516f4aaa8e\Microsoft.Office.Tools.Excel.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 152064 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\c676b860afa75a435c54e2a1e9c57dac\Microsoft.Office.Tools.Outlook.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 312320 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\9bde230a6ed14c80b6e93ae3e1c6cf79\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 676864 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\85cfc36cc47efd56ea1d292a8e98abdd\Microsoft.Office.Tools.Word.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 336384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\8005812d4dd3df516ab14eab009918bf\Microsoft.Office.Tools.Common.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\600f8ca5fcc54f10623903952fcc10ac\WsatConfig.ni.exe
+ 2012-02-16 19:00 . 2012-02-16 19:00 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\ddb96c334583dc79463edcb14ae16c99\WindowsFormsIntegration.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\152b577b846875cb3ac5e2097451daf0\UIAutomationClient.ni.dll
--- part 3 follows ---
 
+ 2012-02-16 19:00 . 2012-02-16 19:00 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\fb5fce5cf09733b71a796d1da399f07a\TaskScheduler.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\bc3bbe78635aeacaeea3b310ea5ff002\System.Xml.Linq.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\894b696a87ad47b5e18ac89954813a94\System.Web.Routing.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\ed681c0aefa909f528d50d0d7f87b799\System.Web.RegularExpressions.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\a6885ee42ea49eb80f1bd18a5252684d\System.Web.Entity.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\88ffeea88ac9ce23de0c5a27a95e773a\System.Web.Entity.Design.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\7a311c3305dbbd5cfa2613997608a4ae\System.Web.DynamicData.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\e5069f3c90b4413dd2f3dc226c80bc68\System.Web.Abstractions.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\caa6d0e3ec056ab964616da777c2fcb1\System.Transactions.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\872d9ab7e9259b407668c38b6112499e\System.ServiceProcess.ni.dll
+ 2012-02-16 18:43 . 2012-02-16 18:43 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\ffc67ee81b75ac04dfc1fee6a7fef8c5\System.Security.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\bc8c5bdae37a113b2274279ceb94d6d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\e238ca4ca02f9309283c98e1a4235bbd\System.Net.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\9880905a6fde778e564adf54b2afbaa5\System.Messaging.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\c340633057ed6b9ffcf2214cb348a1fa\System.Management.Instrumentation.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\c24a84d54ad05618cf6cab545c31b06b\System.IO.Log.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\2ba95581264a766410a6dbbe767c5ed8\System.IdentityModel.Selectors.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\dbd535c6b73a9d9ffab8b91124ea7dda\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\f1fd4593259aaf5fd2b2e9a7aed2d8cb\System.Drawing.Design.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3c2c8f083f34a3c75e0aa17ef9ac4127\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\be6635364f1af379afff83dd877a4e03\System.Data.Services.Design.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\027959159200e828ccfddaef5f01b3a9\System.Data.DataSetExtensions.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\e71e38d2ca2cd291467d890336f45931\System.Configuration.Install.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\8c954be3f8d070b1364844741ff4b4b1\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\bd9159951d0caa9bf5c90c44fc96661b\System.AddIn.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\8bfc7a328911ae69686576bd24f4f771\SMSvcHost.ni.exe
+ 2012-02-16 18:56 . 2012-02-16 18:56 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\823bd996cb5aefd6c2b2fa7e19e0ef40\SMDiagnostics.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\cc864feeea3e918e3d9790b301bb2004\PresentationFramework.Royale.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\ab440c134c4d619f82ba6eab569c8fed\PresentationFramework.Luna.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\0e79d12dc8bede29dc337dba8d803bfa\PresentationFramework.Aero.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\0e6121dbd31ce6b51354b38075dc9007\PresentationFramework.Classic.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\9c808282a0cfdc5bafcb43e1778d97d6\napsnap.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\616ce317134d4225fc7eec80f9351855\napinit.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\a4b5d98bf175a3f10c47f223195c34b0\MSBuild.ni.exe
+ 2012-02-16 18:57 . 2012-02-16 18:57 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\b94e1c9115d8e37e734b27b48f54d236\MMCFxCommon.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\04532b2b5174ca249e01a8b21d0ba6fd\Microsoft.WSMan.Management.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\5cd854d075caf8b50de3c803b4303e03\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\cb1c199305d00b2424e707311eb9dcfd\Microsoft.Vsa.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 226304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\f62ed823b57ba0be5d7fb3a6641c81b7\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 390656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d94da1a53d099635a79bc3b91f566629\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 773120 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\c13e9f25f1ffd561653449e5a2580591\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 495616 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\b45b8ce21d0fd161749b2de5bc7df56e\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 232448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\ae4c0d1f4f5c2450ffc9e01660ba59a9\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 499200 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\adeb865c6a363c192613da3b48caf089\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 202752 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\8c8d9b3a05d2b948d5eec7400d6f6984\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 124928 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\7509087a533d09b916e59afeaa67a6ba\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\6c0911b85b7c5576c9146309ae1f5340\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 270336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\6c049555e59391bba618094c69a893f3\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\66a2899e82080dd11b52d55673961f01\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 956416 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\5d5f9b6272e24579f25243fbe7304f45\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 311296 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\362f3172cfd48391135c36849efd4e9c\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 215040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\3254ac50d00bf0b6547dd476e477f55a\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\0dd84fcddeb70fd96d678129f9a59566\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\b2438f632ab1dcbb1cb91c5a1226aaf1\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d7f5b39fba028d2f9e2b3a772845a2a6\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\99bb7896ddbe74236efaa97733c63cbc\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\71542ecf96342dc1464fe471852be89a\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0bafa5e2dc431bb12108395cf2e18773\Microsoft.PowerShell.Security.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\ac0e6858100690fc61b873d44c5f0bf2\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\a47f9d8d45b775c43a6ba3fe30ac1bde\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ddd2f252bea1cce14bb498257992635a\Microsoft.MediaCenter.Interop.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\cf9be66d53dddbf49b75cead76ef3cea\Microsoft.MediaCenter.Mheg.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\55172dec8f1353d1a8d9cdc4c0b9fac0\Microsoft.MediaCenter.Playback.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5495e7eca3dac7eee473e30a3611f178\Microsoft.MediaCenter.Sports.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\35ce662c1368782ede0852134106ea43\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\505549b05e5c3ceccd26ad9c398381e8\Microsoft.ManagementConsole.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\f356844d3667b88d03bde2ae524659b6\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\86f7fa65013864ae7da2fba058199dae\Microsoft.Build.Utilities.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\c467a4d9eeda620e3e7602a9ecf9ae76\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\304068df803748d7743a6a4dc344915f\Mcx2Dvcs.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\fb79aad0c745ff7b45151bc58b4dc8e9\mcupdate.ni.exe
+ 2012-02-16 18:57 . 2012-02-16 18:57 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\4a29229fecf805779bee25b756d78a0d\mcstoredb.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\8affc4346a86b80727282966ce58662b\mcplayerinterop.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\756a74d6b322877662a0f6da4bc7d8e6\mcGlidHostObj.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\2ce02776e0f2f1770f4bb77e1f6d7472\MCESidebarCtrl.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\956ca0e08e881df7f16f7d6d1381f71d\EventViewer.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\307ca4b67db79b05b4781634ea8ec0d7\ehRecObj.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\5f53457f49927ecf00156d20466cc5a6\ehExtHost.ni.exe
+ 2012-02-16 18:57 . 2012-02-16 18:57 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\b49168b11f5f60ddafed2ab1fdd4540f\ehCIR.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\f2808fb3389d3e28e2b0223dcd654e02\ComSvcConfig.ni.exe
+ 2012-02-16 18:56 . 2012-02-16 18:56 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\45af2aab82a69a1a6fe0f7cef4024673\BDATunePIA.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\105e77fbca8c5bb29988f3847b0d599f\WsatConfig.ni.exe
+ 2012-02-16 19:25 . 2012-02-16 19:25 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\378a75654ab243a7c87425580ef5247f\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e8295ba92cc9500c11e4326da94aa23d\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ccd8a870d49f1f6901964f3009e44704\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bc3de6e386e49d56770ce7026b0b0b42\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa6f0d8e2ce841ad6cfa150e7d19cbbf\WindowsLive.Writer.Controls.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8fb8f7ad92da63392ebd50214f98966c\WindowsLive.Writer.Interop.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\613e9162c5a92e05695b8ec520b6a6f5\WindowsLive.Writer.Instrumentation.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\54a1c00276597643ced64cad94707c44\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\52df063720cfdfb7e286e6c575bcdc98\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3dc4ea44bcc90dc7fdd088969895feb6\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\369786c29e4bb601f95f4c9f38ca4fb1\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\22e9d9744c2bf7881ac1662232d688c2\WindowsLive.Writer.Api.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\203986a6f0128bf77b62f19d8b1076cf\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 223232 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\7d367b5b97b897ff0e52d30b0a02d4ba\WindowsLive.Client.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\af6e0dd358a5edc094dca9e7957f1038\WindowsFormsIntegration.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d0972fea9e965a565c3cff76982709db\UIAutomationClient.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\ff345d3a2aaafb8a960c3d400e3c11a9\TaskScheduler.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\fa1161af51ab42a61bfac9d02d469a06\System.Xml.Linq.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\43e0731fbb58632563909f1fa5dfe063\System.Web.Routing.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\84ee5a23a20b65773686657254ea9831\System.Web.RegularExpressions.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\95f94674ddc4b1224df94bd7ae19c9ef\System.Web.Extensions.Design.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\4c569a365154300e49ab3450f74c2618\System.Web.Entity.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\fb21c5770bc64fc4105787238842f70d\System.Web.Entity.Design.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\785e2ad4125cef423bc367b37fabb71c\System.Web.DynamicData.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\685fb72f0189330eda1d62176fb38996\System.Web.Abstractions.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e8dfbd1334d30a08ce1f2df29ca9aff\System.Transactions.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\075d9c27aa02085fef8983b5f5f85834\System.ServiceProcess.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\dc4a4350f8c0c0919b5fb78f0c44291b\System.Security.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\adb2fc93e7a4462eb399442c678be681\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2273d6ab12c9ae0d52842a84d586b8df\System.Net.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\a717cdb44ec0d3238c621efa420a9956\System.Messaging.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b5930434d0d624701114e014513c9041\System.Management.Instrumentation.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7651951311f9d134e6bc08be7dc9ddc7\System.IO.Log.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8b0dc9405f292a93ddd52eb76bb88169\System.IdentityModel.Selectors.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3fccda0d4dd150a217c2798e39e97a48\System.EnterpriseServices.Wrapper.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3fccda0d4dd150a217c2798e39e97a48\System.EnterpriseServices.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\a09d397c3a4eb60b04a0628cc187ce34\System.Drawing.Design.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\eebb837dbb8e5781e448c72eeda27983\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\344d3289061b28a0f7fb19229f45bb9c\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\6a6642467bcccf0345c5e9139e7fd9ae\System.Data.Services.Design.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\c1cf8e31da405f07780fa7b0f28cc650\System.Data.Entity.Design.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\71400a36c8621388031e00075f2fc8e9\System.Data.DataSetExtensions.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\47e25ae9163f4624a66f99ede0ea98fe\System.Configuration.Install.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\05c4011ad0068d0af722b4b52677d915\System.AddIn.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\17b78ffee2144cf38f024e73b131158d\SMSvcHost.ni.exe
+ 2012-02-16 19:25 . 2012-02-16 19:25 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fbcb09488417e40b6f7f7737f737bbfd\PresentationFramework.Luna.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbd1929fa377b354903e37469838d9a1\PresentationFramework.Classic.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4ff6c887092d4db687441d71e2c812ff\PresentationFramework.Royale.ni.dll
--- part 4 follows ---
 
+ 2012-02-16 19:26 . 2012-02-16 19:26 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\62531ec9534c96e83de2bbd4edfd07e8\napsnap.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\bb49eea48fd5f546afc6d5be634d3cb9\napinit.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\4ac4095081957a001a6174c0b9f7f195\MSBuild.ni.exe
+ 2012-02-16 19:25 . 2012-02-16 19:25 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\bd5a72adac7a95585984d5bcce994b71\MMCFxCommon.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\928fb6b2401fffd8cc993578c3a04acd\Microsoft.WSMan.Management.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f8ae93a99dcc6388370493e488730089\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 161792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dcb9e93aa37e3d3258fc07f3aa9ea18c\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 617472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dabddeb1ae3791305880141fa81aff30\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 179200 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c06d658dee746e63f996e4d2b3172bd0\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 303104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\aa529209bf2dadbe33c1ff6f4a5858fb\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 650752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9949ca42861385d6f9ed0057faa58027\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\942f0fd2bb7e5550fb5c82e3eb7a76cd\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 196608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8e20104012d72a9afade62950ec6fa70\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 363008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\73a385d0a8e76c44988c813a93d626b3\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 337408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4c35ceb202b57cc378d54edd4dab79be\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1b98c6bd77315aab522a9b196a69f88b\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0e6685fa21a5e598c0ebdee764af7a7f\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0554bbd9377513360d52e73918fdc8de\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 134144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0253ef9d5d0aec9f51da7f72af61687f\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\481b6ebea3e357f29a4ec0e8193d36d3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\eda566c4dc6595779c3c9dfc359575ed\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df4f6b6f33d84b7f438c3f3b66f0336d\Microsoft.PowerShell.Security.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\951235283ff1d4a91ffaa92ea8693249\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5f7928a2ffe462f16e25f03be01966e9\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2015eca4346e34310e958089b22a9c62\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\fb9bf22be91203ef2d72097b085b25e3\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\e70e2c0f00d80635280c793a86229356\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\5924733efbb09a93dfc664394f4be104\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\39b52b6bb71b3f5506e7a2b12c11cdca\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\6386ef67ed70f53fe6424246d256190d\Microsoft.ManagementConsole.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c8e128b5e6ceee852cb1f8c165c2177e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9795da40a8ee0bc54e91792de7422152\Microsoft.Build.Utilities.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\be7ad749a064283deab76fad38bf2930\Microsoft.Build.Engine.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\f42105699650a206e2ae439ac54ad40a\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\886a8c3d4f00567df779318fea56f28a\mcstoredb.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\58ea1059f397ccd13d6a8d94d7be7830\EventViewer.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\9d5219961228fb5236c843ea75c69d39\ehRecObj.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\6a07aa6df4d45d1485b6a2749647a3aa\ehExtHost32.ni.exe
+ 2012-02-16 19:25 . 2012-02-16 19:25 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\39ab6b73bdbaac85b90cc561761916f7\ComSvcConfig.ni.exe
+ 2012-02-16 19:24 . 2012-02-16 19:24 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\d89086a63a9d85aa9d719d7088e5ae69\BDATunePIA.ni.dll
- 2011-12-15 17:42 . 2011-11-05 04:34 1231360 c:\windows\SysWOW64\urlmon.dll
+ 2012-02-16 17:16 . 2011-12-16 07:54 1231360 c:\windows\SysWOW64\urlmon.dll
+ 2012-02-16 17:16 . 2011-12-16 07:52 5997568 c:\windows\SysWOW64\mshtml.dll
+ 2012-02-18 08:35 . 2012-02-18 08:35 8527008 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
+ 2012-02-16 17:16 . 2011-12-16 07:52 2073600 c:\windows\SysWOW64\iertutil.dll
- 2011-12-15 17:42 . 2011-11-05 04:30 2073600 c:\windows\SysWOW64\iertutil.dll
+ 2012-02-16 17:16 . 2011-12-16 08:47 1188864 c:\windows\system32\wininet.dll
- 2011-12-15 17:42 . 2011-11-05 05:41 1188864 c:\windows\system32\wininet.dll
+ 2012-02-16 17:16 . 2012-01-14 04:06 3145728 c:\windows\system32\win32k.sys
- 2011-12-15 17:42 . 2011-11-05 05:41 1494016 c:\windows\system32\urlmon.dll
+ 2012-02-16 17:16 . 2011-12-16 08:47 1494016 c:\windows\system32\urlmon.dll
+ 2012-02-16 17:16 . 2011-12-16 08:45 9019904 c:\windows\system32\mshtml.dll
- 2011-12-15 17:42 . 2011-11-05 05:37 2454528 c:\windows\system32\iertutil.dll
+ 2012-02-16 17:16 . 2011-12-16 08:45 2454528 c:\windows\system32\iertutil.dll
+ 2012-02-19 21:42 . 2011-03-24 07:53 1490656 c:\windows\system32\DriverStore\FileRepository\ew_juextctrl.inf_amd64_neutral_60353f278a22b60d\wdfcoinstaller01007.dll
+ 2012-02-19 21:42 . 2011-03-24 07:53 1490656 c:\windows\system32\DriverStore\FileRepository\ew_jucdcmdm.inf_amd64_neutral_f9b558d66f79a19d\wdfcoinstaller01007.dll
+ 2012-02-19 21:42 . 2011-03-24 07:53 1490656 c:\windows\system32\DriverStore\FileRepository\ew_jucdcecm.inf_amd64_neutral_a0e4740fb326371d\wdfcoinstaller01007.dll
+ 2012-02-19 21:42 . 2011-03-24 07:53 1490656 c:\windows\system32\DriverStore\FileRepository\ew_jucdcacm.inf_amd64_neutral_33d8ad670ece1363\wdfcoinstaller01007.dll
+ 2012-02-19 21:42 . 2011-03-24 07:53 1490656 c:\windows\system32\DriverStore\FileRepository\ew_jubusenum.inf_amd64_neutral_9e8ca0803b24cb19\wdfcoinstaller01007.dll
+ 2009-07-14 04:45 . 2012-02-21 19:59 7174117 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-02-01 02:19 7174117 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-07-28 21:13 . 2012-02-29 22:08 2058016 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-07-28 17:10 . 2012-02-29 22:08 2836428 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-981944830-553675151-235582288-1002-8192.dat
+ 2011-10-26 13:46 . 2011-10-26 13:46 3511880 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.dll
+ 2012-02-16 17:16 . 2011-10-31 23:15 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
- 2011-09-17 18:19 . 2011-05-04 22:31 3190784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.dll
+ 2011-10-26 13:46 . 2011-10-26 13:46 3511880 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2012-02-16 17:16 . 2011-10-31 23:16 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2011-09-17 18:19 . 2011-05-04 22:32 3190784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 3511880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 3824480 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 4967248 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 4967248 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-01-09 02:01 . 2012-01-09 02:01 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-02-16 18:34 . 2012-02-16 18:34 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-01-09 02:02 . 2012-01-09 02:02 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-02-16 18:34 . 2012-02-16 18:34 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-01-09 02:01 . 2012-01-09 02:01 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-01-09 02:01 . 2012-01-09 02:01 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-02-16 18:34 . 2012-02-16 18:34 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-11-18 17:52 . 2011-11-18 17:52 9183232 c:\windows\Installer\4fc7b9.msp
+ 2012-01-05 05:21 . 2012-01-05 05:21 4964864 c:\windows\Installer\4fc7a3.msp
+ 2012-01-25 00:32 . 2012-01-25 00:32 3458560 c:\windows\Installer\4fc78d.msp
+ 2011-10-26 15:36 . 2011-10-26 15:36 2829312 c:\windows\Installer\4fc778.msp
- 2011-07-28 15:04 . 2012-01-12 02:03 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-07-28 15:04 . 2012-01-12 02:03 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 4525408 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
- 2011-07-28 15:04 . 2012-01-12 02:03 4525408 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
- 2011-07-28 15:04 . 2012-01-12 02:03 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-07-28 15:04 . 2012-02-16 18:36 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
- 2011-07-28 15:04 . 2012-01-12 02:03 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-02-16 19:20 . 2012-02-16 19:20 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\9d5feeb6727e222673d5bd89f0620ddd\WindowsBase.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\68f44d619637fac197ee6c8ac9f2aec9\UIAutomationClientsideProviders.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 7037952 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\ff247393a6deb90d63811aa88c84dc7e\System.Xml.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 2449408 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e158bd31f13cbc20f6fc7c7f426113d7\System.Xaml.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\843d0370292b7b124f9b9231f87e8e6a\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\be0e793afecb54a67a688e4528676e70\System.Web.Services.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\ae3a837b63de8d3f3fc63a7bfc16589a\System.Speech.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\aec154cbfb0eec1497fb89ebd6deb344\System.ServiceModel.Discovery.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\80b8b6324a73493227b2672b2d6820d3\System.ServiceModel.Activities.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 3412992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\717540eea541a2769a6cf621fd948678\System.Runtime.Serialization.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 1348096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\dc7fbde064d5710780a6b8f27554dc57\System.Runtime.DurableInstancing.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\31c34917df5f24f1ffdd62bfa23f2fb7\System.Printing.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\15112a35e0e355fc344792e49c41628f\System.Management.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\bffc049b6775c3f6f144917a4387a0be\System.IdentityModel.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 1098752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\fef2650a5b3bf39527150b4058762611\System.EnterpriseServices.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 2290688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\0443ad47a6be56beca12a7a13261c8ed\System.Drawing.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 1217536 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\d94ef12e883b2354af26f19ec7e25110\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\026c74ff72ba4fce837134953778e755\System.DirectoryServices.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\e8e5fcc8e7eb9ce898be3c22e8902ee4\System.Deployment.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 8601600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\8d734fe538fe6f226eab465c8d8e3d5c\System.Data.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 3390976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\83aa1c4f17f57067d3be29e560331349\System.Data.SqlXml.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 1798656 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\6a0bcd0e756819ea795b161d2156e9a8\System.Data.Services.Client.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 3386368 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\1548624d8ec5142825864c5f59be9b49\System.Data.Linq.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 1257472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\2672be84bcad1c772163d15db0e2864e\System.Configuration.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\228bb21cab2c9ce2f69d5e24a9352a3f\System.ComponentModel.Composition.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\36f5aa69b510e3aeb24ef402d12c20e0\System.Activities.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\7be5ac01354a0c03d5587607687de1e1\System.Activities.Presentation.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\8d549e47084ec2661c944a1eeb9a2be5\System.Activities.Core.Presentation.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 4232704 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\8d8f46afc9b2b65144f29a609f63398e\ReachFramework.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 2056192 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\735f127d0957bacdfe6522f0b8a2dcb0\PresentationUI.ni.dll
+ 2012-02-16 19:20 . 2012-02-16 19:20 1843200 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\710482e876a08aaf596a1418b13eb349\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 1623040 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6b82e7a7001a661cb712067b75b7c5ec\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\60ff6c1510fb0e2d70e616650eb7ae47\Microsoft.VisualBasic.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 1526784 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\2e6537fafd64c81032b0aaebb7d3180a\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 1117184 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\e90fbea7083b31d998d15ab4daa90445\Microsoft.Office.Tools.Common.Implementation.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 1070080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\cbacd8e25edd24149958a5f220c513fb\Microsoft.Office.Tools.Word.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\9df4bf710457687ef9dd242833663cc9\Microsoft.Office.Tools.Word.Implementation.ni.dll
+ 2012-02-16 19:01 . 2012-02-16 19:01 2034688 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\76a5e1f6884c16de0bc4b3b6d83b9315\Microsoft.Office.Tools.Excel.Implementation.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\f38dbc9d7ebe981a7c22b72dffb4a2af\Microsoft.JScript.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 2009600 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\1cf22b5ea0ef63e71b6416a36b656b8a\Microsoft.CSharp.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 3857920 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ed88e619ee2f7890f095327c9e6c4f47\WindowsBase.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\8d1c73504ed545de5a8aea7885650ab1\UIAutomationClientsideProviders.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 9091584 c:\windows\assembly\NativeImages_v4.0.30319_32\System\dc9a87796af6bbda69eb6415f081d7d5\System.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\328128459fb93ae5bb4d813f1c25f882\System.Xml.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ecf7f8a10cf3e6c3944936c7562ffd69\System.Xaml.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\ff09966dc482aa6aba36ab44da40a020\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\ecb73a9c862af4bdc7bc5a66bc64a15c\System.Web.Services.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\5ede571ce3e2351e4bd49e7a89d47599\System.Speech.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f5a0d4de131d7a3666e42c65a32902be\System.ServiceModel.Discovery.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 1392640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\26048ada4992c473f90f5da2ba39a1d6\System.ServiceModel.Activities.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\64ef82bf025a26e2ebe801d9cd1bbe47\System.Runtime.Serialization.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\c3d32e1af26dc65e97d516c65c420b94\System.Runtime.DurableInstancing.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\6b18b66bce39106302fbf23363e42b39\System.Printing.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\dbc78bf6ea5ba346651f88cd45febe94\System.Management.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2dc4a022dbe24fda049907ff74054e1b\System.IdentityModel.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 1652736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\48763e13ab42d7d355deba3265ea3223\System.Drawing.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\47c5e456aa408a0150d99fbdf3a7ce00\System.DirectoryServices.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\1f584408934a2b15bbb5503513568217\System.Deployment.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\4908a9a66074355f580242eb6e1c5c7f\System.Data.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 2549760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\674045f561ed168eb0536fc375b85a66\System.Data.SqlXml.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\0ffc395d0fd2aaf5d2c142bc30092c02\System.Data.Services.Client.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\48b88d59929caa568b413158c9911d1b\System.Data.Linq.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 7069696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\e6a421765ab129b5a12db40f1ad11b33\System.Core.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\3204cf0f9558a26d7c58e31069074a6b\System.Activities.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\8314063375f389decf9fe578a6f859d0
--- part 5 follows ---
 
\System.Activities.Presentation.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\471f92ef4c236c433e484eb96b100731\System.Activities.Core.Presentation.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 2907136 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\6708bb65346b98a66c4497ba4d7f3cbe\ReachFramework.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\234b8c972c5dd4820e4a63c859cad9bb\PresentationUI.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\9e2853ace5cd56ec043b633a83c666c0\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\7864c91fe5a54ce0c1f87f7688ec0099\Microsoft.VisualBasic.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\279879fb3ee22ee99bfc05e787e290b5\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\afd84dd5ccbe3263e7c5b78017fc5611\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1551872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\aae4633eba0df126498d025adda5fe4b\Microsoft.Office.Tools.Excel.Implementation.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1117696 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\47d7c1149d94580e5814a1d31b79968b\Microsoft.Office.Tools.Word.Implementation.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\82bd448bd064b15cbb8da39b26c477f1\Microsoft.JScript.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\f9118a1edc43fdfaf3698e16c70687df\Microsoft.CSharp.ni.dll
+ 2012-02-16 18:43 . 2012-02-16 18:43 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\a6d9b6658c7778345cc60fe0d9bb6e64\WindowsBase.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\dac9f71ca1332da2a359e2d07589b7e9\UIAutomationClientsideProviders.ni.dll
+ 2012-02-16 18:43 . 2012-02-16 18:43 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\e04d9231de2f5d2ababdb425df670e63\System.Xml.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\5571a92171f93c8a4806b9f1805f1c56\System.WorkflowServices.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\3b2e60a9cfedffc4c850f1d0ef17e5e1\System.Workflow.Runtime.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\809f0c7c2d0233f086f83b75f6aa9560\System.Workflow.ComponentModel.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\f09110bd4c01129e8ef2e345e8b58920\System.Workflow.Activities.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\28c5f5bb725935286936596e3f5f4f38\System.Web.Services.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\2b012fd0a270bdac848843047bb93312\System.Web.Mobile.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\cf203792167bd243b057b8daf79e0d98\System.Web.Extensions.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\7f261dc1eaa3e4e0b93c44678888dd44\System.Web.Extensions.Design.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\a49bc70b640e21c9bcecbd8122203283\System.Speech.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\8ef813ce3f85ea3b3f499d734ac8019e\System.ServiceModel.Web.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\f99728bbb535157b904873158379dc67\System.Runtime.Serialization.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\8b193e216f8cf8cd74d7f63cc3ebd2d9\System.Runtime.Remoting.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\1194371f7bf016fa5f5db6a6003af63e\System.Printing.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\6860203a3f244d4c6b89ff38a9c9cadb\System.Management.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\3fae8a8515a716f1fae4a64a7f2a4b05\System.IdentityModel.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\dbd535c6b73a9d9ffab8b91124ea7dda\System.EnterpriseServices.ni.dll
+ 2012-02-16 18:43 . 2012-02-16 18:43 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\6c52a4ed4a4d301b51cae24e0d0b28ac\System.Drawing.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\cc26a70ca09b5e09736df4f2f4af045a\System.DirectoryServices.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\48a91957a4b86c3bcebec68eb1471def\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-16 18:43 . 2012-02-16 18:43 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6d33e51aa1dd1c4c8ac5bff1c7ad7b4b\System.Deployment.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\bc98c6a47226c05d244f7ffb07b6d6bf\System.Data.ni.dll
+ 2012-02-16 18:43 . 2012-02-16 18:43 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\134d55401aae7ef73c10ad743774127f\System.Data.SqlXml.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\2dd10ff57a987aa347518b0abfcaf8b3\System.Data.Services.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 19:00 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\0177f6ff2b3faf1805b3ba63e0e20ad0\System.Data.Services.Client.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\7892bc65d0be332ab0d4f5dae01d2c3c\System.Data.OracleClient.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\dd28d55dd94fb4d1e4dca6393e4b15a4\System.Data.Linq.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\caf124d5431e8d8aba046e54a8b7dea5\System.Data.Entity.Design.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\9e59bc2c8cf98cd315468ca01f68663c\System.Core.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\da9e586395168489e96323c7cbd635a3\System.Configuration.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\c2b60ec84728f2a0b99f2113ed7eba37\ReachFramework.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\d5b793b7c0429d61e51fe917d1066df8\PresentationUI.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\0618574a66f03040f765c43693bf58f6\PresentationBuildTasks.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\24f9a2d494b01bcbc6919f60a278c715\Narrator.ni.exe
+ 2012-02-16 18:59 . 2012-02-16 18:59 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\8988116626390eae76ef9e492c0e2894\MMCEx.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\77c418992d39a8c1ce569194f9b1ff1e\MIGUIControls.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 1877504 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\01e44613cae9d302e9f7e9f1579b87e0\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\e05059a258a8b75d8981f29ecd9baf72\Microsoft.VisualBasic.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\11bd9381aca79215bc01b45a5e7bddce\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ecc930a57b339ba3d126b05b2d756a01\Microsoft.PowerShell.Editor.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\8d5a4862d0e61fdd2e958fc989df3cca\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\713f3cf6037ed7047485c738934f9054\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\09516cb547f50c165051c5512c0770d3\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 1093632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\fe275d8201c6ac7084f3c214e06b04f6\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 1875456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\4eeb4a27f1a3acca986f62e43665d67e\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 1186304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\1de944031bd0bd14250ef342329676bc\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\d7d03c116e282c198f398652dbddc074\Microsoft.MediaCenter.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\bf5f76b58c88f17410effc17059685a8\Microsoft.MediaCenter.UI.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b54d398a06452904630482f2f83d21dd\Microsoft.MediaCenter.Shell.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5f69561da0086365718db46e1172d204\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5e550f8b6414d82551174d1dd0f8f15c\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\551b383e39b9fedb84e25c9fc7d763ee\Microsoft.JScript.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\2ec15928bc76c2a6af54ad507c513cd4\Microsoft.Ink.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4ccd2dddff73b52cd77ecaed30075b09\Microsoft.Build.Tasks.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\35cee0a531b3136b21b2c7e2ff56b5eb\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\a22f83fa561173b77ee1215e0dfd7a76\Microsoft.Build.Engine.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\5cd9b4020f38edbdc2718884fe3e68f0\Microsoft.Build.Engine.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\0217b5f9a72020bee3d0291bbae125ff\mcstore.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\905166e37a4a5f45a7d1672fb756d96e\mcepg.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 7026176 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a468e7062f69218aada710149fe64a9f\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5831e8e7ec7a294d7daf5d20ea697176\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\57f2870b60df33107c4360c356da72b7\WindowsLive.Writer.Localization.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\34b4db9f6a72b19fe1842e9f6fdad5b7\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\c463ccf17b00f16ed8e60a6ba1cb46e5\UIAutomationClientsideProviders.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 7967232 c:\windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 5453312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
+ 2012-02-16 19:27 . 2012-02-16 19:27 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\99f03be29e7f6de2f4bc278b83f0761b\System.WorkflowServices.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\ee22bb1fef89981da77783c69aa1f154\System.Workflow.Runtime.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\5fc69203193c26b91b068695b00bcebf\System.Workflow.ComponentModel.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\e5bfe89d19b368c5eb64bdf2c3c29d7a\System.Workflow.Activities.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a595aa31f93ed043fd02ec9d8ff40b32\System.Web.Services.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0eada94e6fc22ecdf69ec412fe7df0b9\System.Web.Mobile.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8ae9ee071050afc6dce19f5248817d66\System.Web.Extensions.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\8e4b0ae89bdfbe3eac1b79dacef4ef79\System.Speech.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0113a0162fe157bb4f0130a60bbcad1a\System.ServiceModel.Web.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e20ce129c23781d9a8430b63edc3c24e\System.Printing.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\f4d8c56c790b998bd1bb971905bfae78\System.Management.Automation.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\2d379df0010f87d5c3d8c2be00b3de7a\System.DirectoryServices.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\45fedf46ca69b8437800ffed652fb2e4\System.Deployment.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\eedf95f16a7e81ca43dd8accf11498a3\System.Data.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\d7621134717a86f5062dcf80206ab164\System.Data.SqlXml.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\47c2a93f42a371ac1b3756d098ac18a5\System.Data.Services.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3763b8ac5fa0a96ad5100a53b10b4449\System.Data.Services.Client.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\c3e0c299c00016b5ffb5006bc32dd0db\System.Data.OracleClient.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1fe993f1045190570a2c69cb32f9d62d\System.Data.Linq.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\932542a144496e3a9cb9155270fd4492\System.Data.Entity.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\9f09338d4240f6ea19318665fcea008f\ReachFramework.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\10d61b241fbf27d82942eecb454105e1\PresentationUI.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\d2c547794ac1c167fe24904e6848d5cc\PresentationBuildTasks.ni.dll
+ 2012-02-16 19:26 . 2012-02-16 19:26 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\308236e39e3ad82c6b5bfa2d955735e3\Narrator.ni.exe
+ 2012-02-16 19:26 . 2012-02-16 19:26 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\b792eec16fb24a0f73ca20e1551bfcbf\MMCEx.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\44f2bd588202e6bdacf0b867c7011057\MIGUIControls.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1300992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\5305bd66ebbc5fadbd10db6c0de84c69\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\659bc287f3b51e5e604208ce93d983ec\Microsoft.VisualBasic.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1a6921bcfb8ade6652efb9f095b275f1\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\86fa49490bc929adf75488903f0dac4b\Microsoft.PowerShell.Editor.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\413c3be0ba8ed04984a0bb3044e0c2e0\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2f66392066352b804d8022664e7bf8de\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\ba7eb2787a641d2eada9f1bed3fa61e5\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\558d4558f0857891cf0d41d818e7b490\Microsoft.MediaCenter.UI.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\03d64144ed3ea21cbeea0c872ece14b6\Microsoft.MediaCenter.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\09cea564f5888335ef97bd104d7e4ea6\Microsoft.JScript.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\ca0dacd1a4dc23e5d7bb3e6548282b6b\Microsoft.Ink.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\e566cc5fe7ad95b0a9fca152b335b551\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2b23923536c41d0fb8ab658f6c9a95c1\Microsoft.Build.Tasks.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b8459651fae37b63ab314350a8eff8a\Microsoft.Build.Engine.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\103b0155f85ff08fc9940bd0c3aa0128\mcstore.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\c28c1427f0691e070b77b4ad97000e4c\mcepg.ni.dll
- 2011-09-17 18:19 . 2011-05-04 22:32 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-02-16 17:16 . 2011-10-31 23:16 3190784 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-02-16 17:16 . 2012-01-04 08:59 12872704 c:\windows\SysWOW64\shell32.dll
+ 2012-02-16 17:16 . 2011-12-16 07:52 10992128 c:\windows\SysWOW64\ieframe.dll
+ 2009-07-14 02:34 . 2012-02-16 18:38 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2012-02-01 02:16 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-02-16 17:17 . 2012-01-04 10:44 14172672 c:\windows\system32\shell32.dll
+ 2011-08-24 19:32 . 2012-02-16 18:31 54585368 c:\windows\system32\MRT.exe
+ 2012-02-18 08:35 . 2012-02-18 08:35 11350688 c:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
+ 2012-02-16 17:16 . 2011-12-16 08:45 12263936 c:\windows\system32\ieframe.dll
+ 2012-02-16 18:33 . 2012-02-16 18:33 20333056 c:\windows\Installer\4fc76f.msp
+ 2012-02-16 18:35 . 2012-02-16 18:35 11879936 c:\windows\assembly\NativeImages_v4.0.30319_64\System\bbcac65b1d0045229354424a7595e258\System.ni.dll
+ 2012-02-16 19:22 . 2012-02-16 19:22 17290752 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\97347a1967260991cca95e94b5ba2d41\System.Windows.Forms.ni.dll
+ 2012-02-16 19:24 . 2012-02-16 19:24 24551936 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\49314ff27e3a21bbb1fb675a295f6571\System.ServiceModel.ni.dll
+ 2012-02-16 19:23 . 2012-02-16 19:23 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\78e35b4bf12ee4833ed720a490e958f2\System.Data.Entity.ni.dll
+ 2012-02-16 19:00 . 2012-02-16 19:00 10439168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\fcefa2871c7dc4d397ff8c6f92abf0d5\System.Core.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 24406528 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\d0dddbe96a81cd6869f9643fa2809d71\PresentationFramework.ni.dll
+ 2012-02-16 19:21 . 2012-02-16 19:21 15907328 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\efb6d518bb284cdc29a96068726320c0\PresentationCore.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 13138432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\8f178c27be36f9a08ab5ef6b26edd53c\System.Windows.Forms.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\b338e3a94d8eeef4ab507954d4ca4e77\System.ServiceModel.ni.dll
+ 2012-02-16 19:28 . 2012-02-16 19:28 13346816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\76c45d5c3698a2f569ea830e31ac815d\System.Data.Entity.ni.dll
+ 2012-02-16 18:36 . 2012-02-16 18:36 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\de7b98adae0cf9ef3ee34eba29b9e0d9\PresentationFramework.ni.dll
+ 2012-02-16 18:35 . 2012-02-16 18:35 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7d0085af8163b715488f2ed72d2b404\PresentationCore.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 10624512 c:\windows\assembly\NativeImages_v2.0.50727_64\System\d5bc322d03a6628891b1e1232c4815af\System.ni.dll
+ 2012-02-16 18:43 . 2012-02-16 18:43 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\87a79dd88275c7e7536a0476f2ed79aa\System.Windows.Forms.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\3ea6f4cb8bba38f9d66275c36dd8825e\System.Web.ni.dll
+ 2012-02-16 18:56 . 2012-02-16 18:56 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\0b51b0626d95de7446d132c73edd77cc\System.ServiceModel.ni.dll
+ 2012-02-16 18:58 . 2012-02-16 18:58 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\e18dbed9e34d7d56cc7e2f683de12237\System.Management.Automation.ni.dll
+ 2012-02-16 18:45 . 2012-02-16 18:45 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\0ad116b6a293e4fad1add26610df466d\System.Design.ni.dll
+ 2012-02-16 18:59 . 2012-02-16 18:59 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\00b730e56986ad4f378e420fa8606395\System.Data.Entity.ni.dll
+ 2012-02-16 18:44 . 2012-02-16 18:44 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\be975224912fc63f0398ad0c969ba144\PresentationFramework.ni.dll
+ 2012-02-16 18:43 . 2012-02-16 18:43 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\0fa603af6ee814498c20f46e00e5f891\PresentationCore.ni.dll
+ 2012-02-16 18:57 . 2012-02-16 18:57 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\089d0fee0e702f9b9a611f761cb3bd8a\ehshell.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
+ 2012-02-16 19:25 . 2012-02-16 19:25 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll
+ 2012-02-16 18:42 . 2012-02-16 18:42 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f89f5d786e54381f9058656271a0aca8\System.Design.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
+ 2012-02-16 18:41 . 2012-02-16 18:41 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
.
-- Snapshot teruggezet naar huidige datum --
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-09-17 160328]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2010-11-14 222496]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-11-02 21392]
"ooVoo.exe"="c:\program files (x86)\ooVoo\oovoo.exe" [2011-12-12 22459984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2007-04-16 259624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-11-02 928656]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-11-02 3508624]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2011-12-01 296056]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
c:\users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-10-22 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/02/25 22:14;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-08-25 246256]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 FLEXnet Licensing Manager;FLEXnet Licensing Manager for Adobe Products;c:\windows\system32\regw2.exe [x]
R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-28 136176]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-28 136176]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 NgFilter;Aventail VPN Filter;c:\windows\system32\DRIVERS\ngfilter.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2010-07-23 296808]
S2 NgVpnMgr;Aventail VPN Client;c:\windows\system32\ngvpnmgr.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-14 1997416]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 uvnc_service;uvnc_service;c:\program files (x86)\UltraVNC\WinVNC.exe [2011-05-18 2016504]
S2 WTService;WTService;c:\windows\System32\atwtusb.exe [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NgLog;Aventail VPN Logging;c:\windows\system32\DRIVERS\nglog.sys [x]
S3 NgVpn;Aventail VPN Adapter;c:\windows\system32\DRIVERS\ngvpn.sys [x]
S3 NgWfp;Aventail VPN Callout;c:\windows\system32\DRIVERS\ngwfp.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-28 15:14]
.
2012-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-28 15:14]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-17 11613288]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"MacroKeyManager"="WTMKM.exe" [2010-02-09 6482152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://samsung.msn.com
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - c:\program files\Samsung AnyWeb Print\W2PBrowser.dll
TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
FF - ProfilePath - c:\users\Michele\AppData\Roaming\Mozilla\Firefox\Profiles\j99vqilg.default\
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-03-01 18:38:43
ComboFix-quarantined-files.txt 2012-03-01 17:38
.
Pre-Run: 49.136.607.232 bytes free
Post-Run: 50.558.812.160 bytes free
.
- - End Of File - - 289DBF81A71BC7C81C3D590214AB16E5
 
You must log in or register to reply here.

Similar threads

C
Differences in Internet Providers?
Replies
1
Views
348
Nelson28
N
losdavos
Malware removal help, please and thank you!
Replies
1
Views
882
losdavos
losdavos
M
May I be overvolting my CPU despite disabling Asus APE in BIOS?
Replies
3
Views
115
Marcos Baras
M

Latest posts

Back