Win32/patched Google redirect virus removal

Hi DMJ-
Ran the Hitman Pro and it did not find any threats. Still have the Google Redirect Virus with the Random Audio Ads. Let me know what to do next. Thanks again.

Here is Hitman Log:

Code:

HitmanPro 3.6.1.164
[URL='http://www.hitmanpro.com']www.hitmanpro.com[/URL]
   Computer name . . . . : HPDESKTOP1
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : HPDESKTOP1\JASON
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Trial (Expired)
   Scan date . . . . . . : 2012-08-21 20:19:36
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 12m 28s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 24
   Objects scanned . . . : 2,585,558
   Files scanned . . . . : 204,041
   Remnants scanned  . . : 1,099,559 files / 1,281,958 keys
Cookies _____________________________________________________________________
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:amazonwebstore.122.2o7.net
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:cj.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:members.cj.com
   C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Cookies\6J561480.txt
   C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Cookies\9X8PTMYA.txt
   C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Cookies\KBXG76Y7.txt
   C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Cookies\KFJ5RI3T.txt
   C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Cookies\KI87778Q.txt
   C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Cookies\Q0LQ4V1E.txt
   C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Cookies\RVS34AQ8.txt
   C:\Users\JASON\AppData\Roaming\Microsoft\Windows\Cookies\Z4ZUNNRO.txt

Ran the TDSS Killer and it said Zero Theats Found. Here is the log:


12:31:15.0773 8120 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03

12:31:16.0522 8120 ============================================================

12:31:16.0522 8120 Current date / time: 2012/08/22 12:31:16.0522

12:31:16.0522 8120 SystemInfo:

12:31:16.0522 8120

12:31:16.0522 8120 OS Version: 6.1.7601 ServicePack: 1.0

12:31:16.0522 8120 Product type: Workstation

12:31:16.0522 8120 ComputerName: HPDESKTOP1

12:31:16.0522 8120 UserName: JASON

12:31:16.0522 8120 Windows directory: C:\Windows

12:31:16.0522 8120 System windows directory: C:\Windows

12:31:16.0522 8120 Running under WOW64

12:31:16.0522 8120 Processor architecture: Intel x64

12:31:16.0522 8120 Number of processors: 4

12:31:16.0522 8120 Page size: 0x1000

12:31:16.0522 8120 Boot type: Normal boot

12:31:16.0522 8120 ============================================================

12:31:19.0174 8120 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:31:19.0206 8120 ============================================================

12:31:19.0206 8120 \Device\Harddisk0\DR0:

12:31:19.0221 8120 MBR partitions:

12:31:19.0221 8120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

12:31:19.0221 8120 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55A93000

12:31:19.0221 8120 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55AC5800, BlocksNum 0x1A80000

12:31:19.0221 8120 ============================================================

12:31:19.0315 8120 C: <-> \Device\Harddisk0\DR0\Partition2

12:31:19.0408 8120 D: <-> \Device\Harddisk0\DR0\Partition3

12:31:19.0408 8120 ============================================================

12:31:19.0408 8120 Initialize success

12:31:19.0408 8120 ============================================================

12:32:02.0449 6264 ============================================================

12:32:02.0449 6264 Scan started

12:32:02.0449 6264 Mode: Manual;

12:32:02.0449 6264 ============================================================

12:32:09.0110 6264 ================ Scan system memory ========================

12:32:09.0110 6264 System memory - ok

12:32:09.0110 6264 ================ Scan services =============================

12:32:10.0639 6264 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

12:32:10.0639 6264 1394ohci - ok

12:32:10.0701 6264 [ E656FE10D6D27794AFA08136685A69E8 ] 72999610 C:\Windows\system32\DRIVERS\72999610.sys

12:32:10.0764 6264 72999610 - ok

12:32:10.0888 6264 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

12:32:10.0904 6264 ACPI - ok

12:32:10.0982 6264 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

12:32:10.0982 6264 AcpiPmi - ok

12:32:11.0403 6264 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

12:32:11.0403 6264 AdobeARMservice - ok

12:32:11.0512 6264 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

12:32:11.0544 6264 adp94xx - ok

12:32:11.0653 6264 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

12:32:11.0668 6264 adpahci - ok

12:32:11.0746 6264 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

12:32:11.0762 6264 adpu320 - ok

12:32:11.0856 6264 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

12:32:11.0887 6264 AeLookupSvc - ok

12:32:11.0980 6264 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

12:32:11.0980 6264 AFD - ok

12:32:12.0043 6264 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

12:32:12.0043 6264 agp440 - ok

12:32:12.0058 6264 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

12:32:12.0058 6264 ALG - ok

12:32:12.0090 6264 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

12:32:12.0090 6264 aliide - ok

12:32:12.0136 6264 [ 2FDCB3E855076CE97CCB58E2CF8F2A09 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

12:32:12.0152 6264 AMD External Events Utility - ok

12:32:12.0168 6264 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

12:32:12.0168 6264 amdide - ok

12:32:12.0214 6264 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

12:32:12.0214 6264 AmdK8 - ok

12:32:12.0558 6264 [ 9920704BF815A5B42DA5264F013AAEB7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

12:32:12.0729 6264 amdkmdag - ok

12:32:12.0745 6264 [ 0D1055A47A8F5DC1CAA2701831293EBB ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

12:32:12.0776 6264 amdkmdap - ok

12:32:12.0838 6264 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

12:32:12.0854 6264 AmdPPM - ok

12:32:12.0916 6264 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

12:32:12.0932 6264 amdsata - ok

12:32:12.0979 6264 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

12:32:12.0979 6264 amdsbs - ok

12:32:12.0994 6264 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

12:32:12.0994 6264 amdxata - ok

12:32:13.0026 6264 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys

12:32:13.0026 6264 amd_sata - ok

12:32:13.0041 6264 [ A2D8977623E13591B15F6370C6CC37B0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys

12:32:13.0041 6264 amd_xata - ok

12:32:13.0104 6264 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

12:32:13.0104 6264 AppID - ok

12:32:13.0119 6264 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

12:32:13.0119 6264 AppIDSvc - ok

12:32:13.0135 6264 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

12:32:13.0150 6264 Appinfo - ok

12:32:13.0416 6264 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:32:13.0431 6264 Apple Mobile Device - ok

12:32:13.0774 6264 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

12:32:13.0774 6264 arc - ok

12:32:13.0806 6264 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

12:32:13.0806 6264 arcsas - ok

12:32:14.0211 6264 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

12:32:14.0320 6264 aspnet_state - ok

12:32:14.0367 6264 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

12:32:14.0383 6264 AsyncMac - ok

12:32:14.0461 6264 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

12:32:14.0476 6264 atapi - ok

12:32:14.0586 6264 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys

12:32:14.0601 6264 AtiPcie - ok

12:32:14.0710 6264 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

12:32:14.0726 6264 AudioEndpointBuilder - ok

12:32:14.0757 6264 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

12:32:14.0757 6264 AudioSrv - ok

12:32:15.0568 6264 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

12:32:15.0646 6264 AVGIDSAgent - ok

12:32:15.0724 6264 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

12:32:15.0724 6264 AVGIDSDriver - ok

12:32:15.0756 6264 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys

12:32:15.0756 6264 AVGIDSFilter - ok

12:32:15.0802 6264 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

12:32:15.0802 6264 AVGIDSHA - ok

12:32:15.0849 6264 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

12:32:15.0849 6264 Avgldx64 - ok

12:32:15.0865 6264 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

12:32:15.0865 6264 Avgmfx64 - ok

12:32:15.0912 6264 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

12:32:15.0912 6264 Avgrkx64 - ok

12:32:15.0958 6264 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

12:32:15.0958 6264 Avgtdia - ok

12:32:15.0990 6264 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

12:32:15.0990 6264 avgwd - ok

12:32:16.0036 6264 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

12:32:16.0052 6264 AxInstSV - ok

12:32:16.0099 6264 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

12:32:16.0099 6264 b06bdrv - ok

12:32:16.0161 6264 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

12:32:16.0161 6264 b57nd60a - ok

12:32:16.0224 6264 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

12:32:16.0224 6264 BDESVC - ok

12:32:16.0239 6264 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

12:32:16.0239 6264 Beep - ok

12:32:16.0286 6264 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

12:32:16.0302 6264 BFE - ok

12:32:16.0317 6264 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

12:32:16.0348 6264 BITS - ok

12:32:16.0380 6264 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

12:32:16.0380 6264 blbdrive - ok

12:32:16.0504 6264 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

12:32:16.0504 6264 Bonjour Service - ok

12:32:16.0536 6264 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

12:32:16.0536 6264 bowser - ok

12:32:16.0536 6264 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

12:32:16.0536 6264 BrFiltLo - ok

12:32:16.0536 6264 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

12:32:16.0536 6264 BrFiltUp - ok

12:32:16.0582 6264 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

12:32:16.0582 6264 BridgeMP - ok

12:32:16.0614 6264 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

12:32:16.0614 6264 Browser - ok

12:32:16.0629 6264 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

12:32:16.0629 6264 Brserid - ok

12:32:16.0629 6264 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

12:32:16.0645 6264 BrSerWdm - ok

12:32:16.0645 6264 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

12:32:16.0645 6264 BrUsbMdm - ok

12:32:16.0645 6264 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

12:32:16.0645 6264 BrUsbSer - ok

12:32:16.0660 6264 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

12:32:16.0660 6264 BTHMODEM - ok

12:32:16.0676 6264 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

12:32:16.0676 6264 bthserv - ok

12:32:17.0019 6264 [ 33E43A31AC6AC6BA95D4772D8CCA076F ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe

12:32:17.0128 6264 CarboniteService - ok

12:32:17.0160 6264 catchme - ok

12:32:17.0191 6264 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

12:32:17.0191 6264 cdfs - ok

12:32:17.0238 6264 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

12:32:17.0238 6264 cdrom - ok

12:32:17.0300 6264 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

12:32:17.0300 6264 CertPropSvc - ok

12:32:17.0331 6264 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

12:32:17.0331 6264 circlass - ok

12:32:17.0378 6264 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

12:32:17.0378 6264 CLFS - ok

12:32:17.0456 6264 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:32:17.0456 6264 clr_optimization_v2.0.50727_32 - ok

12:32:17.0503 6264 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

12:32:17.0518 6264 clr_optimization_v2.0.50727_64 - ok

12:32:17.0628 6264 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:32:17.0706 6264 clr_optimization_v4.0.30319_32 - ok

12:32:17.0721 6264 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:32:17.0784 6264 clr_optimization_v4.0.30319_64 - ok

12:32:17.0799 6264 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

12:32:17.0799 6264 CmBatt - ok

12:32:17.0815 6264 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

12:32:17.0815 6264 cmdide - ok

12:32:17.0862 6264 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

12:32:17.0862 6264 CNG - ok

12:32:17.0877 6264 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

12:32:17.0877 6264 Compbatt - ok

12:32:17.0908 6264 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

12:32:17.0924 6264 CompositeBus - ok

12:32:17.0924 6264 COMSysApp - ok

12:32:17.0940 6264 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

12:32:17.0955 6264 crcdisk - ok

12:32:18.0002 6264 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

12:32:18.0002 6264 CryptSvc - ok

12:32:18.0096 6264 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

12:32:18.0111 6264 cvhsvc - ok

12:32:18.0158 6264 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

12:32:18.0158 6264 DcomLaunch - ok

12:32:18.0189 6264 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

12:32:18.0189 6264 defragsvc - ok

12:32:18.0220 6264 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

12:32:18.0236 6264 DfsC - ok

12:32:18.0252 6264 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

12:32:18.0252 6264 Dhcp - ok

12:32:18.0283 6264 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

12:32:18.0283 6264 discache - ok

12:32:18.0314 6264 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

12:32:18.0330 6264 Disk - ok

12:32:18.0345 6264 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

12:32:18.0361 6264 Dnscache - ok

12:32:18.0392 6264 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

12:32:18.0408 6264 dot3svc - ok

12:32:18.0470 6264 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

12:32:18.0470 6264 Dot4 - ok

12:32:18.0517 6264 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys

12:32:18.0517 6264 Dot4Print - ok

12:32:18.0532 6264 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

12:32:18.0532 6264 dot4usb - ok

12:32:18.0564 6264 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

12:32:18.0564 6264 DPS - ok

12:32:18.0595 6264 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

12:32:18.0610 6264 drmkaud - ok

12:32:18.0642 6264 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

12:32:18.0642 6264 DXGKrnl - ok

12:32:18.0673 6264 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

12:32:18.0673 6264 EapHost - ok

12:32:18.0735 6264 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

12:32:18.0798 6264 ebdrv - ok

12:32:18.0860 6264 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

12:32:18.0860 6264 EFS - ok

12:32:18.0907 6264 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

12:32:18.0922 6264 ehRecvr - ok

12:32:18.0954 6264 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

12:32:18.0954 6264 ehSched - ok

12:32:18.0969 6264 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

12:32:18.0969 6264 elxstor - ok

12:32:18.0985 6264 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

12:32:18.0985 6264 ErrDev - ok

12:32:19.0016 6264 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

12:32:19.0016 6264 EventSystem - ok

12:32:19.0032 6264 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

12:32:19.0032 6264 exfat - ok

12:32:19.0063 6264 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

12:32:19.0063 6264 fastfat - ok

12:32:19.0094 6264 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

12:32:19.0094 6264 Fax - ok

12:32:19.0094 6264 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

12:32:19.0110 6264 fdc - ok

12:32:19.0125 6264 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

12:32:19.0125 6264 fdPHost - ok

12:32:19.0141 6264 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

12:32:19.0141 6264 FDResPub - ok

12:32:19.0156 6264 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

12:32:19.0156 6264 FileInfo - ok

12:32:19.0156 6264 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

12:32:19.0156 6264 Filetrace - ok

12:32:19.0172 6264 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

12:32:19.0172 6264 flpydisk - ok

12:32:19.0188 6264 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

12:32:19.0188 6264 FltMgr - ok

12:32:19.0234 6264 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

12:32:19.0250 6264 FontCache - ok

12:32:19.0281 6264 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:32:19.0281 6264 FontCache3.0.0.0 - ok

12:32:19.0312 6264 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

12:32:19.0312 6264 FsDepends - ok

12:32:19.0328 6264 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

12:32:19.0344 6264 Fs_Rec - ok

12:32:19.0375 6264 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

12:32:19.0375 6264 fvevol - ok

12:32:19.0390 6264 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

12:32:19.0390 6264 gagp30kx - ok

12:32:19.0453 6264 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

12:32:19.0453 6264 GameConsoleService - ok

12:32:19.0546 6264 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

12:32:19.0546 6264 GEARAspiWDM - ok

12:32:19.0593 6264 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

12:32:19.0593 6264 gpsvc - ok

12:32:19.0687 6264 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:32:19.0687 6264 gupdate - ok

12:32:19.0718 6264 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:32:19.0718 6264 gupdatem - ok

12:32:19.0734 6264 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

12:32:19.0734 6264 hcw85cir - ok

12:32:19.0796 6264 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

12:32:19.0796 6264 HdAudAddService - ok

12:32:19.0827 6264 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

12:32:19.0827 6264 HDAudBus - ok

12:32:19.0843 6264 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

12:32:19.0843 6264 HidBatt - ok

12:32:19.0858 6264 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

12:32:19.0858 6264 HidBth - ok

12:32:19.0858 6264 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

12:32:19.0858 6264 HidIr - ok

12:32:19.0890 6264 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

12:32:19.0890 6264 hidserv - ok

12:32:19.0936 6264 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

12:32:19.0968 6264 HidUsb - ok

12:32:19.0983 6264 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

12:32:19.0983 6264 hkmsvc - ok

12:32:19.0999 6264 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

12:32:19.0999 6264 HomeGroupListener - ok

12:32:20.0014 6264 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

12:32:20.0014 6264 HomeGroupProvider - ok

12:32:20.0139 6264 [ 170233B8D743EFE35F462A5D516B93E3 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

12:32:20.0155 6264 HP Support Assistant Service - ok

12:32:20.0186 6264 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

12:32:20.0186 6264 HPClientSvc - ok

12:32:20.0233 6264 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

12:32:20.0248 6264 HPDrvMntSvc.exe - ok

12:32:20.0280 6264 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

12:32:20.0295 6264 hpqwmiex - ok

12:32:20.0311 6264 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

12:32:20.0326 6264 HpSAMD - ok

12:32:20.0358 6264 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

12:32:20.0358 6264 HTTP - ok

12:32:20.0404 6264 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

12:32:20.0404 6264 hwpolicy - ok

12:32:20.0436 6264 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

12:32:20.0451 6264 i8042prt - ok

12:32:20.0498 6264 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

12:32:20.0514 6264 iaStorV - ok

12:32:20.0716 6264 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

12:32:20.0794 6264 idsvc - ok

12:32:20.0857 6264 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

12:32:20.0857 6264 iirsp - ok

12:32:21.0060 6264 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

12:32:21.0075 6264 IKEEXT - ok

12:32:21.0169 6264 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

12:32:21.0216 6264 IntcAzAudAddService - ok

12:32:21.0216 6264 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

12:32:21.0231 6264 intelide - ok

12:32:21.0262 6264 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

12:32:21.0262 6264 intelppm - ok

12:32:21.0294 6264 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

12:32:21.0294 6264 IPBusEnum - ok

12:32:21.0325 6264 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:32:21.0325 6264 IpFilterDriver - ok

12:32:21.0340 6264 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

12:32:21.0356 6264 iphlpsvc - ok

12:32:21.0372 6264 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

12:32:21.0372 6264 IPMIDRV - ok

12:32:21.0387 6264 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

12:32:21.0387 6264 IPNAT - ok

12:32:21.0481 6264 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

12:32:21.0528 6264 iPod Service - ok

12:32:21.0559 6264 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

12:32:21.0559 6264 IRENUM - ok

12:32:21.0590 6264 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

12:32:21.0590 6264 isapnp - ok

12:32:21.0621 6264 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

12:32:21.0621 6264 iScsiPrt - ok

12:32:21.0652 6264 JmUjk3Ai - ok

12:32:21.0668 6264 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

12:32:21.0668 6264 kbdclass - ok

12:32:21.0684 6264 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

12:32:21.0684 6264 kbdhid - ok

12:32:21.0699 6264 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

12:32:21.0699 6264 KeyIso - ok

12:32:21.0730 6264 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

12:32:21.0730 6264 KSecDD - ok

12:32:21.0746 6264 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

12:32:21.0746 6264 KSecPkg - ok

12:32:21.0762 6264 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

12:32:21.0762 6264 ksthunk - ok

12:32:21.0808 6264 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

12:32:21.0808 6264 KtmRm - ok

12:32:21.0824 6264 kxhaBH20 - ok

12:32:21.0855 6264 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

12:32:21.0855 6264 LanmanServer - ok

12:32:21.0871 6264 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

12:32:21.0871 6264 LanmanWorkstation - ok

12:32:21.0933 6264 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

12:32:21.0933 6264 LightScribeService - ok

12:32:21.0949 6264 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

12:32:21.0949 6264 lltdio - ok

12:32:21.0980 6264 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

12:32:21.0980 6264 lltdsvc - ok

12:32:21.0996 6264 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

12:32:21.0996 6264 lmhosts - ok

12:32:22.0011 6264 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

12:32:22.0011 6264 LSI_FC - ok

12:32:22.0027 6264 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

12:32:22.0027 6264 LSI_SAS - ok

12:32:22.0027 6264 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

12:32:22.0027 6264 LSI_SAS2 - ok

12:32:22.0042 6264 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

12:32:22.0042 6264 LSI_SCSI - ok

12:32:22.0058 6264 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

12:32:22.0058 6264 luafv - ok

12:32:22.0105 6264 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

12:32:22.0120 6264 Mcx2Svc - ok

12:32:22.0120 6264 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

12:32:22.0136 6264 megasas - ok

12:32:22.0136 6264 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

12:32:22.0136 6264 MegaSR - ok

12:32:22.0183 6264 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

12:32:22.0183 6264 MMCSS - ok

12:32:22.0183 6264 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

12:32:22.0183 6264 Modem - ok

12:32:22.0214 6264 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

12:32:22.0214 6264 monitor - ok

12:32:22.0245 6264 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

12:32:22.0245 6264 mouclass - ok

12:32:22.0292 6264 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

12:32:22.0292 6264 mouhid - ok

12:32:22.0339 6264 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

12:32:22.0339 6264 mountmgr - ok

12:32:22.0354 6264 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

12:32:22.0370 6264 mpio - ok

12:32:22.0386 6264 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

12:32:22.0386 6264 mpsdrv - ok

12:32:22.0417 6264 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

12:32:22.0432 6264 MpsSvc - ok

12:32:22.0448 6264 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

12:32:22.0448 6264 MRxDAV - ok

12:32:22.0479 6264 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

12:32:22.0479 6264 mrxsmb - ok

12:32:22.0510 6264 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:32:22.0510 6264 mrxsmb10 - ok

12:32:22.0542 6264 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:32:22.0542 6264 mrxsmb20 - ok

12:32:22.0542 6264 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

12:32:22.0557 6264 msahci - ok

12:32:22.0620 6264 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe

12:32:22.0620 6264 MSCamSvc - ok

12:32:22.0635 6264 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

12:32:22.0635 6264 msdsm - ok

12:32:22.0651 6264 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

12:32:22.0651 6264 MSDTC - ok

12:32:22.0682 6264 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

12:32:22.0682 6264 Msfs - ok

12:32:22.0682 6264 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

12:32:22.0698 6264 mshidkmdf - ok

12:32:22.0744 6264 [ 55218F924E55FD2786ED40EDF4ED79C3 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys

12:32:22.0744 6264 MSHUSBVideo - ok

12:32:22.0744 6264 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

12:32:22.0760 6264 msisadrv - ok

12:32:22.0994 6264 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

12:32:22.0994 6264 MSiSCSI - ok

12:32:23.0010 6264 msiserver - ok

12:32:23.0103 6264 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

12:32:23.0103 6264 MSKSSRV - ok

12:32:23.0166 6264 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

12:32:23.0166 6264 MSPCLOCK - ok

12:32:23.0181 6264 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

12:32:23.0181 6264 MSPQM - ok

12:32:23.0212 6264 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

12:32:23.0212 6264 MsRPC - ok

12:32:23.0244 6264 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

12:32:23.0244 6264 mssmbios - ok

12:32:23.0400 6264 MSSQL$SHIPWORKS - ok

12:32:23.0571 6264 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

12:32:23.0571 6264 MSSQLServerADHelper100 - ok

12:32:23.0587 6264 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

12:32:23.0587 6264 MSTEE - ok

12:32:23.0602 6264 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

12:32:23.0602 6264 MTConfig - ok

12:32:23.0618 6264 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

12:32:23.0618 6264 Mup - ok

12:32:23.0649 6264 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

12:32:23.0665 6264 napagent - ok

12:32:23.0712 6264 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

12:32:23.0712 6264 NativeWifiP - ok

12:32:23.0774 6264 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys

12:32:23.0774 6264 NDIS - ok

12:32:23.0821 6264 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

12:32:23.0836 6264 NdisCap - ok

12:32:23.0868 6264 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

12:32:23.0868 6264 NdisTapi - ok

12:32:23.0899 6264 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

12:32:23.0899 6264 Ndisuio - ok

12:32:23.0930 6264 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

12:32:23.0930 6264 NdisWan - ok

12:32:23.0961 6264 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

12:32:23.0961 6264 NDProxy - ok

12:32:23.0992 6264 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

12:32:23.0992 6264 NetBIOS - ok

12:32:24.0008 6264 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

12:32:24.0008 6264 NetBT - ok

12:32:24.0039 6264 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

12:32:24.0039 6264 Netlogon - ok

12:32:24.0070 6264 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

12:32:24.0070 6264 Netman - ok

12:32:24.0133 6264 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:32:24.0164 6264 NetMsmqActivator - ok

12:32:24.0164 6264 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:32:24.0164 6264 NetPipeActivator - ok

12:32:24.0180 6264 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

12:32:24.0195 6264 netprofm - ok

12:32:24.0273 6264 [ 1982B291DF9833FB3ADC397EBD310A18 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys

12:32:24.0273 6264 netr28x - ok

12:32:24.0289 6264 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:32:24.0289 6264 NetTcpActivator - ok

12:32:24.0289 6264 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:32:24.0289 6264 NetTcpPortSharing - ok

12:32:24.0320 6264 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

12:32:24.0336 6264 nfrd960 - ok

12:32:24.0351 6264 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

12:32:24.0351 6264 NlaSvc - ok

12:32:24.0367 6264 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

12:32:24.0367 6264 Npfs - ok

12:32:24.0382 6264 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

12:32:24.0382 6264 nsi - ok

12:32:24.0382 6264 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

12:32:24.0382 6264 nsiproxy - ok

12:32:24.0445 6264 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

12:32:24.0476 6264 Ntfs - ok

12:32:24.0492 6264 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

12:32:24.0492 6264 Null - ok

12:32:24.0538 6264 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

12:32:24.0554 6264 nvraid - ok

12:32:24.0554 6264 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

12:32:24.0570 6264 nvstor - ok

12:32:24.0601 6264 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

12:32:24.0601 6264 nv_agp - ok

12:32:24.0632 6264 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

12:32:24.0632 6264 ohci1394 - ok

12:32:24.0757 6264 [ D8A0164A79D4BFD6083945C5431E41E7 ] OpenVPNService C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe

12:32:24.0757 6264 OpenVPNService - ok

12:32:24.0788 6264 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:32:24.0866 6264 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:32:24.0975 6264 osppsvc - ok
12:32:25.0038 6264 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:32:25.0038 6264 p2pimsvc - ok
12:32:25.0069 6264 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:32:25.0069 6264 p2psvc - ok
12:32:25.0084 6264 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:32:25.0084 6264 Parport - ok
12:32:25.0116 6264 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:32:25.0116 6264 partmgr - ok
12:32:25.0147 6264 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:32:25.0147 6264 PcaSvc - ok
12:32:25.0162 6264 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:32:25.0178 6264 pci - ok
12:32:25.0194 6264 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:32:25.0194 6264 pciide - ok
12:32:25.0209 6264 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:32:25.0209 6264 pcmcia - ok
12:32:25.0225 6264 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:32:25.0225 6264 pcw - ok
12:32:25.0256 6264 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:32:25.0256 6264 PEAUTH - ok
12:32:25.0350 6264 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:32:25.0350 6264 PerfHost - ok
12:32:25.0396 6264 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:32:25.0428 6264 pla - ok
12:32:25.0490 6264 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:32:25.0506 6264 PlugPlay - ok
12:32:25.0521 6264 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:32:25.0521 6264 PNRPAutoReg - ok
12:32:25.0521 6264 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:32:25.0521 6264 PNRPsvc - ok
12:32:25.0568 6264 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:32:25.0568 6264 PolicyAgent - ok
12:32:25.0599 6264 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:32:25.0599 6264 Power - ok
12:32:25.0630 6264 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:32:25.0646 6264 PptpMiniport - ok
12:32:25.0662 6264 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:32:25.0662 6264 Processor - ok
12:32:25.0693 6264 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:32:25.0693 6264 ProfSvc - ok
12:32:25.0708 6264 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:32:25.0708 6264 ProtectedStorage - ok
12:32:25.0755 6264 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:32:25.0755 6264 Psched - ok
12:32:25.0818 6264 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:32:25.0818 6264 PxHlpa64 - ok
12:32:25.0911 6264 [ 4080E220EB20D87AE74D12570B8A8027 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
12:32:25.0911 6264 QBCFMonitorService - ok
12:32:25.0974 6264 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
12:32:25.0974 6264 QBFCService - ok
12:32:26.0130 6264 [ 78AFB70DBE365BD6140E6740792AC3EA ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
12:32:26.0161 6264 QBVSS - ok
12:32:26.0223 6264 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:32:26.0254 6264 ql2300 - ok
12:32:26.0254 6264 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:32:26.0254 6264 ql40xx - ok
12:32:26.0286 6264 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:32:26.0286 6264 QWAVE - ok
12:32:26.0301 6264 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:32:26.0301 6264 QWAVEdrv - ok
12:32:26.0301 6264 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:32:26.0301 6264 RasAcd - ok
12:32:26.0317 6264 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:32:26.0317 6264 RasAgileVpn - ok
12:32:26.0332 6264 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:32:26.0332 6264 RasAuto - ok
12:32:26.0364 6264 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:32:26.0364 6264 Rasl2tp - ok
12:32:26.0379 6264 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:32:26.0379 6264 RasMan - ok
12:32:26.0410 6264 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:32:26.0410 6264 RasPppoe - ok
12:32:26.0410 6264 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:32:26.0410 6264 RasSstp - ok
12:32:26.0442 6264 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:32:26.0442 6264 rdbss - ok
12:32:26.0457 6264 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:32:26.0457 6264 rdpbus - ok
12:32:26.0504 6264 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:32:26.0504 6264 RDPCDD - ok
12:32:26.0520 6264 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:32:26.0520 6264 RDPENCDD - ok
12:32:26.0520 6264 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:32:26.0520 6264 RDPREFMP - ok
12:32:26.0566 6264 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:32:26.0566 6264 RDPWD - ok
12:32:26.0613 6264 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:32:26.0613 6264 rdyboost - ok
12:32:26.0644 6264 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:32:26.0644 6264 RemoteAccess - ok
12:32:26.0644 6264 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:32:26.0660 6264 RemoteRegistry - ok
12:32:26.0660 6264 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:32:26.0660 6264 RpcEptMapper - ok
12:32:26.0676 6264 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:32:26.0676 6264 RpcLocator - ok
12:32:26.0722 6264 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:32:26.0722 6264 RpcSs - ok
12:32:26.0800 6264 [ C606C5F712A3761896CEFFA4AF6B1268 ] RsFx0151 C:\Windows\system32\DRIVERS\RsFx0151.sys
12:32:26.0800 6264 RsFx0151 - ok
12:32:26.0816 6264 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:32:26.0832 6264 rspndr - ok
12:32:26.0878 6264 [ B15C021C2C9BB217A799D9532E8F04D4 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:32:26.0878 6264 RTL8167 - ok
12:32:26.0910 6264 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:32:26.0910 6264 SamSs - ok
12:32:26.0941 6264 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:32:26.0956 6264 sbp2port - ok
12:32:26.0972 6264 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:32:26.0972 6264 SCardSvr - ok
12:32:27.0003 6264 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:32:27.0003 6264 scfilter - ok
12:32:27.0034 6264 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:32:27.0050 6264 Schedule - ok
12:32:27.0097 6264 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:32:27.0097 6264 SCPolicySvc - ok
12:32:27.0112 6264 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:32:27.0112 6264 SDRSVC - ok
12:32:27.0128 6264 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:32:27.0128 6264 secdrv - ok
12:32:27.0144 6264 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:32:27.0144 6264 seclogon - ok
12:32:27.0175 6264 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:32:27.0175 6264 SENS - ok
12:32:27.0190 6264 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:32:27.0190 6264 SensrSvc - ok
12:32:27.0237 6264 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:32:27.0237 6264 Serenum - ok
12:32:27.0237 6264 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:32:27.0253 6264 Serial - ok
12:32:27.0284 6264 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:32:27.0284 6264 sermouse - ok
12:32:27.0315 6264 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:32:27.0315 6264 SessionEnv - ok
12:32:27.0331 6264 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:32:27.0346 6264 sffdisk - ok
12:32:27.0346 6264 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:32:27.0346 6264 sffp_mmc - ok
12:32:27.0362 6264 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:32:27.0362 6264 sffp_sd - ok
12:32:27.0362 6264 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:32:27.0378 6264 sfloppy - ok
12:32:27.0409 6264 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:32:27.0409 6264 Sftfs - ok
12:32:27.0487 6264 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:32:27.0502 6264 sftlist - ok
12:32:27.0534 6264 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:32:27.0534 6264 Sftplay - ok
12:32:27.0549 6264 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:32:27.0549 6264 Sftredir - ok
12:32:27.0565 6264 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:32:27.0565 6264 Sftvol - ok
12:32:27.0596 6264 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:32:27.0596 6264 sftvsa - ok
12:32:27.0627 6264 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:32:27.0627 6264 SharedAccess - ok
12:32:27.0658 6264 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:32:27.0674 6264 ShellHWDetection - ok
12:32:27.0705 6264 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:32:27.0721 6264 SiSRaid2 - ok
12:32:27.0768 6264 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:32:27.0768 6264 SiSRaid4 - ok
12:32:27.0814 6264 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:32:27.0814 6264 Smb - ok
12:32:27.0830 6264 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:32:27.0830 6264 SNMPTRAP - ok
12:32:27.0830 6264 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:32:27.0846 6264 spldr - ok
12:32:27.0908 6264 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:32:27.0908 6264 Spooler - ok
12:32:28.0002 6264 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:32:28.0064 6264 sppsvc - ok
12:32:28.0080 6264 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:32:28.0095 6264 sppuinotify - ok
12:32:28.0251 6264 [ 3420E0482AD95120B471B7328A8D7D08 ] SQLAgent$SHIPWORKS c:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\SQLAGENT.EXE
12:32:28.0251 6264 SQLAgent$SHIPWORKS - ok
12:32:28.0329 6264 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:32:28.0329 6264 SQLBrowser - ok
12:32:28.0438 6264 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:32:28.0438 6264 SQLWriter - ok
12:32:28.0470 6264 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:32:28.0470 6264 srv - ok
12:32:28.0485 6264 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:32:28.0485 6264 srv2 - ok
12:32:28.0501 6264 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:32:28.0501 6264 srvnet - ok
12:32:28.0548 6264 sS43NcfQ - ok
12:32:28.0594 6264 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:32:28.0594 6264 SSDPSRV - ok
12:32:28.0610 6264 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:32:28.0610 6264 SstpSvc - ok
12:32:28.0626 6264 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:32:28.0626 6264 stexstor - ok
12:32:28.0657 6264 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:32:28.0657 6264 StillCam - ok
12:32:28.0719 6264 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:32:28.0719 6264 stisvc - ok
12:32:28.0750 6264 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:32:28.0750 6264 swenum - ok
12:32:28.0906 6264 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:32:28.0906 6264 SwitchBoard - ok
12:32:28.0938 6264 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:32:28.0953 6264 swprv - ok
12:32:29.0031 6264 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:32:29.0078 6264 SysMain - ok
12:32:29.0109 6264 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:32:29.0109 6264 TabletInputService - ok
12:32:29.0156 6264 [ 3B73C849B41FB20D77B0E553214061A5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
12:32:29.0156 6264 tap0901 - ok
12:32:29.0187 6264 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:32:29.0203 6264 TapiSrv - ok
12:32:29.0218 6264 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:32:29.0218 6264 TBS - ok
12:32:29.0281 6264 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:32:29.0312 6264 Tcpip - ok
12:32:29.0374 6264 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:32:29.0374 6264 TCPIP6 - ok
12:32:29.0406 6264 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:32:29.0421 6264 tcpipreg - ok
12:32:29.0452 6264 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:32:29.0452 6264 TDPIPE - ok
12:32:29.0468 6264 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:32:29.0484 6264 TDTCP - ok
12:32:29.0499 6264 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:32:29.0499 6264 tdx - ok
12:32:29.0530 6264 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:32:29.0530 6264 TermDD - ok
12:32:29.0562 6264 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:32:29.0577 6264 TermService - ok
12:32:29.0577 6264 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:32:29.0593 6264 Themes - ok
12:32:29.0624 6264 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:32:29.0624 6264 THREADORDER - ok
12:32:29.0655 6264 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:32:29.0655 6264 TrkWks - ok
12:32:29.0702 6264 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:32:29.0702 6264 TrustedInstaller - ok
12:32:29.0733 6264 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:32:29.0749 6264 tssecsrv - ok
12:32:29.0780 6264 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:32:29.0780 6264 TsUsbFlt - ok
12:32:29.0827 6264 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:32:29.0827 6264 tunnel - ok
12:32:29.0842 6264 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:32:29.0842 6264 uagp35 - ok
12:32:29.0874 6264 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:32:29.0874 6264 udfs - ok
12:32:29.0889 6264 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:32:29.0889 6264 UI0Detect - ok
12:32:29.0936 6264 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:32:29.0936 6264 uliagpkx - ok
12:32:29.0952 6264 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:32:29.0952 6264 umbus - ok
12:32:29.0998 6264 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:32:29.0998 6264 UmPass - ok
12:32:30.0014 6264 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:32:30.0014 6264 upnphost - ok
12:32:30.0045 6264 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:32:30.0045 6264 USBAAPL64 - ok
12:32:30.0092 6264 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:32:30.0092 6264 usbaudio - ok
12:32:30.0123 6264 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:32:30.0123 6264 usbccgp - ok
12:32:30.0154 6264 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:32:30.0154 6264 usbcir - ok
12:32:30.0154 6264 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:32:30.0154 6264 usbehci - ok
12:32:30.0170 6264 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
12:32:30.0170 6264 usbfilter - ok
12:32:30.0201 6264 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:32:30.0201 6264 usbhub - ok
12:32:30.0217 6264 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:32:30.0217 6264 usbohci - ok
12:32:30.0248 6264 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:32:30.0248 6264 usbprint - ok
12:32:30.0264 6264 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:32:30.0264 6264 usbscan - ok
12:32:30.0279 6264 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:32:30.0279 6264 USBSTOR - ok
12:32:30.0295 6264 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:32:30.0295 6264 usbuhci - ok
12:32:30.0342 6264 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:32:30.0342 6264 usbvideo - ok
12:32:30.0357 6264 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:32:30.0357 6264 UxSms - ok
12:32:30.0420 6264 [ 5D66F58CD73F19C59D8C80202473D721 ] VAD_DEV C:\Windows\system32\drivers\vad.sys
12:32:30.0420 6264 VAD_DEV - ok
12:32:30.0435 6264 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:32:30.0435 6264 VaultSvc - ok
12:32:30.0466 6264 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:32:30.0466 6264 vdrvroot - ok
12:32:30.0482 6264 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:32:30.0498 6264 vds - ok
12:32:30.0513 6264 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:32:30.0513 6264 vga - ok
12:32:30.0529 6264 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:32:30.0529 6264 VgaSave - ok
12:32:30.0591 6264 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:32:30.0591 6264 vhdmp - ok
12:32:30.0622 6264 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:32:30.0622 6264 viaide - ok
12:32:30.0638 6264 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:32:30.0638 6264 volmgr - ok
12:32:30.0669 6264 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:32:30.0685 6264 volmgrx - ok
12:32:30.0700 6264 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:32:30.0716 6264 volsnap - ok
12:32:30.0747 6264 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:32:30.0763 6264 vsmraid - ok
12:32:30.0810 6264 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:32:30.0856 6264 VSS - ok
12:32:30.0856 6264 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:32:30.0872 6264 vwifibus - ok
12:32:30.0872 6264 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:32:30.0872 6264 vwififlt - ok
12:32:30.0919 6264 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:32:30.0919 6264 vwifimp - ok
12:32:30.0950 6264 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:32:30.0966 6264 W32Time - ok
12:32:30.0966 6264 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:32:30.0966 6264 WacomPen - ok
12:32:30.0981 6264 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:32:30.0981 6264 WANARP - ok
12:32:30.0981 6264 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:32:30.0997 6264 Wanarpv6 - ok
12:32:31.0059 6264 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:32:31.0090 6264 WatAdminSvc - ok
12:32:31.0153 6264 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:32:31.0215 6264 wbengine - ok
12:32:31.0231 6264 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:32:31.0246 6264 WbioSrvc - ok
12:32:31.0262 6264 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:32:31.0262 6264 wcncsvc - ok
12:32:31.0278 6264 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:32:31.0293 6264 WcsPlugInService - ok
12:32:31.0293 6264 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:32:31.0293 6264 Wd - ok
12:32:31.0309 6264 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:32:31.0309 6264 Wdf01000 - ok
12:32:31.0324 6264 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:32:31.0324 6264 WdiServiceHost - ok
12:32:31.0324 6264 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:32:31.0340 6264 WdiSystemHost - ok
12:32:31.0356 6264 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:32:31.0356 6264 WebClient - ok
12:32:31.0418 6264 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:32:31.0434 6264 Wecsvc - ok
12:32:31.0449 6264 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:32:31.0449 6264 wercplsupport - ok
12:32:31.0449 6264 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:32:31.0465 6264 WerSvc - ok
12:32:31.0465 6264 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:32:31.0480 6264 WfpLwf - ok
12:32:31.0512 6264 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:32:31.0512 6264 WIMMount - ok
12:32:31.0574 6264 WinDefend - ok
12:32:31.0574 6264 WinHttpAutoProxySvc - ok
12:32:31.0621 6264 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:32:31.0636 6264 Winmgmt - ok
12:32:31.0683 6264 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:32:31.0714 6264 WinRM - ok
12:32:31.0761 6264 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:32:31.0761 6264 WinUsb - ok
12:32:31.0792 6264 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:32:31.0792 6264 Wlansvc - ok
12:32:31.0902 6264 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:32:31.0933 6264 wlidsvc - ok
12:32:31.0980 6264 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:32:31.0980 6264 WmiAcpi - ok
12:32:31.0995 6264 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:32:31.0995 6264 wmiApSrv - ok
12:32:31.0995 6264 WMPNetworkSvc - ok
12:32:32.0042 6264 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:32:32.0042 6264 WPCSvc - ok
12:32:32.0073 6264 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:32:32.0073 6264 WPDBusEnum - ok
12:32:32.0089 6264 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:32:32.0089 6264 ws2ifsl - ok
12:32:32.0136 6264 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:32:32.0136 6264 wscsvc - ok
12:32:32.0182 6264 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:32:32.0182 6264 WSDPrintDevice - ok
12:32:32.0182 6264 WSearch - ok
12:32:32.0354 6264 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:32:32.0432 6264 wuauserv - ok
12:32:32.0448 6264 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:32:32.0448 6264 WudfPf - ok
12:32:32.0494 6264 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:32:32.0494 6264 WUDFRd - ok
12:32:32.0510 6264 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:32:32.0510 6264 wudfsvc - ok
12:32:32.0541 6264 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:32:32.0541 6264 WwanSvc - ok
12:32:32.0572 6264 ================ Scan global ===============================
12:32:32.0604 6264 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:32:32.0619 6264 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:32:32.0619 6264 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:32:32.0635 6264 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:32:32.0666 6264 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:32:32.0666 6264 [Global] - ok
12:32:32.0666 6264 ================ Scan MBR ==================================
12:32:32.0682 6264 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk0\DR0
12:32:32.0853 6264 \Device\Harddisk0\DR0 - ok
12:32:32.0853 6264 ================ Scan VBR ==================================
12:32:32.0853 6264 [ EBB14486CC5CAD835F2ED10CCFB260B8 ] \Device\Harddisk0\DR0\Partition1
12:32:32.0853 6264 \Device\Harddisk0\DR0\Partition1 - ok
12:32:32.0884 6264 [ AE2150F1E0C68F467D5672FA81FDE8A4 ] \Device\Harddisk0\DR0\Partition2
12:32:32.0884 6264 \Device\Harddisk0\DR0\Partition2 - ok
12:32:32.0900 6264 [ C1118D4DA237634E7F73DF5A70B77B0F ] \Device\Harddisk0\DR0\Partition3
12:32:32.0900 6264 \Device\Harddisk0\DR0\Partition3 - ok
12:32:32.0900 6264 ============================================================
12:32:32.0900 6264 Scan finished
12:32:32.0900 6264 ============================================================
12:32:32.0916 6020 Detected object count: 0
12:32:32.0916 6020 Actual detected object count: 0

Here is the new ComboFix Log. Thanks again.

ComboFix 12-08-22.03 - JASON 08/23/2012 17:14:23.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.1638 [GMT -7:00]
Running from: c:\users\JASON\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\regebaa.tmp
c:\users\JASON\g2mdlhlpx.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-24 to 2012-08-24 )))))))))))))))))))))))))))))))
.
.
2012-08-24 00:30 . 2012-08-24 00:30--------d-----w-c:\users\Public\AppData\Local\temp
2012-08-24 00:30 . 2012-08-24 00:30--------d-----w-c:\users\Default\AppData\Local\temp
2012-08-22 05:52 . 2012-08-22 05:51289768----a-w-c:\windows\system32\javaws.exe
2012-08-22 05:51 . 2012-08-22 05:51108008----a-w-c:\windows\system32\WindowsAccessBridge-64.dll
2012-08-22 05:51 . 2012-08-22 05:51189416----a-w-c:\windows\system32\javaw.exe
2012-08-22 05:51 . 2012-08-22 05:51188904----a-w-c:\windows\system32\java.exe
2012-08-22 05:51 . 2012-08-22 05:51--------d-----w-c:\program files\Java
2012-08-16 10:05 . 2012-08-16 10:05--------d-----w-c:\users\Default\AppData\Local\Microsoft Help
2012-08-15 11:24 . 2012-05-05 08:36503808----a-w-c:\windows\system32\srcore.dll
2012-08-15 11:24 . 2012-05-05 07:4643008----a-w-c:\windows\SysWow64\srclient.dll
2012-08-15 11:24 . 2012-02-11 06:43751104----a-w-c:\windows\system32\win32spl.dll
2012-08-15 11:24 . 2012-02-11 06:36559104----a-w-c:\windows\system32\spoolsv.exe
2012-08-15 11:24 . 2012-02-11 06:3667072----a-w-c:\windows\splwow64.exe
2012-08-15 11:24 . 2012-02-11 05:43492032----a-w-c:\windows\SysWow64\win32spl.dll
2012-08-15 11:24 . 2012-07-04 22:1673216----a-w-c:\windows\system32\netapi32.dll
2012-08-15 11:24 . 2012-07-04 22:1359392----a-w-c:\windows\system32\browcli.dll
2012-08-15 11:24 . 2012-07-04 22:13136704----a-w-c:\windows\system32\browser.dll
2012-08-15 11:24 . 2012-07-04 21:1441984----a-w-c:\windows\SysWow64\browcli.dll
2012-08-15 11:24 . 2012-07-18 18:153148800----a-w-c:\windows\system32\win32k.sys
2012-08-15 11:24 . 2012-05-14 05:26956928----a-w-c:\windows\system32\localspl.dll
2012-08-14 18:31 . 2012-08-14 18:3335712----a-w-c:\windows\SysWow64\drivers\kxhaBH20.sys
2012-08-14 18:31 . 2012-08-14 18:33--------d-----w-c:\program files\unhook
2012-08-14 18:19 . 2012-08-14 18:2635712----a-w-c:\windows\SysWow64\drivers\JmUjk3Ai.sys
2012-08-14 18:18 . 2012-08-14 18:2635712----a-w-c:\windows\SysWow64\drivers\sS43NcfQ.sys
2012-08-12 04:31 . 2012-08-08 18:11460888----a-w-c:\windows\system32\drivers\72999610.sys
2012-08-11 16:53 . 2012-08-11 16:53--------d-----w-c:\programdata\Kaspersky Lab
2012-08-10 20:05 . 2012-08-10 20:050----a-w-c:\windows\SysWow64\sho2CEA.tmp
2012-08-10 18:33 . 2012-08-10 18:330----a-w-c:\windows\SysWow64\sho26C6.tmp
2012-08-10 00:11 . 2012-08-10 00:110----a-w-c:\windows\SysWow64\shoA071.tmp
2012-08-07 02:29 . 2012-08-07 02:29--------d-----w-c:\users\JASON\AppData\Roaming\Malwarebytes
2012-08-07 02:28 . 2012-08-07 02:28--------d-----w-c:\programdata\Malwarebytes
2012-08-07 02:28 . 2012-08-07 02:28--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-07 02:28 . 2012-07-03 20:4624904----a-w-c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-22 05:51 . 2012-01-23 07:47916456----a-w-c:\windows\system32\deployJava1.dll
2012-08-22 05:51 . 2012-01-23 07:471034216----a-w-c:\windows\system32\npdeployJava1.dll
2012-08-16 10:00 . 2011-02-08 03:1162134624----a-w-c:\windows\system32\MRT.exe
2012-08-01 22:46 . 2012-04-05 08:41426184----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-01 22:46 . 2011-05-18 18:0370344----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-24 21:53 . 2012-07-24 21:530----a-w-c:\windows\SysWow64\sho8F12.tmp
2012-07-16 19:35 . 2012-07-16 19:350----a-w-c:\windows\SysWow64\sho61F2.tmp
2012-07-15 18:41 . 2012-07-15 18:410----a-w-c:\windows\SysWow64\sho1C27.tmp
2012-07-08 05:24 . 2012-07-08 05:240----a-w-c:\windows\SysWow64\shoD2A7.tmp
2012-06-16 16:12 . 2012-06-16 16:120----a-w-c:\windows\SysWow64\sho8934.tmp
2012-06-09 05:43 . 2012-07-15 06:1214172672----a-w-c:\windows\system32\shell32.dll
2012-06-06 15:49 . 2012-06-06 15:491070152----a-w-c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-15 06:122004480----a-w-c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-15 06:121881600----a-w-c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-15 06:111133568----a-w-c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-15 06:121390080----a-w-c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-15 06:121236992----a-w-c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-15 06:11805376----a-w-c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-22 07:2138424----a-w-c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 07:222428952----a-w-c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 07:2257880----a-w-c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 07:2244056----a-w-c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 07:20186752----a-w-c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-22 07:21701976----a-w-c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 07:222622464----a-w-c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 07:2036864----a-w-c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-22 07:2199840----a-w-c:\windows\system32\wudriver.dll
2012-06-02 05:50 . 2012-07-15 06:12458704----a-w-c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-15 06:1295600----a-w-c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-15 06:12151920----a-w-c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-15 06:12340992----a-w-c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-15 06:12307200----a-w-c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-15 06:1222016----a-w-c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-15 06:12225280----a-w-c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-15 06:12219136----a-w-c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-15 06:1296768----a-w-c:\windows\SysWow64\sspicli.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-20 . 58877D39A2D4E120CEE1EFF4DAD3D3FD . 857600 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
((((((((((((((((((((((((((((( SnapShot_2012-08-10_00.15.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-15 11:24 . 2012-07-04 21:1657344 c:\windows\SysWOW64\netapi32.dll
+ 2012-08-16 10:04 . 2012-06-29 00:0173216 c:\windows\SysWOW64\mshtmled.dll
- 2012-07-15 18:37 . 2012-06-02 08:1773216 c:\windows\SysWOW64\mshtmled.dll
- 2012-07-15 18:37 . 2012-06-02 08:2266048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-08-16 10:04 . 2012-06-29 00:0666048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-08-16 10:04 . 2012-06-29 00:0665024 c:\windows\SysWOW64\jsproxy.dll
- 2012-07-15 18:37 . 2012-06-02 08:2165024 c:\windows\SysWOW64\jsproxy.dll
- 2012-08-07 02:59 . 2012-08-07 02:5925094 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2012-08-24 03:41 . 2012-08-24 03:4125094 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-07-04 18:36 . 2012-08-09 23:0916384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\index.dat
+ 2012-07-04 18:36 . 2012-08-24 00:1116384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\index.dat
+ 2012-08-23 05:04 . 2012-08-23 05:0741472 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FC482F11-ECDF-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-18 15:47 . 2012-08-18 15:4833280 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FC1F5989-E94B-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-22 05:41 . 2012-08-22 05:4830720 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F873664B-EC1B-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-16 05:05 . 2012-08-16 05:0612288 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F218BCA0-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 05:05 . 2012-08-16 05:0612288 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F218BC9F-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-20 15:37 . 2012-08-20 15:3765536 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EFEE9D7F-EADC-11E1-B291-64315024E3AB}.dat
+ 2012-08-16 05:04 . 2012-08-16 05:0615360 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E7FD1207-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 04:42 . 2012-08-23 04:4829696 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E671504C-ECDC-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-20 06:25 . 2012-08-20 06:2611776 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E2460DEA-EA8F-11E1-B291-64315024E3AB}.dat
+ 2012-08-14 04:59 . 2012-08-14 05:0410240 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E0028F39-E5CC-11E1-84A5-64315024E3AB}.dat
+ 2012-08-17 09:06 . 2012-08-17 09:0910240 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DE5B547D-E84A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 18:54 . 2012-08-10 18:5514848 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DDF9796F-E31C-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-14 07:58 . 2012-08-14 08:0493184 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D94A1750-E5E5-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 07:22 . 2012-08-14 07:2729184 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D7DF4C10-E5E0-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 07:22 . 2012-08-14 07:2731744 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D7DF4C0E-E5E0-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 05:04 . 2012-08-16 05:0615360 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D7B9EE8E-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-10 19:44 . 2012-08-10 19:4889600 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D38552AE-E323-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-23 04:41 . 2012-08-23 04:4822016 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D3026BC0-ECDC-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-15 04:58 . 2012-08-15 05:0437376 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D26B5E5E-E695-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 05:04 . 2012-08-16 05:0615360 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D103DD9E-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 05:04 . 2012-08-16 05:0615360 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D103DD9C-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-21 17:36 . 2012-08-21 17:3792160 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{CD6F4331-EBB6-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-23 05:02 . 2012-08-23 05:0728672 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{CCB97A86-ECDF-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-13 07:59 . 2012-08-13 08:0131744 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C6487FDD-E51C-11E1-84A5-64315024E3AB}.dat
+ 2012-08-10 18:39 . 2012-08-10 18:4014848 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C4F199A2-E31A-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-17 05:02 . 2012-08-17 05:0856832 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C05356D8-E828-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 07:08 . 2012-08-13 07:1324576 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BB81EF6D-E515-11E1-84A5-64315024E3AB}.dat
+ 2012-08-11 11:28 . 2012-08-11 11:2812800 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B698D8DC-E3A7-11E1-83B5-64315024E3AB}.dat
+ 2012-08-16 05:03 . 2012-08-16 05:0615360 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B5799B87-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-11 11:28 . 2012-08-11 11:2838400 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B0635CA5-E3A7-11E1-83B5-64315024E3AB}.dat
+ 2012-08-16 05:03 . 2012-08-16 05:0622016 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AF20ECFA-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-18 20:09 . 2012-08-18 20:1019456 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AB00F5FE-E970-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-15 07:34 . 2012-08-15 07:3814848 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A6AF537A-E6AB-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 05:55 . 2012-08-14 05:5738400 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A4A2EA64-E5D4-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 05:02 . 2012-08-16 05:0622016 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A28C188E-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 07:08 . 2012-08-13 07:1311776 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A1143905-E515-11E1-84A5-64315024E3AB}.dat
+ 2012-08-21 04:06 . 2012-08-21 04:0718944 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A02CA918-EB45-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-19 04:44 . 2012-08-19 04:4721504 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9AFF21B6-E9B8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 05:01 . 2012-08-17 05:0624064 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{97279204-E828-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-12 23:08 . 2012-08-12 23:1110240 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{95E3631F-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-13 09:52 . 2012-08-13 09:5242496 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8ED594CF-E52C-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 05:54 . 2012-08-14 05:5739936 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8B0FF47F-E5D4-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 05:02 . 2012-08-16 05:0639424 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8ADDD821-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 05:02 . 2012-08-16 05:0625600 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8ADDD820-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-10 19:14 . 2012-08-10 19:1513824 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{896CF68B-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-19 07:07 . 2012-08-19 07:1268096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{85842197-E9CC-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-20 01:22 . 2012-08-20 01:2251200 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{85192DD7-EA65-11E1-B291-64315024E3AB}.dat
+ 2012-08-16 05:02 . 2012-08-16 05:0612800 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8450BF98-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-10 19:13 . 2012-08-10 19:1738400 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{827060CA-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-10 19:13 . 2012-08-10 19:1513824 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{81D13845-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-12 21:55 . 2012-08-12 21:5618944 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{78194822-E4C8-11E1-83B5-64315024E3AB}.dat
+ 2012-08-21 02:03 . 2012-08-21 02:0427136 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{746D75A4-EB34-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-19 04:43 . 2012-08-19 04:4766048 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7434B0EF-E9B8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 08:04 . 2012-08-13 08:0531744 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{72A264D0-E51D-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 05:01 . 2012-08-16 05:0612288 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6A32F214-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 05:01 . 2012-08-16 05:0615872 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6A32F212-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-21 11:07 . 2012-08-21 11:1478336 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{68088BCA-EB80-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-10 19:12 . 2012-08-10 19:1514336 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5D383EC6-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-21 04:04 . 2012-08-21 04:0548640 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5BAD2353-EB45-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-19 07:27 . 2012-08-19 07:2717408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{59D59468-E9CF-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-20 04:48 . 2012-08-20 04:4928672 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5652FA5C-EA82-11E1-B291-64315024E3AB}.dat
+ 2012-08-14 05:02 . 2012-08-14 05:0423040 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4F00C704-E5CD-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 05:00 . 2012-08-16 05:0612800 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4AFC0E39-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 05:00 . 2012-08-16 05:0612800 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4AFC0E37-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-11 04:52 . 2012-08-11 04:5919968 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{49EEB601-E370-11E1-83B5-64315024E3AB}.dat
+ 2012-08-16 08:06 . 2012-08-16 08:0796256 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{478D4BEE-E779-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 04:56 . 2012-08-13 05:0374240 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{465AD5AC-E503-11E1-84A5-64315024E3AB}.dat
+ 2012-08-17 05:06 . 2012-08-17 05:0810752 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{40FBD23F-E829-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 00:10 . 2012-08-13 00:1428672 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3F74682D-E4DB-11E1-AA63-64315024E3AB}.dat
+ 2012-08-21 09:04 . 2012-08-21 09:0410240 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3740E744-EB6F-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-20 04:47 . 2012-08-20 04:4826624 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3704DD73-EA82-11E1-B291-64315024E3AB}.dat
+ 2012-08-21 04:03 . 2012-08-21 04:0420992 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{34CE3510-EB45-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-10 19:11 . 2012-08-10 19:1512800 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{31FBAC23-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-18 15:48 . 2012-08-18 15:5486528 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2B3E82E7-E94C-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 05:07 . 2012-08-21 05:0948640 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{27F76F68-EB4E-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-17 09:08 . 2012-08-17 09:0810240 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{250AF511-E84B-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 04:45 . 2012-08-21 04:5116896 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1344E621-EB4B-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-16 05:05 . 2012-08-16 05:0612288 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0D8A9472-E760-11E1-8084-64315024E3AB}.dat
+ 2012-08-18 15:47 . 2012-08-18 15:4821504 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{075B2DAC-E94C-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 05:05 . 2012-08-16 05:0612288 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{03420DAD-E760-11E1-8084-64315024E3AB}.dat
+ 2012-07-04 18:33 . 2012-08-23 11:0281920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
- 2012-07-04 18:33 . 2012-08-09 23:0981920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2009-07-14 05:10 . 2012-08-24 03:4740292 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-07 03:46 . 2012-08-24 03:4714790 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4151112255-51104295-1799264657-1000_UserData.bin
+ 2011-09-05 17:04 . 2011-09-05 17:0437264 c:\windows\system32\spool\drivers\x64\3\ADREGP.DLL
- 2010-10-26 01:13 . 2011-09-05 17:0437264 c:\windows\system32\spool\drivers\x64\3\ADREGP.DLL
+ 2011-09-05 17:04 . 2011-09-05 17:0424984 c:\windows\system32\spool\drivers\x64\3\AdobePDFUI.dll
- 2010-10-26 01:13 . 2011-09-05 17:0424984 c:\windows\system32\spool\drivers\x64\3\AdobePDFUI.dll
- 2010-10-26 01:13 . 2011-09-05 17:0553656 c:\windows\system32\spool\drivers\x64\3\AdobePdf.dll
+ 2011-09-05 17:05 . 2011-09-05 17:0553656 c:\windows\system32\spool\drivers\x64\3\AdobePdf.dll
- 2012-07-15 18:37 . 2012-06-02 11:5796768 c:\windows\system32\mshtmled.dll
+ 2012-08-16 10:04 . 2012-06-29 03:4096768 c:\windows\system32\mshtmled.dll
- 2012-07-15 18:37 . 2012-06-02 12:0386528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-08-16 10:04 . 2012-06-29 03:4686528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-08-16 10:04 . 2012-06-29 03:4585504 c:\windows\system32\jsproxy.dll
- 2012-07-15 18:37 . 2012-06-02 12:0385504 c:\windows\system32\jsproxy.dll
+ 2009-07-14 05:30 . 2012-08-16 10:2286016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-07-24 21:4286016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-07-12 23:32 . 2011-04-28 03:5480384 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\BTHUSB.SYS
+ 2009-07-14 00:06 . 2009-07-14 00:0641984 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\bthenum.sys
+ 2011-02-07 04:31 . 2012-08-24 00:0816384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-07 04:31 . 2012-08-09 22:2116384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-07 04:31 . 2012-08-24 00:0832768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-02-07 04:31 . 2012-08-09 22:2132768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-24 00:0816384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-09 22:2116384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:46 . 2012-08-07 02:1794640 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:46 . 2012-08-19 23:3094640 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-02-20 04:46 . 2012-08-16 10:0534144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-02-20 04:46 . 2012-07-15 10:0634144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-02-20 04:46 . 2012-08-16 10:0543608 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
- 2011-02-20 04:46 . 2012-07-15 10:0619296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-02-20 04:46 . 2012-08-16 10:0519296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-08-22 08:03 . 2012-08-23 05:093584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{CBD0FFEF-EC2F-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-23 05:09 . 2012-08-24 00:113584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{BACB6136-ECE0-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-23 05:09 . 2012-08-23 05:096656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{BACB6135-ECE0-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-24 00:11 . 2012-08-24 00:116144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{49EC3960-ED80-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-20 07:02 . 2012-08-20 07:075632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{FA9FB2D2-EA94-11E1-B291-64315024E3AB}.dat
+ 2012-08-20 07:02 . 2012-08-20 07:025120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{FA0C1D81-EA94-11E1-B291-64315024E3AB}.dat
+ 2012-08-22 05:41 . 2012-08-22 05:414608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F873664A-EC1B-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-16 06:38 . 2012-08-16 06:395120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F6EDE423-E76C-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 03:02 . 2012-08-17 03:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F53A4D2D-E817-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 03:02 . 2012-08-17 03:025120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F5201E09-E817-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-19 11:06 . 2012-08-19 11:075120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F51A7727-E9ED-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-11 14:29 . 2012-08-11 14:305120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F5060DA4-E3C0-11E1-83B5-64315024E3AB}.dat
+ 2012-08-20 15:37 . 2012-08-20 15:375120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EFEE9D7E-EADC-11E1-B291-64315024E3AB}.dat
+ 2012-08-19 23:45 . 2012-08-19 23:465120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EF7D697C-EA57-11E1-B291-64315024E3AB}.dat
+ 2012-08-15 16:04 . 2012-08-15 16:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EF36DB6C-E6F2-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 18:05 . 2012-08-16 18:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EE973283-E7CC-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-23 00:17 . 2012-08-23 00:185120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EDA1B099-ECB7-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-10 22:30 . 2012-08-10 22:305120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EBFCAF34-E33A-11E1-83B5-64315024E3AB}.dat
+ 2012-08-19 23:45 . 2012-08-19 23:454608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E99A9562-EA57-11E1-B291-64315024E3AB}.dat
+ 2012-08-23 18:54 . 2012-08-23 18:545120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E8791CAA-ED53-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-15 07:07 . 2012-08-15 07:146144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E7B7F21B-E6A7-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 04:42 . 2012-08-23 04:485120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E671504B-ECDC-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-14 12:16 . 2012-08-14 12:175120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E232719D-E609-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 22:08 . 2012-08-16 22:085120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E1612DED-E7EE-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 06:36 . 2012-08-17 06:365120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E086684D-E835-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 05:46 . 2012-08-17 05:495632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E0343BBF-E82E-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 18:54 . 2012-08-10 18:544608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DDF9796E-E31C-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-21 07:07 . 2012-08-21 07:075120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DDE2DA7B-EB5E-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-14 07:58 . 2012-08-14 08:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D94A174F-E5E5-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 04:07 . 2012-08-16 04:075120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D906B429-E757-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 02:18 . 2012-08-23 02:195120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D6AC76C6-ECC8-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-11 22:35 . 2012-08-11 22:353584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D6444550-E404-11E1-83B5-64315024E3AB}.dat
+ 2012-08-20 04:45 . 2012-08-20 04:495632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D5777DEB-EA81-11E1-B291-64315024E3AB}.dat
+ 2012-08-18 20:03 . 2012-08-18 20:095120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D55BB180-E96F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 06:02 . 2012-08-21 06:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D4B824A9-EB55-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-19 17:53 . 2012-08-19 17:545120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D3DF2DBE-EA26-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-22 05:40 . 2012-08-22 05:403584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D3894F52-EC1B-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-23 04:41 . 2012-08-23 04:414608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D3026BBF-ECDC-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-17 12:05 . 2012-08-17 12:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D2EFFE28-E863-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-15 04:58 . 2012-08-15 04:584608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D26B5E5D-E695-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 00:07 . 2012-08-13 00:104608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D0F18F05-E4DA-11E1-AA63-64315024E3AB}.dat
+ 2012-08-21 17:36 . 2012-08-21 17:375120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CD6F4330-EBB6-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-22 05:39 . 2012-08-22 05:405120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CB87CE87-EC1B-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-14 23:57 . 2012-08-14 23:585120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C906DB62-E66B-11E1-8084-64315024E3AB}.dat
+ 2012-08-18 01:05 . 2012-08-18 01:065120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C743650A-E8D0-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-20 15:14 . 2012-08-20 15:145120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C6CBABF0-EAD9-11E1-B291-64315024E3AB}.dat
+ 2012-08-13 18:14 . 2012-08-13 18:155120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C5FDCFAD-E572-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 19:02 . 2012-08-15 19:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C5EA8F63-E70B-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 09:03 . 2012-08-19 09:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C547E62C-E9DC-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 18:39 . 2012-08-10 18:404608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C4F199A1-E31A-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-15 08:32 . 2012-08-15 08:335120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C3738091-E6B3-11E1-8084-64315024E3AB}.dat
+ 2012-08-20 23:35 . 2012-08-20 23:355120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C3648E6C-EB1F-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-12 03:42 . 2012-08-12 03:435120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{BF5F0DDC-E42F-11E1-83B5-64315024E3AB}.dat
+ 2012-08-16 02:11 . 2012-08-16 02:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{BB2B54E0-E747-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 07:11 . 2012-08-17 07:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B989C83E-E83A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 16:12 . 2012-08-13 16:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B91F4737-E561-11E1-84A5-64315024E3AB}.dat
+ 2012-08-20 06:53 . 2012-08-20 06:534608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B91BF00F-EA93-11E1-B291-64315024E3AB}.dat
+ 2012-08-11 07:03 . 2012-08-11 07:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B8FE51D3-E382-11E1-83B5-64315024E3AB}.dat

+ 2012-08-16 08:02 . 2012-08-16 08:075120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B791D8D9-E778-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 13:56 . 2012-08-19 13:575120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B627054F-EA05-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 01:03 . 2012-08-13 01:095120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B60A283C-E4E2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-16 04:06 . 2012-08-16 04:065120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B59F4691-E757-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 01:52 . 2012-08-14 01:535120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B524E97B-E5B2-11E1-84A5-64315024E3AB}.dat
+ 2012-08-13 09:03 . 2012-08-13 09:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B4FD4724-E525-11E1-84A5-64315024E3AB}.dat
+ 2012-08-20 09:30 . 2012-08-20 09:315120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B4C38EB4-EAA9-11E1-B291-64315024E3AB}.dat
+ 2012-08-15 14:37 . 2012-08-15 14:375120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B347366D-E6E6-11E1-8084-64315024E3AB}.dat
+ 2012-08-10 19:07 . 2012-08-10 19:158192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B1E2E688-E31E-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-11 11:28 . 2012-08-11 11:286656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B0635CA4-E3A7-11E1-83B5-64315024E3AB}.dat
+ 2012-08-13 18:14 . 2012-08-13 18:145120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B05F7053-E572-11E1-84A5-64315024E3AB}.dat
+ 2012-08-11 07:25 . 2012-08-11 07:315120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AE887BE9-E385-11E1-83B5-64315024E3AB}.dat
+ 2012-08-14 01:52 . 2012-08-14 01:535120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{ADF4E1C8-E5B2-11E1-84A5-64315024E3AB}.dat
+ 2012-08-23 23:10 . 2012-08-23 23:105120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{ADDEFAD1-ED77-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-15 02:12 . 2012-08-15 02:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AD05DDF8-E67E-11E1-8084-64315024E3AB}.dat
+ 2012-08-20 03:18 . 2012-08-20 03:185120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{ACE75F8A-EA75-11E1-B291-64315024E3AB}.dat
+ 2012-08-14 07:21 . 2012-08-14 07:275120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AB7300F2-E5E0-11E1-84A5-64315024E3AB}.dat
+ 2012-08-13 21:34 . 2012-08-13 21:355120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AABB3CB6-E58E-11E1-84A5-64315024E3AB}.dat
+ 2012-08-12 01:40 . 2012-08-12 01:405120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A9976AE9-E41E-11E1-83B5-64315024E3AB}.dat
+ 2012-08-11 16:29 . 2012-08-11 16:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A7B32D08-E3D1-11E1-83B5-64315024E3AB}.dat
+ 2012-08-13 23:36 . 2012-08-13 23:365120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A7496527-E59F-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 22:29 . 2012-08-15 22:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A655CBBA-E728-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 21:34 . 2012-08-13 21:355120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A620F38F-E58E-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 06:58 . 2012-08-15 06:595120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A5324001-E6A6-11E1-8084-64315024E3AB}.dat
+ 2012-08-12 03:41 . 2012-08-12 03:413584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A49298E9-E42F-11E1-83B5-64315024E3AB}.dat
+ 2012-08-14 07:07 . 2012-08-14 07:075120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A4719944-E5DE-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 19:01 . 2012-08-15 19:025120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A2A36A9B-E70B-11E1-8084-64315024E3AB}.dat
+ 2012-08-21 04:06 . 2012-08-21 04:075120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A02CA917-EB45-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-16 21:16 . 2012-08-16 21:163584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9CB7903F-E7E7-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-18 15:44 . 2012-08-18 15:474608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9B1039C9-E94B-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 10:47 . 2012-08-21 10:485120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9B0C30FB-EB7D-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-12 22:25 . 2012-08-12 22:254608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9AFD112D-E4CC-11E1-AA63-64315024E3AB}.dat
+ 2012-08-16 02:10 . 2012-08-16 02:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9A4B0793-E747-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 14:28 . 2012-08-16 14:285120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{985D2CA8-E7AE-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 05:01 . 2012-08-17 05:064608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{97DEDBF9-E828-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 02:04 . 2012-08-21 02:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{97BCAB89-EB34-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-23 16:42 . 2012-08-23 16:435120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9765CF14-ED41-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-17 05:01 . 2012-08-17 05:065120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{97279203-E828-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 19:42 . 2012-08-10 19:444608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{96996773-E323-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-16 14:28 . 2012-08-16 14:285120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{965FC62D-E7AE-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-23 06:05 . 2012-08-23 06:065120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{953B0E88-ECE8-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-21 02:04 . 2012-08-21 02:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{94E1E514-EB34-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-14 22:37 . 2012-08-14 22:375120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{93B059E8-E660-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 02:02 . 2012-08-17 02:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9326D93C-E80F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 02:02 . 2012-08-17 02:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{930CAA18-E80F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-11 13:29 . 2012-08-11 13:305120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{92C57584-E3B8-11E1-83B5-64315024E3AB}.dat
+ 2012-08-15 01:57 . 2012-08-15 01:585120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9097305A-E67C-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 00:05 . 2012-08-13 00:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8EDC3B59-E4DA-11E1-AA63-64315024E3AB}.dat
+ 2012-08-13 09:52 . 2012-08-13 09:525120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8ED594CE-E52C-11E1-84A5-64315024E3AB}.dat
+ 2012-08-23 15:31 . 2012-08-23 15:315120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8B303988-ED37-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-15 04:13 . 2012-08-15 04:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{884811E0-E68F-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 19:09 . 2012-08-14 19:094608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{882F2F65-E643-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 00:05 . 2012-08-13 00:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{87AE9506-E4DA-11E1-AA63-64315024E3AB}.dat
+ 2012-08-14 04:57 . 2012-08-14 05:025632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{87284517-E5CC-11E1-84A5-64315024E3AB}.dat
+ 2012-08-19 07:07 . 2012-08-19 07:114608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{85842196-E9CC-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 14:58 . 2012-08-14 14:595120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{85413DED-E620-11E1-84A5-64315024E3AB}.dat
+ 2012-08-22 07:03 . 2012-08-22 07:095632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{83D4DF53-EC27-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-12 23:57 . 2012-08-13 00:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{833782C2-E4D9-11E1-AA63-64315024E3AB}.dat
+ 2012-08-15 10:32 . 2012-08-15 10:325120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8300DB52-E6C4-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 09:04 . 2012-08-17 09:087168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8278BE84-E84A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 10:02 . 2012-08-16 10:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7F784023-E789-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 20:13 . 2012-08-14 20:145120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7F4401CC-E64C-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 05:00 . 2012-08-23 05:044608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7EAACF18-ECDF-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-13 07:57 . 2012-08-13 07:594608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7E674B5E-E51C-11E1-84A5-64315024E3AB}.dat
+ 2012-08-19 22:44 . 2012-08-19 22:455120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7D2B1804-EA4F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-12 23:07 . 2012-08-12 23:073584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7C77CA5C-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-14 17:00 . 2012-08-14 17:005120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7B57E3A1-E631-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 20:13 . 2012-08-14 20:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7B35C5EA-E64C-11E1-8084-64315024E3AB}.dat
+ 2012-08-20 01:22 . 2012-08-20 01:225120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7A6B238B-EA65-11E1-B291-64315024E3AB}.dat
+ 2012-08-15 15:04 . 2012-08-15 15:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{79E41CFF-E6EA-11E1-8084-64315024E3AB}.dat
+ 2012-08-12 21:55 . 2012-08-12 21:565120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{78194821-E4C8-11E1-83B5-64315024E3AB}.dat
+ 2012-08-23 10:36 . 2012-08-23 10:375120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{75729A06-ED0E-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-21 02:03 . 2012-08-21 02:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{746D75A3-EB34-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-22 09:19 . 2012-08-22 09:194608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{73BB1115-EC3A-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-21 23:53 . 2012-08-21 23:545120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{73471294-EBEB-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-21 05:02 . 2012-08-21 05:095120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{704769B2-EB4D-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-12 22:38 . 2012-08-12 22:384608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6EFDEE40-E4CE-11E1-AA63-64315024E3AB}.dat
+ 2012-08-13 18:55 . 2012-08-13 18:555120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6D2E6070-E578-11E1-84A5-64315024E3AB}.dat
+ 2012-08-23 19:55 . 2012-08-23 19:555120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6B4B93FC-ED5C-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-23 01:18 . 2012-08-23 01:185120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{69B0D051-ECC0-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-21 11:07 . 2012-08-21 11:145632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{68088BC9-EB80-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-20 06:22 . 2012-08-20 06:265120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{62D945FC-EA8F-11E1-B291-64315024E3AB}.dat
+ 2012-08-14 12:41 . 2012-08-14 12:415120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{61331522-E60D-11E1-84A5-64315024E3AB}.dat
+ 2012-08-22 14:40 . 2012-08-22 14:415120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{60A152C8-EC67-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-10 19:12 . 2012-08-10 19:174608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5F63B26C-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-18 00:05 . 2012-08-18 00:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5ECCFD98-E8C8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 20:17 . 2012-08-16 20:173584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5E99B36C-E7DF-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 02:03 . 2012-08-21 02:034608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5D3D2EF0-EB34-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-14 05:53 . 2012-08-14 05:575632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5C5E6BE2-E5D4-11E1-84A5-64315024E3AB}.dat
+ 2012-08-21 04:04 . 2012-08-21 04:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5BAD2352-EB45-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-13 07:06 . 2012-08-13 07:124608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5B5DD4A6-E515-11E1-84A5-64315024E3AB}.dat
+ 2012-08-21 17:33 . 2012-08-21 17:335120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5ACF15D5-EBB6-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-15 07:32 . 2012-08-15 07:344608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5A6CEF7C-E6AB-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 07:27 . 2012-08-19 07:274608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{59D59467-E9CF-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 04:02 . 2012-08-17 04:025120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{58A11C41-E820-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 15:12 . 2012-08-13 15:124608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5370EC57-E559-11E1-84A5-64315024E3AB}.dat
+ 2012-08-17 05:35 . 2012-08-17 05:354608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5367728B-E82D-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 19:11 . 2012-08-17 19:114608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{523C7974-E89F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-11 00:48 . 2012-08-11 00:495120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5234A066-E34E-11E1-83B5-64315024E3AB}.dat
+ 2012-08-11 23:43 . 2012-08-11 23:435120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{506E015A-E40E-11E1-83B5-64315024E3AB}.dat
+ 2012-08-19 16:52 . 2012-08-19 16:535120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{50699A5F-EA1E-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-11 22:31 . 2012-08-11 22:313584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4F824929-E404-11E1-83B5-64315024E3AB}.dat
+ 2012-08-16 21:21 . 2012-08-16 21:215120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4F3F5CCE-E7E8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 21:21 . 2012-08-16 21:225120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4F0253C8-E7E8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 07:03 . 2012-08-21 07:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4E732F57-EB5E-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-11 04:52 . 2012-08-11 04:524608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{49EEB600-E370-11E1-83B5-64315024E3AB}.dat
+ 2012-08-15 09:33 . 2012-08-15 09:345120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4974A3A7-E6BC-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 02:05 . 2012-08-19 02:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{485E00EE-E9A2-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-15 13:15 . 2012-08-15 13:165120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4832E999-E6DB-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 04:56 . 2012-08-13 04:575632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{465AD5AB-E503-11E1-84A5-64315024E3AB}.dat
+ 2012-08-22 06:11 . 2012-08-22 06:175120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{422E0014-EC20-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-15 09:33 . 2012-08-15 09:345632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{418D51FF-E6BC-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 20:34 . 2012-08-13 20:345120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4009FD7D-E586-11E1-84A5-64315024E3AB}.dat
+ 2012-08-11 22:31 . 2012-08-11 22:313584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3F971558-E404-11E1-83B5-64315024E3AB}.dat
+ 2012-08-13 22:35 . 2012-08-13 22:365120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3F0702CD-E597-11E1-84A5-64315024E3AB}.dat
+ 2012-08-12 21:54 . 2012-08-12 21:543584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3F013A85-E4C8-11E1-83B5-64315024E3AB}.dat
+ 2012-08-13 17:13 . 2012-08-13 17:145120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3CE9E2CB-E56A-11E1-84A5-64315024E3AB}.dat
+ 2012-08-11 22:31 . 2012-08-11 22:314608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3C8A51FB-E404-11E1-83B5-64315024E3AB}.dat
+ 2012-08-20 05:45 . 2012-08-20 05:465120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{39FDF26D-EA8A-11E1-B291-64315024E3AB}.dat
+ 2012-08-18 17:57 . 2012-08-18 17:585120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{39B01376-E95E-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 12:05 . 2012-08-13 12:065120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{398BF9F2-E53F-11E1-84A5-64315024E3AB}.dat
+ 2012-08-13 03:01 . 2012-08-13 03:024608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{398B4C78-E4F3-11E1-84A5-64315024E3AB}.dat
+ 2012-08-10 20:51 . 2012-08-10 20:524608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{398B40F5-E32D-11E1-83B5-64315024E3AB}.dat
+ 2012-08-19 04:42 . 2012-08-19 04:444608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{38A2869C-E9B8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 09:04 . 2012-08-21 09:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3740E743-EB6F-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-22 09:03 . 2012-08-22 09:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{36D501BF-EC38-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-10 19:26 . 2012-08-10 19:265120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{36BFC681-E321-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-14 07:54 . 2012-08-14 07:545120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{36B79C3C-E5E5-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 05:58 . 2012-08-15 05:595120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{36217FAB-E69E-11E1-8084-64315024E3AB}.dat
+ 2012-08-22 22:03 . 2012-08-22 22:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{34EAE3A0-ECA5-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-21 04:03 . 2012-08-21 04:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{34CE350F-EB45-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-17 00:12 . 2012-08-17 00:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{340F60CE-E800-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 20:11 . 2012-08-14 20:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{33D73581-E64C-11E1-8084-64315024E3AB}.dat
+ 2012-08-15 21:28 . 2012-08-15 21:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{31A5C77B-E720-11E1-8084-64315024E3AB}.dat
+ 2012-08-24 00:11 . 2012-08-24 00:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{30A62E59-ED80-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-23 08:11 . 2012-08-23 08:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{30588ABB-ECFA-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-15 00:57 . 2012-08-15 00:585120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2CB144AB-E674-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 05:17 . 2012-08-19 05:225120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2BEDA037-E9BD-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 11:11 . 2012-08-16 11:124608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2B797EAA-E793-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-18 15:48 . 2012-08-18 15:545120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2B3E82E6-E94C-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 20:52 . 2012-08-21 20:535120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{277938F2-EBD2-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-16 03:12 . 2012-08-16 03:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{26DC8B48-E750-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 02:52 . 2012-08-14 02:535120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{26298ACA-E5BB-11E1-84A5-64315024E3AB}.dat
+ 2012-08-23 22:09 . 2012-08-23 22:095120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{24ACC165-ED6F-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-21 01:25 . 2012-08-21 01:265120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{243D1A28-EB2F-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-11 12:29 . 2012-08-11 12:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{23FBF766-E3B0-11E1-83B5-64315024E3AB}.dat
+ 2012-08-15 03:13 . 2012-08-15 03:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2362A268-E687-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 03:46 . 2012-08-23 03:475120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{22821DC2-ECD5-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-16 04:09 . 2012-08-16 04:095120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{22438250-E758-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 21:40 . 2012-08-17 21:405120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2241DE70-E8B4-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 02:52 . 2012-08-14 02:535120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{21B2F647-E5BB-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 04:59 . 2012-08-16 05:065120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{219299B8-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 01:10 . 2012-08-16 01:105120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1F893F6F-E73F-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 04:59 . 2012-08-16 05:025120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1E284547-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 09:02 . 2012-08-16 09:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1CFDCF2D-E781-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 21:44 . 2012-08-19 21:455120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1AF84192-EA47-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-12 23:04 . 2012-08-12 23:116656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1A1A94B1-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-16 15:29 . 2012-08-16 15:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{19F3A21C-E7B7-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 15:29 . 2012-08-16 15:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{19E09719-E7B7-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 03:05 . 2012-08-21 03:065120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{19A322DA-EB3D-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-22 10:49 . 2012-08-22 10:505120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1984B160-EC47-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-22 02:43 . 2012-08-22 02:435120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1850F51E-EC03-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-20 10:30 . 2012-08-20 10:315120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{16E79650-EAB2-11E1-B291-64315024E3AB}.dat
+ 2012-08-12 02:40 . 2012-08-12 02:415120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{143F339D-E427-11E1-83B5-64315024E3AB}.dat
+ 2012-08-10 19:25 . 2012-08-10 19:255120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{13F207E7-E321-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-21 04:45 . 2012-08-21 04:515120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1344E620-EB4B-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-11 08:10 . 2012-08-11 08:175120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{131B4C2E-E38C-11E1-83B5-64315024E3AB}.dat
+ 2012-08-18 02:26 . 2012-08-18 02:265120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1280EFC5-E8DC-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 13:58 . 2012-08-14 13:585120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1243F8E4-E618-11E1-84A5-64315024E3AB}.dat
+ 2012-08-20 21:57 . 2012-08-20 21:574608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1159C06D-EB12-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-21 15:15 . 2012-08-21 15:165120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{10AFAF7E-EBA3-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-21 13:56 . 2012-08-21 13:575120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0F5CB119-EB98-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-16 13:27 . 2012-08-16 13:275120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0F116272-E7A6-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 20:10 . 2012-08-14 20:105120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0E568282-E64C-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 08:01 . 2012-08-13 08:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0E4D5878-E51D-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 04:53 . 2012-08-14 04:545120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0E4502E7-E5CC-11E1-84A5-64315024E3AB}.dat
+ 2012-08-22 20:36 . 2012-08-22 20:365120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0D657772-EC99-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-14 00:50 . 2012-08-14 00:515120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{093176AF-E5AA-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 07:22 . 2012-08-15 07:265120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{039D2A91-E6AA-11E1-8084-64315024E3AB}.dat
+ 2012-08-11 07:05 . 2012-08-11 07:107168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FF68AE8C-E382-11E1-83B5-64315024E3AB}.dat
+ 2012-08-18 20:04 . 2012-08-18 20:056144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FC049B81-E96F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-20 07:02 . 2012-08-20 07:024096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FA0C1D82-EA94-11E1-B291-64315024E3AB}.dat
+ 2012-08-19 07:10 . 2012-08-19 07:105632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F9668CBB-E9CC-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 19:09 . 2012-08-10 19:157168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F8E0E063-E31E-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-22 07:07 . 2012-08-22 07:106144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F7BC2A55-EC27-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-16 06:38 . 2012-08-16 06:396144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F6EDE424-E76C-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 23:45 . 2012-08-19 23:456144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F59816AA-EA57-11E1-B291-64315024E3AB}.dat
+ 2012-08-17 03:02 . 2012-08-17 03:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F53A4D2E-E817-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 03:02 . 2012-08-17 03:025120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F5201E0A-E817-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-19 11:06 . 2012-08-19 11:076656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F51A7728-E9ED-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-11 14:29 . 2012-08-11 14:305120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F5060DA5-E3C0-11E1-83B5-64315024E3AB}.dat
+ 2012-08-21 11:11 . 2012-08-21 11:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F3DF0805-EB80-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-12 23:10 . 2012-08-12 23:116656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F0D33F20-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-12 23:10 . 2012-08-12 23:105632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F0D33F1F-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-10 19:09 . 2012-08-10 19:098192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F06DAAB8-E31E-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-10 19:09 . 2012-08-10 19:157168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F06DAAB6-E31E-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-19 23:45 . 2012-08-19 23:465120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EF7D697D-EA57-11E1-B291-64315024E3AB}.dat

+ 2012-08-15 16:04 . 2012-08-15 16:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EF36DB6D-E6F2-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 18:05 . 2012-08-16 18:054096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EE973284-E7CC-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-23 00:17 . 2012-08-23 00:186144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EDA1B09A-ECB7-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-17 09:07 . 2012-08-17 09:087680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ECB713D1-E84A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 09:07 . 2012-08-17 09:089216 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ECB713D0-E84A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 22:30 . 2012-08-10 22:304608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EBFCAF35-E33A-11E1-83B5-64315024E3AB}.dat
+ 2012-08-13 07:10 . 2012-08-13 07:105632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EA4C2F62-E515-11E1-84A5-64315024E3AB}.dat
+ 2012-08-19 23:45 . 2012-08-19 23:456144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E99A9563-EA57-11E1-B291-64315024E3AB}.dat
+ 2012-08-23 18:54 . 2012-08-23 18:546656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E8791CAB-ED53-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-16 05:04 . 2012-08-16 05:044096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E7FD1206-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 05:04 . 2012-08-16 05:044096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E7FD1204-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-10 19:16 . 2012-08-10 19:165632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E782EAA7-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-21 11:11 . 2012-08-21 11:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E2E8BDF0-EB80-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-14 12:16 . 2012-08-14 12:176144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E232719E-E609-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 22:08 . 2012-08-16 22:085632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E1612DEE-E7EE-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 06:36 . 2012-08-17 06:364608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E086684E-E835-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-12 23:10 . 2012-08-12 23:104096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E07232F6-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-11 07:05 . 2012-08-11 07:056656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DE97C5B0-E382-11E1-83B5-64315024E3AB}.dat
+ 2012-08-21 07:07 . 2012-08-21 07:074608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DDE2DA7C-EB5E-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-15 07:14 . 2012-08-15 07:146144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DBB63F25-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-15 07:14 . 2012-08-15 07:146656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DBB63F1E-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 04:07 . 2012-08-16 04:074608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D906B42A-E757-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 08:03 . 2012-08-16 08:067168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D70109E3-E778-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 02:18 . 2012-08-23 02:195632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D6AC76C7-ECC8-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-11 22:35 . 2012-08-11 22:354608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D6444551-E404-11E1-83B5-64315024E3AB}.dat
+ 2012-08-22 05:40 . 2012-08-22 05:404608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D58B7889-EC1B-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-21 06:02 . 2012-08-21 06:036656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D4B824AA-EB55-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-15 07:14 . 2012-08-15 07:146656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D49CD222-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-10 19:08 . 2012-08-10 19:156144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D44CAB54-E31E-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-12 23:09 . 2012-08-12 23:116656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D402ACDD-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-19 17:53 . 2012-08-19 17:546656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D3DF2DBF-EA26-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-22 05:40 . 2012-08-22 05:404608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D3894F53-EC1B-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-17 12:05 . 2012-08-17 12:054608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D2EFFE29-E863-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 09:06 . 2012-08-17 09:089216 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D2BFF7FE-E84A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 09:06 . 2012-08-17 09:087680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D2BFF7FD-E84A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 18:40 . 2012-08-10 18:406144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D220F8DF-E31A-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-16 05:04 . 2012-08-16 05:044096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D103DD9F-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-21 11:10 . 2012-08-21 11:105120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D048BA3E-EB80-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-14 23:57 . 2012-08-14 23:585120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C906DB63-E66B-11E1-8084-64315024E3AB}.dat
+ 2012-08-18 01:05 . 2012-08-18 01:065632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C743650B-E8D0-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-20 15:14 . 2012-08-20 15:147680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C6CBABF1-EAD9-11E1-B291-64315024E3AB}.dat
+ 2012-08-13 18:14 . 2012-08-13 18:155120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C5FDCFAE-E572-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 19:02 . 2012-08-15 19:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C5EA8F64-E70B-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 09:03 . 2012-08-19 09:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C547E62D-E9DC-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-15 08:32 . 2012-08-15 08:335120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C3738092-E6B3-11E1-8084-64315024E3AB}.dat
+ 2012-08-20 23:35 . 2012-08-20 23:357680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C3648E6D-EB1F-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-12 03:42 . 2012-08-12 03:435120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BF5F0DDD-E42F-11E1-83B5-64315024E3AB}.dat
+ 2012-08-14 05:56 . 2012-08-14 05:567680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BDCCC827-E5D4-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 05:56 . 2012-08-14 05:567680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BDCCC826-E5D4-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 02:11 . 2012-08-16 02:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BB2B54E1-E747-11E1-8084-64315024E3AB}.dat
+ 2012-08-15 07:13 . 2012-08-15 07:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BA20CCEB-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 07:11 . 2012-08-17 07:114608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B989C83F-E83A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 16:12 . 2012-08-13 16:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B91F4738-E561-11E1-84A5-64315024E3AB}.dat
+ 2012-08-20 06:53 . 2012-08-20 06:538704 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B91BF010-EA93-11E1-B291-64315024E3AB}.dat
+ 2012-08-14 04:58 . 2012-08-14 04:584608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B79D718E-E5CC-11E1-84A5-64315024E3AB}.dat
+ 2012-08-11 11:28 . 2012-08-11 11:283584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B698D8E0-E3A7-11E1-83B5-64315024E3AB}.dat
+ 2012-08-11 11:28 . 2012-08-11 11:284096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B698D8DB-E3A7-11E1-83B5-64315024E3AB}.dat
+ 2012-08-19 13:56 . 2012-08-19 13:575632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B6270550-EA05-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 04:06 . 2012-08-16 04:064608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B59F4692-E757-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 01:52 . 2012-08-14 01:535120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B524E97C-E5B2-11E1-84A5-64315024E3AB}.dat
+ 2012-08-13 09:03 . 2012-08-13 09:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B4FD4725-E525-11E1-84A5-64315024E3AB}.dat
+ 2012-08-20 09:30 . 2012-08-20 09:316656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B4C38EB5-EAA9-11E1-B291-64315024E3AB}.dat
+ 2012-08-15 14:37 . 2012-08-15 14:375120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B347366E-E6E6-11E1-8084-64315024E3AB}.dat
+ 2012-08-11 07:11 . 2012-08-11 07:116144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B0F7D424-E383-11E1-83B5-64315024E3AB}.dat
+ 2012-08-15 07:13 . 2012-08-15 07:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B0ED038D-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-11 11:28 . 2012-08-11 11:288192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B0635CA7-E3A7-11E1-83B5-64315024E3AB}.dat
+ 2012-08-13 18:14 . 2012-08-13 18:145120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B05F7054-E572-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 05:03 . 2012-08-16 05:034096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AF20ECF9-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 09:05 . 2012-08-17 09:058704 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AE262D44-E84A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 09:05 . 2012-08-17 09:087168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AE262D43-E84A-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 01:52 . 2012-08-14 01:535120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ADF4E1C9-E5B2-11E1-84A5-64315024E3AB}.dat
+ 2012-08-23 23:10 . 2012-08-23 23:106656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ADDEFAD2-ED77-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-15 02:12 . 2012-08-15 02:124608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AD05DDF9-E67E-11E1-8084-64315024E3AB}.dat
+ 2012-08-20 03:18 . 2012-08-20 03:186656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ACE75F8B-EA75-11E1-B291-64315024E3AB}.dat
+ 2012-08-18 20:09 . 2012-08-18 20:095632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AB00F5FC-E970-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 21:34 . 2012-08-13 21:355120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AABB3CB7-E58E-11E1-84A5-64315024E3AB}.dat
+ 2012-08-12 01:40 . 2012-08-12 01:405120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A9976AEA-E41E-11E1-83B5-64315024E3AB}.dat
+ 2012-08-11 16:29 . 2012-08-11 16:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A7B32D09-E3D1-11E1-83B5-64315024E3AB}.dat
+ 2012-08-13 23:36 . 2012-08-13 23:365120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A7496528-E59F-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 22:29 . 2012-08-15 22:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A655CBBB-E728-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 21:34 . 2012-08-13 21:354608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A620F390-E58E-11E1-84A5-64315024E3AB}.dat
+ 2012-08-10 19:14 . 2012-08-10 19:145632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A5FFEF99-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-10 19:14 . 2012-08-10 19:147168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A5FFEF98-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-10 19:14 . 2012-08-10 19:145632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A5FFEF96-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-16 05:02 . 2012-08-16 05:024096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A5BD5BA1-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-15 06:58 . 2012-08-15 06:595120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A5324002-E6A6-11E1-8084-64315024E3AB}.dat
+ 2012-08-12 03:41 . 2012-08-12 03:414608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A49298EA-E42F-11E1-83B5-64315024E3AB}.dat
+ 2012-08-14 07:07 . 2012-08-14 07:075120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A4719945-E5DE-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 19:01 . 2012-08-15 19:025120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A2A36A9C-E70B-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 21:16 . 2012-08-16 21:164608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9CB79040-E7E7-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 10:47 . 2012-08-21 10:485120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9B0C30FC-EB7D-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-12 22:25 . 2012-08-12 22:256144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9AFD112F-E4CC-11E1-AA63-64315024E3AB}.dat
+ 2012-08-12 22:25 . 2012-08-12 22:259728 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9AFD112E-E4CC-11E1-AA63-64315024E3AB}.dat
+ 2012-08-16 02:10 . 2012-08-16 02:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9A4B0794-E747-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 14:28 . 2012-08-16 14:286144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{985D2CA9-E7AE-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 02:04 . 2012-08-21 02:056144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{97BCAB8A-EB34-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-23 16:42 . 2012-08-23 16:436144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9765CF15-ED41-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-16 14:28 . 2012-08-16 14:285120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{965FC62E-E7AE-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 11:08 . 2012-08-21 11:147168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{96559FF2-EB80-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-23 06:05 . 2012-08-23 06:066656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{953B0E89-ECE8-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-10 19:14 . 2012-08-10 19:147168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{95187FE9-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-21 02:04 . 2012-08-21 02:046656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{94E1E515-EB34-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-14 19:09 . 2012-08-14 19:096144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{942DDE81-E643-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 22:37 . 2012-08-14 22:374608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{93B059E9-E660-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 02:02 . 2012-08-17 02:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9326D93D-E80F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 02:02 . 2012-08-17 02:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{930CAA19-E80F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-18 20:09 . 2012-08-18 20:095632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{92D32F2A-E970-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-11 13:29 . 2012-08-11 13:305120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{92C57585-E3B8-11E1-83B5-64315024E3AB}.dat
+ 2012-08-15 01:57 . 2012-08-15 01:585120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9097305B-E67C-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 00:05 . 2012-08-13 00:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8EDC3B5A-E4DA-11E1-AA63-64315024E3AB}.dat
+ 2012-08-15 07:12 . 2012-08-15 07:126144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8DC5C7E7-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 15:31 . 2012-08-23 15:315120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8B303989-ED37-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-14 05:54 . 2012-08-14 05:547680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8B0FF482-E5D4-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 05:54 . 2012-08-14 05:547680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8B0FF480-E5D4-11E1-84A5-64315024E3AB}.dat
+ 2012-08-10 19:13 . 2012-08-10 19:147168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{896CF68A-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-15 04:13 . 2012-08-15 04:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{884811E1-E68F-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 19:09 . 2012-08-14 19:096144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{882F2F66-E643-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 00:05 . 2012-08-13 00:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{87AE9507-E4DA-11E1-AA63-64315024E3AB}.dat
+ 2012-08-14 14:58 . 2012-08-14 14:595120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{85413DEE-E620-11E1-84A5-64315024E3AB}.dat
+ 2012-08-12 23:57 . 2012-08-13 00:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{833782C3-E4D9-11E1-AA63-64315024E3AB}.dat
+ 2012-08-15 10:32 . 2012-08-15 10:324608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8300DB53-E6C4-11E1-8084-64315024E3AB}.dat
+ 2012-08-10 19:13 . 2012-08-10 19:147168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{81D13847-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-16 10:02 . 2012-08-16 10:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7F784024-E789-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 20:13 . 2012-08-14 20:145120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7F4401CD-E64C-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 22:44 . 2012-08-19 22:457168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7D2B1805-EA4F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-12 23:07 . 2012-08-12 23:074608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7C77CA5D-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-14 17:00 . 2012-08-14 17:005120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7B57E3A2-E631-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 20:13 . 2012-08-14 20:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7B35C5EB-E64C-11E1-8084-64315024E3AB}.dat
+ 2012-08-22 09:19 . 2012-08-22 09:195120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7B1D8AFB-EC3A-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-20 01:22 . 2012-08-20 01:226656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7A6B238D-EA65-11E1-B291-64315024E3AB}.dat
+ 2012-08-15 15:04 . 2012-08-15 15:044608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{79E41D00-E6EA-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 05:01 . 2012-08-16 05:015120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7949B748-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 10:36 . 2012-08-23 10:376656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{75729A07-ED0E-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-21 23:53 . 2012-08-21 23:546656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{73471295-EBEB-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-10 19:13 . 2012-08-10 19:137168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{731ECC2E-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-13 04:57 . 2012-08-13 04:574608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{70A5AD15-E503-11E1-84A5-64315024E3AB}.dat
+ 2012-08-12 22:38 . 2012-08-12 22:384096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6EFDEE41-E4CE-11E1-AA63-64315024E3AB}.dat
+ 2012-08-13 18:55 . 2012-08-13 18:554096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6D2E6071-E578-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 08:07 . 2012-08-16 08:075120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6B664DFC-E779-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 19:55 . 2012-08-23 19:556656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6B4B93FD-ED5C-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-23 01:18 . 2012-08-23 01:186656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{69B0D052-ECC0-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-10 19:13 . 2012-08-10 19:137168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{678C496E-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-10 19:13 . 2012-08-10 19:136144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{678C496D-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-15 07:11 . 2012-08-15 07:116144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{65BE009A-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 12:41 . 2012-08-14 12:414608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{61331523-E60D-11E1-84A5-64315024E3AB}.dat
+ 2012-08-22 14:40 . 2012-08-22 14:415632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{60A152C9-EC67-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-17 05:49 . 2012-08-17 05:506656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6026325B-E82F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 19:12 . 2012-08-10 19:175120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5F63B26D-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-18 00:05 . 2012-08-18 00:055120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5ECCFD99-E8C8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 20:17 . 2012-08-16 20:174608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E99B36D-E7DF-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-15 09:34 . 2012-08-15 09:344096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E275AC0-E6BC-11E1-8084-64315024E3AB}.dat
+ 2012-08-21 02:03 . 2012-08-21 02:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5D3D2EF2-EB34-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-21 02:03 . 2012-08-21 02:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5D3D2EF1-EB34-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-13 15:12 . 2012-08-13 15:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5B7D4A65-E559-11E1-84A5-64315024E3AB}.dat
+ 2012-08-21 17:33 . 2012-08-21 17:337168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5ACF15D6-EBB6-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-17 04:02 . 2012-08-17 04:024608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{58A11C42-E820-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-20 04:48 . 2012-08-20 04:484096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5652FA5E-EA82-11E1-B291-64315024E3AB}.dat
+ 2012-08-20 07:04 . 2012-08-20 07:077168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{56315659-EA95-11E1-B291-64315024E3AB}.dat
+ 2012-08-13 15:12 . 2012-08-13 15:139216 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5370EC58-E559-11E1-84A5-64315024E3AB}.dat
+ 2012-08-21 11:14 . 2012-08-21 11:145632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{524AD9DE-EB81-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-17 19:11 . 2012-08-17 19:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{523C7976-E89F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-11 00:48 . 2012-08-11 00:495120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5234A067-E34E-11E1-83B5-64315024E3AB}.dat
+ 2012-08-12 23:06 . 2012-08-12 23:066144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{508A6A35-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-12 23:06 . 2012-08-12 23:066144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{508A6A34-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-11 23:43 . 2012-08-11 23:435120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{506E015B-E40E-11E1-83B5-64315024E3AB}.dat
+ 2012-08-19 16:52 . 2012-08-19 16:534096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{50699A60-EA1E-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-11 22:31 . 2012-08-11 22:323584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4F82492A-E404-11E1-83B5-64315024E3AB}.dat
+ 2012-08-16 21:21 . 2012-08-16 21:215120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4F3F5CCF-E7E8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 21:21 . 2012-08-16 21:215120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4F0253C9-E7E8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 07:03 . 2012-08-21 07:045632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4E732F58-EB5E-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-11 22:31 . 2012-08-11 22:314608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4BFC1F9F-E404-11E1-83B5-64315024E3AB}.dat
+ 2012-08-13 07:12 . 2012-08-13 07:137168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4B968F7C-E516-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 07:10 . 2012-08-15 07:108192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4B095E5F-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-15 09:33 . 2012-08-15 09:345120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4974A3A8-E6BC-11E1-8084-64315024E3AB}.dat
+ 2012-08-19 02:05 . 2012-08-19 02:056656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{485E00EF-E9A2-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-18 17:58 . 2012-08-18 17:583584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4849C094-E95E-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 19:12 . 2012-08-10 19:126144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4836BD89-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-15 13:15 . 2012-08-15 13:165120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4832E99A-E6DB-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 08:06 . 2012-08-16 08:068192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{478D4BF0-E779-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 08:06 . 2012-08-16 08:066656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{478D4BEC-E779-11E1-8084-64315024E3AB}.dat
+ 2012-08-22 07:09 . 2012-08-22 07:095632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{441AD1D4-EC28-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-20 07:04 . 2012-08-20 07:089728 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{41C8BBF9-EA95-11E1-B291-64315024E3AB}.dat
+ 2012-08-13 03:02 . 2012-08-13 03:024608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{419D76E1-E4F3-11E1-84A5-64315024E3AB}.dat
+ 2012-08-10 19:12 . 2012-08-10 19:126144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{40626243-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-10 19:11 . 2012-08-10 19:126144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{40626242-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-10 19:11 . 2012-08-10 19:126144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{40626240-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-13 20:34 . 2012-08-13 20:345120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4009FD7E-E586-11E1-84A5-64315024E3AB}.dat
+ 2012-08-13 22:35 . 2012-08-13 22:365120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3F0702CE-E597-11E1-84A5-64315024E3AB}.dat
+ 2012-08-12 21:54 . 2012-08-12 21:544608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3F013A86-E4C8-11E1-83B5-64315024E3AB}.dat
+ 2012-08-21 11:13 . 2012-08-21 11:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3E7F1E0A-EB81-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-13 17:13 . 2012-08-13 17:145120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3CE9E2CC-E56A-11E1-84A5-64315024E3AB}.dat
+ 2012-08-12 23:05 . 2012-08-12 23:056656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3AF74D8C-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-20 05:45 . 2012-08-20 05:466656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{39FDF26E-EA8A-11E1-B291-64315024E3AB}.dat
+ 2012-08-13 12:05 . 2012-08-13 12:065120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{398BF9F3-E53F-11E1-84A5-64315024E3AB}.dat
+ 2012-08-13 03:01 . 2012-08-13 03:014096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{398B4C79-E4F3-11E1-84A5-64315024E3AB}.dat
+ 2012-08-10 20:52 . 2012-08-10 20:526144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{398B40F7-E32D-11E1-83B5-64315024E3AB}.dat
+ 2012-08-10 20:51 . 2012-08-10 20:528704 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{398B40F6-E32D-11E1-83B5-64315024E3AB}.dat
+ 2012-08-16 11:12 . 2012-08-16 11:124608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3781B347-E793-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-22 09:03 . 2012-08-22 09:045632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{36D501C0-EC38-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-15 07:09 . 2012-08-15 07:147168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{36D198B7-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-10 19:26 . 2012-08-10 19:264608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{36BFC682-E321-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-14 07:54 . 2012-08-14 07:544608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{36B79C3D-E5E5-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 08:06 . 2012-08-16 08:066656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{36A42168-E779-11E1-8084-64315024E3AB}.dat
+ 2012-08-15 05:58 . 2012-08-15 05:595120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{36217FAC-E69E-11E1-8084-64315024E3AB}.dat
+ 2012-08-22 22:03 . 2012-08-22 22:045120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{34EAE3A1-ECA5-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-17 00:12 . 2012-08-17 00:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{340F60CF-E800-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 20:11 . 2012-08-14 20:115120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{33D73582-E64C-11E1-8084-64315024E3AB}.dat
+ 2012-08-15 21:28 . 2012-08-15 21:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{31A5C77C-E720-11E1-8084-64315024E3AB}.dat
+ 2012-08-24 00:11 . 2012-08-24 00:116656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{30A62E5A-ED80-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-23 08:11 . 2012-08-23 08:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{30588ABC-ECFA-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-13 07:12 . 2012-08-13 07:126656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2D5CB0F0-E516-11E1-84A5-64315024E3AB}.dat
+ 2012-08-13 07:12 . 2012-08-13 07:125632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2D5CB0EF-E516-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 00:57 . 2012-08-15 00:585120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2CB144AC-E674-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 11:11 . 2012-08-16 11:126144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2B797EAB-E793-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 20:52 . 2012-08-21 20:536656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{277938F3-EBD2-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-16 03:12 . 2012-08-16 03:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{26DC8B49-E750-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 02:52 . 2012-08-14 02:535120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{26298ACB-E5BB-11E1-84A5-64315024E3AB}.dat
+ 2012-08-23 22:09 . 2012-08-23 22:096656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{24ACC166-ED6F-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-21 01:25 . 2012-08-21 01:266144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{243D1A29-EB2F-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-11 12:29 . 2012-08-11 12:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{23FBF767-E3B0-11E1-83B5-64315024E3AB}.dat
+ 2012-08-15 03:13 . 2012-08-15 03:135120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2362A269-E687-11E1-8084-64315024E3AB}.dat
+ 2012-08-23 03:46 . 2012-08-23 03:476656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{22821DC3-ECD5-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-16 04:09 . 2012-08-16 04:093584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{22438251-E758-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 21:40 . 2012-08-17 21:405120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2241DE71-E8B4-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 02:52 . 2012-08-14 02:534608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{21B2F648-E5BB-11E1-84A5-64315024E3AB}.dat
+ 2012-08-16 01:10 . 2012-08-16 01:105120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1F893F70-E73F-11E1-8084-64315024E3AB}.dat
+ 2012-08-13 07:11 . 2012-08-13 07:116656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1EECCD11-E516-11E1-84A5-64315024E3AB}.dat

+ 2012-08-16 09:02 . 2012-08-16 09:035120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1CFDCF2E-E781-11E1-8084-64315024E3AB}.dat
+ 2012-08-20 07:03 . 2012-08-20 07:077680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1C021DEF-EA95-11E1-B291-64315024E3AB}.dat
+ 2012-08-19 07:11 . 2012-08-19 07:115632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1B7995E5-E9CD-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-19 21:44 . 2012-08-19 21:456656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1AF84193-EA47-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 11:12 . 2012-08-21 11:125632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1AE0DF98-EB81-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-21 11:12 . 2012-08-21 11:125120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1AE0DF97-EB81-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-10 19:10 . 2012-08-10 19:156144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1AB505BB-E31F-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-20 21:57 . 2012-08-20 21:584608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1A7DA915-EB12-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-12 23:04 . 2012-08-12 23:117680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1A1A94B4-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-16 15:29 . 2012-08-16 15:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{19F3A21D-E7B7-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-22 06:17 . 2012-08-22 06:177680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{19EE3632-EC21-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-16 15:29 . 2012-08-16 15:295120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{19E0971A-E7B7-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-21 03:05 . 2012-08-21 03:065120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{19A322DB-EB3D-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-22 10:49 . 2012-08-22 10:506656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1984B161-EC47-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-22 02:43 . 2012-08-22 02:436144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1850F51F-EC03-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-17 09:08 . 2012-08-17 09:088192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1841E986-E84B-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 07:11 . 2012-08-13 07:137168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{181A2E1E-E516-11E1-84A5-64315024E3AB}.dat
+ 2012-08-20 10:30 . 2012-08-20 10:315120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{16E79651-EAB2-11E1-B291-64315024E3AB}.dat
+ 2012-08-12 02:40 . 2012-08-12 02:415120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{143F339E-E427-11E1-83B5-64315024E3AB}.dat
+ 2012-08-23 05:04 . 2012-08-23 05:058192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{141ADCDA-ECE0-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-10 19:25 . 2012-08-10 19:254608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{13F207E8-E321-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-18 02:26 . 2012-08-18 02:266656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1280EFC6-E8DC-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 08:04 . 2012-08-16 08:055632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1276BC8D-E779-11E1-8084-64315024E3AB}.dat
+ 2012-08-14 13:58 . 2012-08-14 13:585120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1243F8E5-E618-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 07:08 . 2012-08-15 07:147680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1177A700-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-20 21:57 . 2012-08-20 21:586656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1159C06E-EB12-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-21 15:15 . 2012-08-21 15:166656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{10AFAF7F-EBA3-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-21 13:56 . 2012-08-21 13:575120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0F5CB11A-EB98-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-16 13:27 . 2012-08-16 13:275120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0F116273-E7A6-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 20:10 . 2012-08-14 20:105120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0E568283-E64C-11E1-8084-64315024E3AB}.dat
+ 2012-08-17 09:08 . 2012-08-17 09:087680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0E4C05CF-E84B-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-14 04:53 . 2012-08-14 04:545120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0E4502E8-E5CC-11E1-84A5-64315024E3AB}.dat
+ 2012-08-22 20:36 . 2012-08-22 20:364608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0D657773-EC99-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-12 23:11 . 2012-08-12 23:115632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0BEB79BF-E4D3-11E1-AA63-64315024E3AB}.dat
+ 2012-08-12 23:11 . 2012-08-12 23:115632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0BEB79BE-E4D3-11E1-AA63-64315024E3AB}.dat
+ 2012-08-14 05:01 . 2012-08-14 05:015632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0B910F75-E5CD-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 00:50 . 2012-08-14 00:515120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{093176B0-E5AA-11E1-84A5-64315024E3AB}.dat
+ 2012-08-10 19:17 . 2012-08-10 19:175632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{087CE305-E320-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-18 20:05 . 2012-08-18 20:106144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{062C0740-E970-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-12 23:11 . 2012-08-12 23:119216 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{051DE3F0-E4D3-11E1-AA63-64315024E3AB}.dat
+ 2012-08-24 03:42 . 2012-08-24 03:422048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-10 00:13 . 2012-08-10 00:132048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-24 03:42 . 2012-08-24 03:422048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-10 00:13 . 2012-08-10 00:132048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-15 18:37 . 2012-06-02 08:23231936 c:\windows\SysWOW64\url.dll
+ 2012-08-16 10:04 . 2012-06-29 00:07231936 c:\windows\SysWOW64\url.dll
+ 2012-08-16 10:04 . 2012-06-29 00:04717824 c:\windows\SysWOW64\jscript.dll
+ 2012-08-16 10:04 . 2012-06-29 00:04142848 c:\windows\SysWOW64\ieUnatt.exe
- 2012-07-15 18:37 . 2012-06-02 08:20142848 c:\windows\SysWOW64\ieUnatt.exe
+ 2012-08-16 10:04 . 2012-06-28 23:57176640 c:\windows\SysWOW64\ieui.dll
- 2012-07-15 18:37 . 2012-06-02 08:14176640 c:\windows\SysWOW64\ieui.dll
- 2012-07-04 18:33 . 2012-08-09 23:09262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2012-07-04 18:33 . 2012-08-23 13:45262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2012-07-04 18:34 . 2012-07-25 08:10376832 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
+ 2012-07-04 18:34 . 2012-08-21 04:45376832 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat
+ 2009-07-14 04:54 . 2012-08-24 00:11819200 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-08-22 06:17 . 2012-08-22 06:18193024 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FEC522B7-EC20-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-20 06:26 . 2012-08-20 06:26170496 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ECB3EBDA-EA8F-11E1-B291-64315024E3AB}.dat
+ 2012-08-15 07:14 . 2012-08-15 07:14218624 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DBB63F23-E6A8-11E1-8084-64315024E3AB}.dat
+ 2012-08-18 20:03 . 2012-08-18 20:10210944 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D55BB181-E96F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 00:07 . 2012-08-13 00:14183296 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D0F18F06-E4DA-11E1-AA63-64315024E3AB}.dat
+ 2012-08-13 01:03 . 2012-08-13 01:09123392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B60A283D-E4E2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-10 19:07 . 2012-08-10 19:15237056 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B1E2E689-E31E-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-11 07:11 . 2012-08-11 07:11131072 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B0F7D422-E383-11E1-83B5-64315024E3AB}.dat
+ 2012-08-20 07:07 . 2012-08-20 07:08182784 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AF18AA4C-EA95-11E1-B291-64315024E3AB}.dat
+ 2012-08-11 07:25 . 2012-08-11 07:31156672 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AE887BEA-E385-11E1-83B5-64315024E3AB}.dat
+ 2012-08-16 05:02 . 2012-08-16 05:03182272 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A5BD5B9F-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-18 15:44 . 2012-08-18 15:48166400 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9B1039CA-E94B-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-13 08:05 . 2012-08-13 08:05321024 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9995EC1A-E51D-11E1-84A5-64315024E3AB}.dat
+ 2012-08-17 05:01 . 2012-08-17 05:08601600 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{97DEDBFA-E828-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-10 19:42 . 2012-08-10 19:47509952 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{96996774-E323-11E1-9A2E-64315024E3AB}.dat
+ 2012-08-14 04:57 . 2012-08-14 05:04940032 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{87284518-E5CC-11E1-84A5-64315024E3AB}.dat
+ 2012-08-22 07:03 . 2012-08-22 07:10200192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{83D4DF54-EC27-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-23 05:00 . 2012-08-23 05:06760832 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7EAACF19-ECDF-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-13 07:57 . 2012-08-13 08:01218112 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7E674B5F-E51C-11E1-84A5-64315024E3AB}.dat
+ 2012-08-14 07:27 . 2012-08-14 07:27306688 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{73F091AC-E5E1-11E1-84A5-64315024E3AB}.dat
+ 2012-08-22 09:19 . 2012-08-22 09:19137728 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{73BB1116-EC3A-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-20 04:49 . 2012-08-20 04:49242688 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5D197EC9-EA82-11E1-B291-64315024E3AB}.dat
+ 2012-08-14 05:53 . 2012-08-14 05:57113664 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5C5E6BE3-E5D4-11E1-84A5-64315024E3AB}.dat
+ 2012-08-13 07:06 . 2012-08-13 07:13148992 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5B5DD4A7-E515-11E1-84A5-64315024E3AB}.dat
+ 2012-08-15 07:32 . 2012-08-15 07:38231424 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5A6CEF7D-E6AB-11E1-8084-64315024E3AB}.dat
+ 2012-08-21 05:09 . 2012-08-21 05:09231936 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{557F8DC4-EB4E-11E1-9EF8-64315024E3AB}.dat
+ 2012-08-18 17:58 . 2012-08-18 17:58147968 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5508A309-E95E-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 05:35 . 2012-08-17 05:42119808 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5367728C-E82D-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 19:11 . 2012-08-17 19:11133120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{523C7975-E89F-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-19 04:42 . 2012-08-19 04:47805376 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{38A2869D-E9B8-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-19 05:17 . 2012-08-19 05:22102912 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2BEDA038-E9BD-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-17 09:08 . 2012-08-17 09:09100864 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{250AF50F-E84B-11E1-A1DD-64315024E3AB}.dat
+ 2012-08-16 04:59 . 2012-08-16 05:06201728 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{219299B9-E75F-11E1-8084-64315024E3AB}.dat
+ 2012-08-12 23:04 . 2012-08-12 23:11229888 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1A1A94B2-E4D2-11E1-AA63-64315024E3AB}.dat
+ 2012-08-11 08:10 . 2012-08-11 08:17145920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{131B4C2F-E38C-11E1-83B5-64315024E3AB}.dat
+ 2012-08-15 07:22 . 2012-08-15 07:26120320 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{039D2A92-E6AA-11E1-8084-64315024E3AB}.dat
+ 2012-08-16 10:04 . 2012-06-29 03:47237056 c:\windows\system32\url.dll
- 2012-07-15 18:37 . 2012-06-02 12:04237056 c:\windows\system32\url.dll
- 2010-10-26 01:13 . 2011-09-05 17:05464272 c:\windows\system32\spool\drivers\x64\3\ADUIGP.DLL
+ 2011-09-05 17:05 . 2011-09-05 17:05464272 c:\windows\system32\spool\drivers\x64\3\ADUIGP.DLL
+ 2012-08-16 10:04 . 2012-06-29 03:44816640 c:\windows\system32\jscript.dll
- 2012-07-15 18:37 . 2012-06-02 12:01173056 c:\windows\system32\ieUnatt.exe
+ 2012-08-16 10:04 . 2012-06-29 03:43173056 c:\windows\system32\ieUnatt.exe
- 2012-07-15 18:37 . 2012-06-02 11:54248320 c:\windows\system32\ieui.dll
+ 2012-08-16 10:04 . 2012-06-29 03:35248320 c:\windows\system32\ieui.dll
+ 2009-07-14 05:30 . 2012-08-16 10:22143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-07-24 21:42143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-08-16 10:22143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2012-07-24 21:42143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-06-08 22:38 . 2010-11-20 13:24229376 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\fsquirt.exe
+ 2012-08-16 10:06 . 2012-07-06 20:07552960 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_de0494b6391d872c\bthport.sys
- 2009-07-14 05:31 . 2011-07-13 13:18399360 c:\windows\system32\DriverStore\drvindex.dat
+ 2009-07-14 05:31 . 2012-08-16 10:22399360 c:\windows\system32\DriverStore\drvindex.dat
+ 2012-07-04 14:59 . 2012-07-04 14:59261120 c:\windows\Installer\88568d2.msp
+ 2012-08-22 05:50 . 2012-08-22 05:50902144 c:\windows\Installer\6e4a125.msi
+ 2011-12-14 00:21 . 2012-08-22 06:03335872 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000005}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
- 2011-12-14 00:21 . 2012-04-15 20:14335872 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000005}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
- 2011-02-20 04:46 . 2012-07-15 10:06415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-02-20 04:46 . 2012-08-16 10:05415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
- 2011-02-20 04:46 . 2012-07-15 10:06303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-02-20 04:46 . 2012-08-16 10:05303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-02-20 04:46 . 2012-08-16 10:05571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2011-02-20 04:46 . 2012-07-15 10:06571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
+ 2011-02-20 04:46 . 2012-08-16 10:05326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
- 2011-02-20 04:46 . 2012-07-15 10:06326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-09-05 20:05 . 2011-09-05 20:05942464 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\jp2klib.dll
+ 2010-10-26 01:13 . 2010-10-26 01:13595344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\AXSLE.dll
+ 2012-01-03 07:37 . 2012-01-03 07:37320456 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\adobearmhelper.exe
+ 2010-10-25 22:13 . 2010-10-25 22:13932288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\adobearm.exe
+ 2011-01-07 20:38 . 2011-01-07 20:38121208 c:\windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.6029\MSCONV97.DLL
+ 2012-08-16 10:04 . 2012-06-29 00:091129472 c:\windows\SysWOW64\wininet.dll
- 2012-07-15 18:37 . 2012-06-02 08:251129472 c:\windows\SysWOW64\wininet.dll
- 2012-07-15 18:37 . 2012-06-02 08:261103872 c:\windows\SysWOW64\urlmon.dll
+ 2012-08-16 10:04 . 2012-06-29 00:091103872 c:\windows\SysWOW64\urlmon.dll
+ 2012-08-16 10:04 . 2012-06-29 00:161800704 c:\windows\SysWOW64\jscript9.dll
- 2012-07-15 18:37 . 2012-06-02 08:191793024 c:\windows\SysWOW64\iertutil.dll
+ 2012-08-16 10:04 . 2012-06-29 00:011793024 c:\windows\SysWOW64\iertutil.dll
- 2012-07-15 18:37 . 2012-06-02 08:439737728 c:\windows\SysWOW64\ieframe.dll
+ 2012-08-16 10:04 . 2012-06-29 00:279737728 c:\windows\SysWOW64\ieframe.dll
+ 2009-07-14 04:54 . 2012-08-24 00:119437184 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-08-16 10:04 . 2012-06-29 03:491392128 c:\windows\system32\wininet.dll
- 2012-07-15 18:37 . 2012-06-02 12:051392128 c:\windows\system32\wininet.dll
- 2012-07-15 18:37 . 2012-06-02 12:051346048 c:\windows\system32\urlmon.dll
+ 2012-08-16 10:04 . 2012-06-29 03:491346048 c:\windows\system32\urlmon.dll
+ 2012-08-16 10:04 . 2012-06-29 03:562312704 c:\windows\system32\jscript9.dll
- 2012-07-15 18:37 . 2012-06-02 11:592144768 c:\windows\system32\iertutil.dll
+ 2012-08-16 10:04 . 2012-06-29 03:422144768 c:\windows\system32\iertutil.dll
+ 2009-07-14 04:45 . 2012-08-16 10:307113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-07-15 18:597113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 05:01 . 2012-08-24 03:412403212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-19 09:45 . 2012-07-19 09:453464704 c:\windows\Installer\885695b.msp
+ 2012-07-04 15:04 . 2012-07-04 15:041292288 c:\windows\Installer\8856944.msp
+ 2012-07-04 15:12 . 2012-07-04 15:124772352 c:\windows\Installer\8856939.msp
+ 2012-07-04 15:09 . 2012-07-04 15:091284096 c:\windows\Installer\8856921.msp
+ 2012-07-04 15:01 . 2012-07-04 15:019082368 c:\windows\Installer\885690a.msp
+ 2012-07-04 14:58 . 2012-07-04 14:586163456 c:\windows\Installer\88568ea.msp

- 2011-02-20 04:46 . 2012-07-15 10:061479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-02-20 04:46 . 2012-08-16 10:051479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-02-20 04:46 . 2012-08-16 10:051858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-02-20 04:46 . 2012-07-15 10:061858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-02-20 04:46 . 2012-08-16 10:054525408 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
- 2011-02-20 04:46 . 2012-07-15 10:064525408 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
- 2011-02-20 04:46 . 2012-07-15 10:063792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-02-20 04:46 . 2012-08-16 10:053792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-02-20 04:46 . 2012-08-16 10:051449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
- 2011-02-20 04:46 . 2012-07-15 10:061449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-06-06 22:55 . 2011-06-06 22:558293256 c:\windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\agm.dll
+ 2012-08-16 10:04 . 2012-06-29 00:5212317184 c:\windows\SysWOW64\mshtml.dll
- 2012-07-04 18:32 . 2012-08-09 23:0916187392 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat
+ 2012-07-04 18:32 . 2012-08-24 00:1116187392 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat
- 2009-07-14 04:54 . 2012-08-09 23:0916187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-24 00:1116187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 02:34 . 2012-08-16 10:2211010048 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2012-07-15 18:5311010048 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-08-16 10:04 . 2012-06-29 04:5517809920 c:\windows\system32\mshtml.dll
+ 2012-08-16 10:04 . 2012-06-29 04:0910925568 c:\windows\system32\ieframe.dll
+ 2009-07-14 04:45 . 2012-08-16 10:2916274064 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2012-07-15 18:5916274064 c:\windows\system32\FNTCACHE.DAT
+ 2011-03-08 08:26 . 2012-08-24 03:4150937328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4151112255-51104295-1799264657-1000-12288.dat
+ 2012-07-12 20:51 . 2012-08-24 03:4111102832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-07-28 01:22 . 2012-07-28 01:22105082880 c:\windows\Installer\6e4a5a5.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-03-04 06:52762000----a-r-c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-03-04 06:52762000----a-r-c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-03-04 06:52762000----a-r-c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="" [BU]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2012-07-27 1261512]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-12 102400]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-10 29984]
"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-10 46368]
"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-10-12 2215768]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-21 119152]
"Carbonite Backup"="c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe" [2011-03-04 948880]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"ScanSnap WIA Service Checker"="c:\windows\SSDriver\fi5110\SsWiaChecker.exe" [2009-09-30 86016]
"BrStsWnd"="c:\program files (x86)\Brownie\BrstsW64.exe" [2009-08-20 3695928]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe" [2012-08-01 686792]
.
c:\users\JASON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CardMinder Viewer.lnk - c:\program files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe [2011-12-18 77824]
Conversion to PDF with ScanSnap Organizer.lnk - c:\program files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe [2011-12-18 15360]
Intuit Data Protect.lnk - c:\program files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe [2011-10-13 5904216]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-12-6 1175912]
QuickBooks_Standard_21.lnk - c:\program files (x86)\Intuit\QuickBooks 2012\QBW32.EXE [2011-12-6 1178984]
ScanSnap Manager.lnk - c:\program files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe [2011-12-18 1081344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecuteREG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 136176]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-22 85560]
R2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-06-30 1248256]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 136176]
R3 JmUjk3Ai;BlackBox SR2; [x]
R3 kxhaBH20;BlackBox SR2; [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 sS43NcfQ;BlackBox SR2; [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-08 1255736]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 RsFx0151;RsFx0151 Driver;c:\windows\system32\DRIVERS\RsFx0151.sys [2011-06-18 313696]
R4 SQLAgent$SHIPWORKS;SQL Server Agent (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\SQLAGENT.EXE [2011-06-18 431456]
S0 72999610;72999610;c:\windows\system32\DRIVERS\72999610.sys [2012-08-08 460888]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-30 204288]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-05 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-05 822624]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 MSSQL$SHIPWORKS;SQL Server (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe [2011-06-18 62111072]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-06-30 9371136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-06-30 309760]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-21 36720]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 VAD_DEV;Virtual Audio Service;c:\windows\system32\drivers\vad.sys [2010-11-19 24992]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 06:05]
.
2012-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 06:05]
.
2012-08-07 c:\windows\Tasks\HPCeeScheduleForJASON.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-03-04 06:361174672----a-r-c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-03-04 06:361174672----a-r-c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-03-04 06:361174672----a-r-c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 192.168.1.254
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} - hxxps://www.icloud.com/system/iCloud.cab
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}"=hex:51,66,7a,6c,4c,1d,38,12,8a,de,68,
55,95,ad,1e,00,cd,08,68,12,b3,4d,db,d3
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{074C1DC5-9320-4A9A-947D-C042949C6216}"=hex:51,66,7a,6c,4c,1d,38,12,ab,1e,5f,
03,12,dd,f4,0f,eb,6b,83,02,91,c2,26,02
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:50,2f,7e,65,13,5a,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4a,a0,5b,18,16,25,6c,43,a7,db,61,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4a,a0,5b,18,16,25,6c,43,a7,db,61,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:42,6c,54,4f,6f,3a,72,84,69,23,97,59,00,aa,63,4c,c2,80,6b,4c,00,
27,36,2a,47,40,a3,50,34,7d,d6,fa,69,cf,0d,d6,28,87,4b,7e,87,3c,c4,c5,fb,95,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:42,6c,54,4f,6f,3a,72,84,69,23,97,59,00,aa,63,4c,c2,80,6b,4c,00,
27,36,2a,47,40,a3,50,34,7d,d6,fa,69,cf,0d,d6,28,87,4b,7e,87,3c,c4,c5,fb,95,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
c:\program files (x86)\Brownie\Brnipmon.exe
.
**************************************************************************
.
Completion time: 2012-08-23 21:22:40 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-24 04:22
ComboFix2.txt 2012-08-10 19:34
ComboFix3.txt 2012-08-10 00:50
ComboFix4.txt 2012-08-08 20:23
ComboFix5.txt 2012-08-24 00:11
.
Pre-Run: 125,596,983,296 bytes free
Post-Run: 126,509,203,456 bytes free
.
- - End Of File - - 3D2BB755A6010C94F6C51E6DC31538D0

Hi DMJ- Still have the virus. Here is the new ComboFix Log:
ComboFix 12-08-22.03 - JASON 08/25/2012 13:38:22.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.1838 [GMT -7:00]
Running from: c:\users\JASON\Desktop\ComboFix.exe
Command switches used :: c:\users\JASON\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\SysWow64\sho1C27.tmp"
"c:\windows\SysWow64\sho26C6.tmp"
"c:\windows\SysWow64\sho2CEA.tmp"
"c:\windows\SysWow64\sho61F2.tmp"
"c:\windows\SysWow64\sho8934.tmp"
"c:\windows\SysWow64\sho8F12.tmp"
"c:\windows\SysWow64\shoA071.tmp"
"c:\windows\SysWow64\shoD2A7.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\sho1C27.tmp
c:\windows\SysWow64\sho26C6.tmp
c:\windows\SysWow64\sho2CEA.tmp
c:\windows\SysWow64\sho61F2.tmp
c:\windows\SysWow64\sho8934.tmp
c:\windows\SysWow64\sho8F12.tmp
c:\windows\SysWow64\shoA071.tmp
c:\windows\SysWow64\shoD2A7.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-07-25 to 2012-08-25 )))))))))))))))))))))))))))))))
.
.
2012-08-25 20:55 . 2012-08-25 20:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-08-25 20:55 . 2012-08-25 20:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-24 23:15 . 2012-08-24 23:15 -------- d-----w- c:\programdata\{4E417984-0B3D-48F3-9FA4-E1ABB0DA51B7}
2012-08-24 23:15 . 2012-08-24 23:15 -------- d-----w- c:\programdata\{9BE3DA6A-4249-4BEC-9AE7-CA0EA247E62C}
2012-08-24 23:15 . 2012-08-24 23:15 -------- d-----w- c:\programdata\{E23E3BED-ADD9-4DF7-B375-5EC5E69FD666}
2012-08-24 23:15 . 2012-08-24 23:15 -------- d-----w- c:\programdata\{C243CCC8-5474-45FC-A546-7FBC284A692E}
2012-08-24 23:14 . 2012-08-24 23:14 -------- d-----w- c:\programdata\{F74FAF01-6ED9-4DAC-8BD2-E5F7C218B43C}
2012-08-24 23:14 . 2012-08-24 23:14 -------- d-----w- c:\programdata\{AB89557A-DCAD-4657-A970-8F9A3EFFB34D}
2012-08-24 23:14 . 2012-08-24 23:14 -------- d-----w- c:\programdata\{232FC370-3714-4F10-BC93-DA33AA1D6D22}
2012-08-22 05:52 . 2012-08-22 05:51 289768 ----a-w- c:\windows\system32\javaws.exe
2012-08-22 05:51 . 2012-08-22 05:51 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-08-22 05:51 . 2012-08-22 05:51 189416 ----a-w- c:\windows\system32\javaw.exe
2012-08-22 05:51 . 2012-08-22 05:51 188904 ----a-w- c:\windows\system32\java.exe
2012-08-22 05:51 . 2012-08-22 05:51 -------- d-----w- c:\program files\Java
2012-08-16 10:05 . 2012-08-16 10:05 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-08-15 11:24 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 11:24 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 11:24 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 11:24 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 11:24 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 11:24 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 11:24 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 11:24 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 11:24 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 11:24 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 11:24 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 11:24 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-14 18:31 . 2012-08-14 18:33 35712 ----a-w- c:\windows\SysWow64\drivers\kxhaBH20.sys
2012-08-14 18:31 . 2012-08-14 18:33 -------- d-----w- c:\program files\unhook
2012-08-14 18:19 . 2012-08-14 18:26 35712 ----a-w- c:\windows\SysWow64\drivers\JmUjk3Ai.sys
2012-08-14 18:18 . 2012-08-14 18:26 35712 ----a-w- c:\windows\SysWow64\drivers\sS43NcfQ.sys
2012-08-12 04:31 . 2012-08-08 18:11 460888 ----a-w- c:\windows\system32\drivers\72999610.sys
2012-08-11 16:53 . 2012-08-11 16:53 -------- d-----w- c:\programdata\Kaspersky Lab
2012-08-07 02:29 . 2012-08-07 02:29 -------- d-----w- c:\users\JASON\AppData\Roaming\Malwarebytes
2012-08-07 02:28 . 2012-08-07 02:28 -------- d-----w- c:\programdata\Malwarebytes
2012-08-07 02:28 . 2012-08-07 02:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-07 02:28 . 2012-07-03 20:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-22 05:51 . 2012-01-23 07:47 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-22 05:51 . 2012-01-23 07:47 1034216 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-16 10:00 . 2011-02-08 03:11 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-01 22:46 . 2012-04-05 08:41 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-01 22:46 . 2011-05-18 18:03 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-09 05:43 . 2012-07-15 06:12 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 15:49 . 2012-06-06 15:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-15 06:12 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-15 06:12 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-15 06:11 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-15 06:12 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-15 06:12 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-15 06:11 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-22 07:21 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 07:22 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 07:22 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 07:22 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 07:20 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-22 07:21 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 07:22 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-22 07:21 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 05:50 . 2012-07-15 06:12 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-15 06:12 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-15 06:12 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-15 06:12 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-15 06:12 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-15 06:12 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-15 06:12 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-15 06:12 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-15 06:12 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-20 . 58877D39A2D4E120CEE1EFF4DAD3D3FD . 857600 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
((((((((((((((((((((((((((((( SnapShot_2012-08-24_03.45.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-24 21:17 . 2012-08-24 21:17 25094 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-08-24 03:41 . 2012-08-24 03:41 25094 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-07-04 18:36 . 2012-08-24 00:11 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\index.dat
+ 2012-07-04 18:36 . 2012-08-25 19:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\index.dat
+ 2012-08-24 22:04 . 2012-08-24 22:09 62464 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B92145E3-EE37-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 04:44 . 2012-08-25 04:48 17408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8BE75A92-EE6F-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 04:29 . 2012-08-25 04:33 28160 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{82978470-EE6D-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:32 . 2012-08-24 21:33 30720 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{446E5FD2-EE33-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 05:53 . 2012-08-25 05:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2AF33E43-EE79-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 05:53 . 2012-08-25 05:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{21F1753A-EE79-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:24 . 2012-08-24 21:31 37376 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1C7F2389-EE32-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:31 . 2012-08-24 21:38 24064 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1927753A-EE33-11E1-9818-64315024E3AB}.dat
+ 2012-07-04 18:33 . 2012-08-25 07:06 81920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
- 2012-07-04 18:33 . 2012-08-23 11:02 81920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2009-07-14 05:10 . 2012-08-25 21:15 40316 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-07 03:46 . 2012-08-25 21:15 14798 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4151112255-51104295-1799264657-1000_UserData.bin
- 2011-02-07 04:31 . 2012-08-24 00:08 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-07 04:31 . 2012-08-25 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-07 04:31 . 2012-08-24 00:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-07 04:31 . 2012-08-25 20:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-25 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-24 00:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-08-22 08:03 . 2012-08-23 05:09 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{CBD0FFEF-EC2F-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-22 08:03 . 2012-08-24 22:09 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{CBD0FFEF-EC2F-11E1-BDDB-64315024E3AB}.dat
+ 2012-08-24 22:09 . 2012-08-25 19:55 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{568893EA-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 19:55 . 2012-08-25 19:55 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{C72879A0-EEEE-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:09 . 2012-08-24 22:09 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{568893EC-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:23 . 2012-08-24 21:24 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F969FBA7-EE31-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:23 . 2012-08-24 21:24 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F66B808E-EE31-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 11:56 . 2012-08-25 11:57 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{ED74150C-EEAB-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:22 . 2012-08-24 21:23 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{DC2D790B-EE31-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 05:50 . 2012-08-25 05:55 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D2004BA7-EE78-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 13:56 . 2012-08-25 13:57 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B20F746E-EEBC-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 19:54 . 2012-08-25 19:55 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AEDF583B-EEEE-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 05:42 . 2012-08-25 05:43 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AB34E0F8-EE77-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 00:13 . 2012-08-25 00:13 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A72B8D9D-EE49-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 08:55 . 2012-08-25 08:56 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A2ECFEF8-EE92-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 17:09 . 2012-08-25 17:09 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{93844C5A-EED7-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 10:56 . 2012-08-25 10:57 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{846C31C7-EEA3-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 02:13 . 2012-08-25 02:13 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{840EE8CD-EE5A-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 04:29 . 2012-08-25 04:33 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8297846F-EE6D-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:02 . 2012-08-24 22:09 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{703FD018-EE37-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:02 . 2012-08-24 22:09 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7025A0F4-EE37-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 15:20 . 2012-08-25 15:20 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6A3049BF-EEC8-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 03:45 . 2012-08-25 03:46 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{61996107-EE67-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 03:45 . 2012-08-25 03:46 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{615DDE9F-EE67-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 07:06 . 2012-08-25 07:13 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5FAFEEC9-EE83-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 12:56 . 2012-08-25 12:57 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4FC2F56D-EEB4-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 04:42 . 2012-08-25 04:44 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{36EB637C-EE6F-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 14:57 . 2012-08-25 14:58 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3136415B-EEC5-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 16:08 . 2012-08-25 16:09 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{260DF4DB-EECF-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 09:56 . 2012-08-25 09:57 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{222B99A7-EE9B-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 01:13 . 2012-08-25 01:14 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1FAAD720-EE52-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:24 . 2012-08-24 21:31 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{1C7F2388-EE32-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:31 . 2012-08-24 21:31 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{19277539-EE33-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:31 . 2012-08-24 21:32 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{17FDE936-EE33-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 07:04 . 2012-08-25 07:05 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{16D5B156-EE83-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 23:11 . 2012-08-24 23:12 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{169DB55D-EE41-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 18:09 . 2012-08-25 18:10 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{135FC720-EEE0-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:23 . 2012-08-24 21:24 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F66B808F-EE31-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 11:56 . 2012-08-25 11:57 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ED74150D-EEAB-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:23 . 2012-08-24 21:23 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DC2D790C-EE31-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 07:09 . 2012-08-25 07:13 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D97AD893-EE83-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 07:09 . 2012-08-25 07:09 8192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D97AD891-EE83-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:05 . 2012-08-24 22:05 9216 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D195A286-EE37-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:04 . 2012-08-24 22:04 7168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B92145E1-EE37-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 13:56 . 2012-08-25 13:57 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B20F746F-EEBC-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 19:54 . 2012-08-25 19:55 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AEDF583D-EEEE-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:04 . 2012-08-24 22:09 7168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AE002FA8-EE37-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 05:42 . 2012-08-25 05:43 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AB34E0F9-EE77-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 00:13 . 2012-08-25 00:13 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A72B8D9E-EE49-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 08:55 . 2012-08-25 08:56 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A2ECFEF9-EE92-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:03 . 2012-08-24 22:09 8192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{959812E1-EE37-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 17:09 . 2012-08-25 17:09 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{93844C5B-EED7-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 10:56 . 2012-08-25 10:57 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{846C31C8-EEA3-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 02:13 . 2012-08-25 02:13 4096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{840EE8CE-EE5A-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 15:20 . 2012-08-25 15:20 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6A3049C0-EEC8-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:09 . 2012-08-24 22:09 7168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{65E17DEC-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 03:45 . 2012-08-25 03:46 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{61996108-EE67-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 03:45 . 2012-08-25 03:46 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{615DDEA0-EE67-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 07:13 . 2012-08-25 07:13 8192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{534A3378-EE84-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 12:56 . 2012-08-25 12:57 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4FC2F56E-EEB4-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:08 . 2012-08-24 22:09 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{49D5CFE1-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 14:57 . 2012-08-25 14:58 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3136415C-EEC5-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:07 . 2012-08-24 22:08 7680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{26247AA6-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 16:08 . 2012-08-25 16:09 4096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{260DF4DC-EECF-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 09:56 . 2012-08-25 09:57 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{222B99A8-EE9B-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 01:13 . 2012-08-25 01:14 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1FAAD721-EE52-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 07:11 . 2012-08-25 07:13 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1BE34085-EE84-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 07:04 . 2012-08-25 07:05 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{16D5B157-EE83-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 23:11 . 2012-08-24 23:12 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{169DB55E-EE41-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 18:09 . 2012-08-25 18:10 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{135FC721-EEE0-11E1-9818-64315024E3AB}.dat

+ 2012-08-24 22:07 . 2012-08-24 22:07 7680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{12F343E6-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:07 . 2012-08-24 22:07 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{12C3F684-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:07 . 2012-08-24 22:07 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{12C3F682-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:24 . 2012-08-24 21:24 7168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{12934743-EE32-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:24 . 2012-08-24 21:24 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0568AAC2-EE32-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 21:11 . 2012-08-25 21:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-24 03:42 . 2012-08-24 03:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-25 21:11 . 2012-08-25 21:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-24 03:42 . 2012-08-24 03:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-04 18:33 . 2012-08-25 07:06 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2012-07-04 18:33 . 2012-08-23 13:45 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:54 . 2012-08-25 19:54 835584 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-08-24 22:02 . 2012-08-24 22:09 558080 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7025A0F5-EE37-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 05:55 . 2012-08-25 05:56 299008 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6ABA7895-EE79-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 22:09 . 2012-08-24 22:09 184832 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{568893ED-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 07:13 . 2012-08-25 07:13 196096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{534A3376-EE84-11E1-9818-64315024E3AB}.dat
+ 2012-08-25 04:42 . 2012-08-25 04:48 411136 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{36EB637D-EE6F-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 21:31 . 2012-08-24 21:38 239104 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{17FDE937-EE33-11E1-9818-64315024E3AB}.dat
+ 2012-08-24 23:15 . 2012-08-24 23:15 453632 c:\windows\Installer\6a7404.msi
+ 2012-08-24 23:15 . 2012-08-24 23:15 261632 c:\windows\Installer\6a72b9.msi
+ 2012-08-24 23:15 . 2012-08-24 23:15 261632 c:\windows\Installer\6a72a9.msi
+ 2012-08-24 23:15 . 2012-08-24 23:15 261632 c:\windows\Installer\6a7299.msi
+ 2012-08-24 23:15 . 2012-08-24 23:15 262656 c:\windows\Installer\6a7289.msi
+ 2012-08-24 23:14 . 2012-08-24 23:14 261632 c:\windows\Installer\6a7276.msi
+ 2012-08-24 23:14 . 2012-08-24 23:14 262656 c:\windows\Installer\6a7266.msi
+ 2009-07-14 04:54 . 2012-08-25 19:54 9437184 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-24 00:11 9437184 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 05:01 . 2012-08-25 21:09 2403212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-08-24 03:41 2403212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-07-04 18:32 . 2012-08-24 00:11 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat
+ 2012-07-04 18:32 . 2012-08-25 19:54 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat
- 2009-07-14 04:54 . 2012-08-24 00:11 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-25 19:54 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-08 08:26 . 2012-08-25 21:10 51167152 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4151112255-51104295-1799264657-1000-12288.dat
+ 2012-07-12 20:51 . 2012-08-25 21:10 11107044 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-03-04 06:52 762000 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-03-04 06:52 762000 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-03-04 06:52 762000 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="" [BU]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2012-07-27 1261512]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-12 102400]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-10 29984]
"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-10 46368]
"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-10-12 2215768]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-21 119152]
"Carbonite Backup"="c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe" [2011-03-04 948880]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"ScanSnap WIA Service Checker"="c:\windows\SSDriver\fi5110\SsWiaChecker.exe" [2009-09-30 86016]
"BrStsWnd"="c:\program files (x86)\Brownie\BrstsW64.exe" [2009-08-20 3695928]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe" [2012-08-01 686792]
.
c:\users\JASON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CardMinder Viewer.lnk - c:\program files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe [2011-12-18 77824]
Conversion to PDF with ScanSnap Organizer.lnk - c:\program files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe [2011-12-18 15360]
Intuit Data Protect.lnk - c:\program files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe [2011-10-13 5904216]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-12-6 1175912]
QuickBooks_Standard_21.lnk - c:\program files (x86)\Intuit\QuickBooks 2012\QBW32.EXE [2011-12-6 1178984]
ScanSnap Manager.lnk - c:\program files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe [2011-12-18 1081344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-05 822624]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 136176]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-22 85560]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 136176]
R3 JmUjk3Ai;BlackBox SR2; [x]
R3 kxhaBH20;BlackBox SR2; [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 sS43NcfQ;BlackBox SR2; [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-08 1255736]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 RsFx0151;RsFx0151 Driver;c:\windows\system32\DRIVERS\RsFx0151.sys [2011-06-18 313696]
R4 SQLAgent$SHIPWORKS;SQL Server Agent (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\SQLAGENT.EXE [2011-06-18 431456]
S0 72999610;72999610;c:\windows\system32\DRIVERS\72999610.sys [2012-08-08 460888]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-30 204288]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-05 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 MSSQL$SHIPWORKS;SQL Server (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe [2011-06-18 62111072]
S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-06-30 1248256]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-06-30 9371136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-06-30 309760]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-21 36720]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 VAD_DEV;Virtual Audio Service;c:\windows\system32\drivers\vad.sys [2010-11-19 24992]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 06:05]
.
2012-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 06:05]
.
2012-08-07 c:\windows\Tasks\HPCeeScheduleForJASON.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-03-04 06:36 1174672 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-03-04 06:36 1174672 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-03-04 06:36 1174672 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 192.168.1.254
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} - hxxps://www.icloud.com/system/iCloud.cab
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}"=hex:51,66,7a,6c,4c,1d,38,12,8a,de,68,
55,95,ad,1e,00,cd,08,68,12,b3,4d,db,d3
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{074C1DC5-9320-4A9A-947D-C042949C6216}"=hex:51,66,7a,6c,4c,1d,38,12,ab,1e,5f,
03,12,dd,f4,0f,eb,6b,83,02,91,c2,26,02
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:50,2f,7e,65,13,5a,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4a,a0,5b,18,16,25,6c,43,a7,db,61,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4a,a0,5b,18,16,25,6c,43,a7,db,61,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:42,6c,54,4f,6f,3a,72,84,69,23,97,59,00,aa,63,4c,c2,80,6b,4c,00,
27,36,2a,47,40,a3,50,34,7d,d6,fa,69,cf,0d,d6,28,87,4b,7e,87,3c,c4,c5,fb,95,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:42,6c,54,4f,6f,3a,72,84,69,23,97,59,00,aa,63,4c,c2,80,6b,4c,00,
27,36,2a,47,40,a3,50,34,7d,d6,fa,69,cf,0d,d6,28,87,4b,7e,87,3c,c4,c5,fb,95,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
c:\program files (x86)\Brownie\Brnipmon.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Completion time: 2012-08-25 14:54:22 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-25 21:54
ComboFix2.txt 2012-08-24 04:22
ComboFix3.txt 2012-08-10 19:34
ComboFix4.txt 2012-08-10 00:50
ComboFix5.txt 2012-08-25 20:36
.
Pre-Run: 126,317,490,176 bytes free
Post-Run: 126,070,800,384 bytes free
.
- - End Of File - - 1B6DD2F0D61CED3EFA3AFA906EBB787B

HI DMJ- Still have the virus. Here is the new ComboFix Log. Thanks again for your help.

ComboFix 12-08-22.03 - JASON 08/26/2012 17:23:47.6.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2114 [GMT -7:00]
Running from: c:\users\JASON\Desktop\ComboFix.exe
Command switches used :: c:\users\JASON\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll --> c:\windows\SysWOW64\user32.dll
.
((((((((((((((((((((((((( Files Created from 2012-07-27 to 2012-08-27 )))))))))))))))))))))))))))))))
.
.
2012-08-27 00:40 . 2012-08-27 00:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-08-27 00:40 . 2012-08-27 00:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-24 23:15 . 2012-08-24 23:15 -------- d-----w- c:\programdata\{4E417984-0B3D-48F3-9FA4-E1ABB0DA51B7}
2012-08-24 23:15 . 2012-08-24 23:15 -------- d-----w- c:\programdata\{9BE3DA6A-4249-4BEC-9AE7-CA0EA247E62C}
2012-08-24 23:15 . 2012-08-24 23:15 -------- d-----w- c:\programdata\{E23E3BED-ADD9-4DF7-B375-5EC5E69FD666}
2012-08-24 23:15 . 2012-08-24 23:15 -------- d-----w- c:\programdata\{C243CCC8-5474-45FC-A546-7FBC284A692E}
2012-08-24 23:14 . 2012-08-24 23:14 -------- d-----w- c:\programdata\{F74FAF01-6ED9-4DAC-8BD2-E5F7C218B43C}
2012-08-24 23:14 . 2012-08-24 23:14 -------- d-----w- c:\programdata\{AB89557A-DCAD-4657-A970-8F9A3EFFB34D}
2012-08-24 23:14 . 2012-08-24 23:14 -------- d-----w- c:\programdata\{232FC370-3714-4F10-BC93-DA33AA1D6D22}
2012-08-22 05:52 . 2012-08-22 05:51 289768 ----a-w- c:\windows\system32\javaws.exe
2012-08-22 05:51 . 2012-08-22 05:51 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-08-22 05:51 . 2012-08-22 05:51 189416 ----a-w- c:\windows\system32\javaw.exe
2012-08-22 05:51 . 2012-08-22 05:51 188904 ----a-w- c:\windows\system32\java.exe
2012-08-22 05:51 . 2012-08-22 05:51 -------- d-----w- c:\program files\Java
2012-08-16 10:05 . 2012-08-16 10:05 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-08-15 11:24 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 11:24 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 11:24 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 11:24 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 11:24 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 11:24 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 11:24 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 11:24 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 11:24 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 11:24 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 11:24 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 11:24 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-14 18:31 . 2012-08-14 18:33 35712 ----a-w- c:\windows\SysWow64\drivers\kxhaBH20.sys
2012-08-14 18:31 . 2012-08-14 18:33 -------- d-----w- c:\program files\unhook
2012-08-14 18:19 . 2012-08-14 18:26 35712 ----a-w- c:\windows\SysWow64\drivers\JmUjk3Ai.sys
2012-08-14 18:18 . 2012-08-14 18:26 35712 ----a-w- c:\windows\SysWow64\drivers\sS43NcfQ.sys
2012-08-12 04:31 . 2012-08-08 18:11 460888 ----a-w- c:\windows\system32\drivers\72999610.sys
2012-08-11 16:53 . 2012-08-11 16:53 -------- d-----w- c:\programdata\Kaspersky Lab
2012-08-07 02:29 . 2012-08-07 02:29 -------- d-----w- c:\users\JASON\AppData\Roaming\Malwarebytes
2012-08-07 02:28 . 2012-08-07 02:28 -------- d-----w- c:\programdata\Malwarebytes
2012-08-07 02:28 . 2012-08-07 02:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-07 02:28 . 2012-07-03 20:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-22 05:51 . 2012-01-23 07:47 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-22 05:51 . 2012-01-23 07:47 1034216 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-16 10:00 . 2011-02-08 03:11 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-01 22:46 . 2012-04-05 08:41 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-01 22:46 . 2011-05-18 18:03 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-09 05:43 . 2012-07-15 06:12 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 15:49 . 2012-06-06 15:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-15 06:12 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-15 06:12 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-15 06:11 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-15 06:12 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-15 06:12 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-15 06:11 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-22 07:21 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 07:22 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 07:22 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 07:22 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 07:20 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-22 07:21 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 07:22 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-22 07:21 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 05:50 . 2012-07-15 06:12 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-15 06:12 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-15 06:12 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-15 06:12 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-15 06:12 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-15 06:12 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-15 06:12 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-15 06:12 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-15 06:12 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-20 . 58877D39A2D4E120CEE1EFF4DAD3D3FD . 857600 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
((((((((((((((((((((((((((((( SnapShot_2012-08-25_21.14.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-27 00:41 . 2012-08-27 00:41 25094 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2012-08-24 21:17 . 2012-08-24 21:17 25094 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2012-07-04 18:36 . 2012-08-27 01:48 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\index.dat
- 2012-07-04 18:36 . 2012-08-25 19:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\index.dat
+ 2012-08-26 04:32 . 2012-08-26 04:37 31744 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F9AC47EA-EF36-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 04:39 . 2012-08-26 04:46 30720 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F864B07C-EF37-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 04:36 . 2012-08-26 04:39 10752 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{ABDE2C0A-EF37-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 04:34 . 2012-08-26 04:39 24576 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5C378844-EF37-11E1-9D59-64315024E3AB}.dat
+ 2012-07-04 18:33 . 2012-08-26 09:28 81920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
- 2012-07-04 18:33 . 2012-08-25 07:06 81920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2011-02-07 03:31 . 2012-08-25 22:49 61988 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-25 22:49 40480 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-02-07 03:46 . 2012-08-25 21:15 14798 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4151112255-51104295-1799264657-1000_UserData.bin
+ 2011-02-07 03:46 . 2012-08-25 22:49 14798 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4151112255-51104295-1799264657-1000_UserData.bin
- 2011-02-07 04:31 . 2012-08-25 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-02-07 04:31 . 2012-08-27 00:20 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-02-07 04:31 . 2012-08-25 20:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-07 04:31 . 2012-08-27 00:20 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-27 00:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-25 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-08-26 07:21 . 2012-08-26 07:21 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{9DD91451-EF4E-11E1-9D59-64315024E3AB}.dat
+ 2012-08-24 22:09 . 2012-08-26 23:36 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{568893EA-EE38-11E1-9818-64315024E3AB}.dat
- 2012-08-24 22:09 . 2012-08-25 19:55 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{568893EA-EE38-11E1-9818-64315024E3AB}.dat
+ 2012-08-26 23:36 . 2012-08-26 23:36 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{ED12CCAC-EFD6-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:21 . 2012-08-26 07:21 7680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{9DD91452-EF4E-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 04:32 . 2012-08-26 04:36 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{FB40F1D8-EF36-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 04:32 . 2012-08-26 04:37 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F9AC47E9-EF36-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 04:39 . 2012-08-26 04:39 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F864B07B-EF37-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 19:33 . 2012-08-26 19:34 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F477DB6A-EFB4-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 21:35 . 2012-08-26 21:35 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{EC52C6B4-EFC5-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 15:29 . 2012-08-26 15:30 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D40D0D70-EF92-11E1-9D59-64315024E3AB}.dat
+ 2012-08-27 00:47 . 2012-08-27 00:48 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D17DCF4D-EFE0-11E1-8B4C-64315024E3AB}.dat
+ 2012-08-26 10:28 . 2012-08-26 10:29 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C3963333-EF68-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 01:52 . 2012-08-26 01:53 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B9741FC4-EF20-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 06:03 . 2012-08-26 06:03 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B699E706-EF43-11E1-9D59-64315024E3AB}.dat
+ 2012-08-25 23:50 . 2012-08-25 23:51 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{B05DCDB0-EF0F-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 03:54 . 2012-08-26 03:54 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AB82C558-EF31-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 03:54 . 2012-08-26 03:54 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AA6C4457-EF31-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:14 . 2012-08-26 07:21 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A6996D98-EF4D-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:32 . 2012-08-26 16:33 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9DAC473F-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 09:15 . 2012-08-26 09:15 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8A9C30F6-EF5E-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 12:28 . 2012-08-26 12:29 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{88176372-EF79-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:31 . 2012-08-26 16:32 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{846FF09E-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:31 . 2012-08-26 16:32 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7A0F70ED-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 18:32 . 2012-08-26 18:33 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{717070AC-EFAC-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 14:29 . 2012-08-26 14:30 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7062A427-EF8A-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 22:36 . 2012-08-26 22:36 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6F4FB9BC-EFCE-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:30 . 2012-08-26 16:31 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{60CBF62A-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 20:34 . 2012-08-26 20:34 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{5E076D1F-EFBD-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 05:02 . 2012-08-26 05:07 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{461BD3ED-EF3B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:29 . 2012-08-26 16:30 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{43A7DD96-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 00:51 . 2012-08-26 00:52 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{38AA7FE9-EF18-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 00:51 . 2012-08-26 00:52 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{37561B22-EF18-11E1-9D59-64315024E3AB}.dat
+ 2012-08-25 22:49 . 2012-08-25 22:50 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2F186471-EF07-11E1-9D59-64315024E3AB}.dat
+ 2012-08-25 22:49 . 2012-08-25 22:50 3584 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2CE90113-EF07-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 11:28 . 2012-08-26 11:29 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{25D6CB52-EF71-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 02:52 . 2012-08-26 02:53 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{24C5958D-EF29-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 02:52 . 2012-08-26 02:53 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{22265180-EF29-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:03 . 2012-08-26 07:03 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{18D81DC5-EF4C-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 17:32 . 2012-08-26 17:33 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0DD91266-EFA4-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 17:32 . 2012-08-26 17:33 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0BF1184D-EFA4-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 08:14 . 2012-08-26 08:15 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0A57BEE9-EF56-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 13:29 . 2012-08-26 13:30 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{0867BC60-EF82-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 19:33 . 2012-08-26 19:34 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F477DB6B-EFB4-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 21:35 . 2012-08-26 21:35 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{EC52C6B5-EFC5-11E1-9D59-64315024E3AB}.dat
+ 2012-08-27 00:48 . 2012-08-27 00:48 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{DD7EDFC9-EFE0-11E1-8B4C-64315024E3AB}.dat
+ 2012-08-26 15:29 . 2012-08-26 15:30 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D40D0D71-EF92-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:15 . 2012-08-26 07:21 7168 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D350D62B-EF4D-11E1-9D59-64315024E3AB}.dat
+ 2012-08-27 00:47 . 2012-08-27 00:48 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D17DCF4E-EFE0-11E1-8B4C-64315024E3AB}.dat
+ 2012-08-26 07:15 . 2012-08-26 07:21 8192 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{CACA3ED2-EF4D-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 10:28 . 2012-08-26 10:29 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C3963334-EF68-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 01:52 . 2012-08-26 01:53 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B9741FC5-EF20-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 06:03 . 2012-08-26 06:03 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B699E707-EF43-11E1-9D59-64315024E3AB}.dat
+ 2012-08-25 23:50 . 2012-08-25 23:51 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B05DCDB1-EF0F-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 03:54 . 2012-08-26 03:54 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AB82C559-EF31-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 03:54 . 2012-08-26 03:54 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AA6C4458-EF31-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:21 . 2012-08-26 07:21 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9DD91456-EF4E-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:32 . 2012-08-26 16:33 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9DAC4740-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:20 . 2012-08-26 07:21 7680 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{907FD4A8-EF4E-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 09:15 . 2012-08-26 09:15 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8A9C30F7-EF5E-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 12:28 . 2012-08-26 12:29 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{88176373-EF79-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:31 . 2012-08-26 16:32 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{846FF09F-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:31 . 2012-08-26 16:32 4096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7A0F70EE-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 18:32 . 2012-08-26 18:33 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{717070AD-EFAC-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 14:29 . 2012-08-26 14:30 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7062A428-EF8A-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 22:36 . 2012-08-26 22:36 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6F4FB9BD-EFCE-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:30 . 2012-08-26 16:31 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{60CBF62B-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 20:34 . 2012-08-26 20:34 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5E076D20-EFBD-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:18 . 2012-08-26 07:21 9728 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{43BC7029-EF4E-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 16:29 . 2012-08-26 16:30 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{43A7DD97-EF9B-11E1-9D59-64315024E3AB}.dat
+ 2012-08-25 22:50 . 2012-08-25 22:50 4608 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{3B3067F3-EF07-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 00:51 . 2012-08-26 00:52 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{38AA7FEA-EF18-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 00:51 . 2012-08-26 00:52 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{37561B23-EF18-11E1-9D59-64315024E3AB}.dat
+ 2012-08-25 22:50 . 2012-08-25 22:50 4096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2F186472-EF07-11E1-9D59-64315024E3AB}.dat
+ 2012-08-25 22:50 . 2012-08-25 22:50 4096 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2CE90114-EF07-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:17 . 2012-08-26 07:18 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{286C4EF8-EF4E-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 11:28 . 2012-08-26 11:29 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{25D6CB53-EF71-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 02:52 . 2012-08-26 02:53 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{24C5958E-EF29-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 02:52 . 2012-08-26 02:53 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{22265181-EF29-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:03 . 2012-08-26 07:03 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{18D81DC6-EF4C-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 17:32 . 2012-08-26 17:33 5120 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0DD91267-EFA4-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 17:32 . 2012-08-26 17:33 5632 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0BF1184E-EFA4-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 08:14 . 2012-08-26 08:15 6144 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0A57BEEA-EF56-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 13:29 . 2012-08-26 13:30 6656 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0867BC61-EF82-11E1-9D59-64315024E3AB}.dat
- 2012-08-25 21:11 . 2012-08-25 21:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-27 00:43 . 2012-08-27 00:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-25 21:11 . 2012-08-25 21:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-27 00:43 . 2012-08-27 00:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-04 18:33 . 2012-08-26 05:02 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2012-07-04 18:33 . 2012-08-25 07:06 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2012-08-25 19:54 835584 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-27 01:48 835584 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-08-26 04:32 . 2012-08-26 04:39 866304 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FB40F1D9-EF36-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 07:21 . 2012-08-26 07:21 177664 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9DD91454-EF4E-11E1-9D59-64315024E3AB}.dat
+ 2012-08-26 05:02 . 2012-08-26 05:07 573952 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{461BD3EE-EF3B-11E1-9D59-64315024E3AB}.dat
+ 2009-07-14 04:54 . 2012-08-27 00:48 9437184 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-25 19:54 9437184 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 05:01 . 2012-08-25 21:09 2403212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-27 00:41 2403212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-07-04 18:32 . 2012-08-25 19:54 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat
+ 2012-07-04 18:32 . 2012-08-27 01:48 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\PrivacIE\index.dat
- 2009-07-14 04:54 . 2012-08-25 19:54 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-27 00:48 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-08 08:26 . 2012-08-27 00:42 51213540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4151112255-51104295-1799264657-1000-12288.dat
- 2012-07-12 20:51 . 2012-08-25 21:10 11107044 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-07-12 20:51 . 2012-08-27 00:42 11107044 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
.

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-03-04 06:52 762000 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-03-04 06:52 762000 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-03-04 06:52 762000 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="" [BU]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2012-07-27 1261512]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe" [2012-08-01 686792]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-12 102400]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-10 29984]
"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-10 46368]
"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-10-12 2215768]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-21 119152]
"Carbonite Backup"="c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe" [2011-03-04 948880]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"ScanSnap WIA Service Checker"="c:\windows\SSDriver\fi5110\SsWiaChecker.exe" [2009-09-30 86016]
"BrStsWnd"="c:\program files (x86)\Brownie\BrstsW64.exe" [2009-08-20 3695928]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe" [2012-08-01 686792]
.
c:\users\JASON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CardMinder Viewer.lnk - c:\program files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe [2011-12-18 77824]
Conversion to PDF with ScanSnap Organizer.lnk - c:\program files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe [2011-12-18 15360]
Intuit Data Protect.lnk - c:\program files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe [2011-10-13 5904216]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-12-6 1175912]
QuickBooks_Standard_21.lnk - c:\program files (x86)\Intuit\QuickBooks 2012\QBW32.EXE [2011-12-6 1178984]
ScanSnap Manager.lnk - c:\program files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe [2011-12-18 1081344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-05 822624]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 136176]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 136176]
R3 JmUjk3Ai;BlackBox SR2; [x]
R3 kxhaBH20;BlackBox SR2; [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 sS43NcfQ;BlackBox SR2; [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-08 1255736]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 RsFx0151;RsFx0151 Driver;c:\windows\system32\DRIVERS\RsFx0151.sys [2011-06-18 313696]
R4 SQLAgent$SHIPWORKS;SQL Server Agent (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\SQLAGENT.EXE [2011-06-18 431456]
S0 72999610;72999610;c:\windows\system32\DRIVERS\72999610.sys [2012-08-08 460888]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-30 204288]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-05 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-22 85560]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 MSSQL$SHIPWORKS;SQL Server (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe [2011-06-18 62111072]
S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-06-30 1248256]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-06-30 9371136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-06-30 309760]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-21 36720]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 VAD_DEV;Virtual Audio Service;c:\windows\system32\drivers\vad.sys [2010-11-19 24992]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 06:05]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 06:05]
.
2012-08-07 c:\windows\Tasks\HPCeeScheduleForJASON.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-03-04 06:36 1174672 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-03-04 06:36 1174672 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-03-04 06:36 1174672 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 192.168.1.254
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} - hxxps://www.icloud.com/system/iCloud.cab
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}"=hex:51,66,7a,6c,4c,1d,38,12,8a,de,68,
55,95,ad,1e,00,cd,08,68,12,b3,4d,db,d3
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{074C1DC5-9320-4A9A-947D-C042949C6216}"=hex:51,66,7a,6c,4c,1d,38,12,ab,1e,5f,
03,12,dd,f4,0f,eb,6b,83,02,91,c2,26,02
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:50,2f,7e,65,13,5a,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4a,a0,5b,18,16,25,6c,43,a7,db,61,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4a,a0,5b,18,16,25,6c,43,a7,db,61,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:42,6c,54,4f,6f,3a,72,84,69,23,97,59,00,aa,63,4c,c2,80,6b,4c,00,
27,36,2a,47,40,a3,50,34,7d,d6,fa,69,cf,0d,d6,28,87,4b,7e,87,3c,c4,c5,fb,95,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:42,6c,54,4f,6f,3a,72,84,69,23,97,59,00,aa,63,4c,c2,80,6b,4c,00,
27,36,2a,47,40,a3,50,34,7d,d6,fa,69,cf,0d,d6,28,87,4b,7e,87,3c,c4,c5,fb,95,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
c:\program files (x86)\Brownie\Brnipmon.exe
.
**************************************************************************
.
Completion time: 2012-08-26 19:33:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-27 02:32
ComboFix2.txt 2012-08-25 21:54
ComboFix3.txt 2012-08-24 04:22
ComboFix4.txt 2012-08-10 19:34
ComboFix5.txt 2012-08-27 00:22
.
Pre-Run: 125,635,674,112 bytes free
Post-Run: 125,674,766,336 bytes free
.
- - End Of File - - 888A664B31D5A7A34A4B91738C677221

Here is the OTL and Extras logs. Still have the virus. Please let me know the next steps. Thanks.

OTL logfile created on: 8/28/2012 7:04:59 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\JASON\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.76 Gb Available Physical Memory | 47.05% Memory free
7.50 Gb Paging File | 5.02 Gb Available in Paging File | 66.92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.29 Gb Total Space | 122.67 Gb Free Space | 17.90% Space Free | Partition Type: NTFS
Drive D: | 13.25 Gb Total Space | 1.63 Gb Free Space | 12.30% Space Free | Partition Type: NTFS

Computer Name: HPDESKTOP1 | User Name: JASON | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/27 13:51:38 | 000,823,224 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012/07/27 13:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/20 14:46:31 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\JASON\Desktop\OTL.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/02/23 15:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/10/01 11:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 11:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/30 16:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/04/22 20:28:46 | 001,081,344 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
PRC - [2011/03/30 12:12:18 | 000,310,944 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2011/03/28 20:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/03 23:52:00 | 000,948,880 | R--- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2011/01/19 15:36:30 | 000,077,824 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe
PRC - [2010/11/20 05:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/09/30 13:07:34 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
PRC - [2009/07/13 18:14:35 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sdiagnhost.exe
PRC - [2009/07/13 18:14:25 | 000,983,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdt.exe
PRC - [2008/11/20 11:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/10/20 17:01:28 | 000,222,512 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brownie\BRNIPMON.exe


========== Modules (No Company Name) ==========

MOD - [2011/06/25 01:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/25 01:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/08 16:53:48 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll
MOD - [2011/03/16 18:30:58 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll
MOD - [2010/08/24 19:56:50 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll
MOD - [2008/11/12 18:32:30 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardPath.dll
MOD - [2003/03/26 21:46:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/06/30 06:42:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/03/03 23:36:16 | 006,315,664 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2010/08/05 20:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/05/20 18:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/07/27 13:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/12/06 09:48:02 | 000,045,056 | ---- | M] (Intuit) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/10/01 11:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 11:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/07/13 07:00:16 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011/06/30 16:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/06/21 18:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 20:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/18 18:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 16:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/24 00:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/08 11:11:11 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\72999610.sys -- (72999610)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/02/15 14:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/10/01 11:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 11:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 11:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 11:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/13 07:00:14 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/06/30 08:33:14 | 009,371,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/30 06:00:52 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/06/17 20:54:22 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0151.sys -- (RsFx0151)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/18 21:13:36 | 000,024,992 | ---- | M] (Windows (R) DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vad.sys -- (VAD_DEV)
DRV:64bit: - [2010/09/02 23:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/08/13 06:35:36 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/08/13 06:35:36 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/07/21 20:57:22 | 001,002,848 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/05/20 18:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/03/10 08:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/12/22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 16:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012/08/14 11:33:34 | 000,035,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\kxhaBH20.sys -- (kxhaBH20)
DRV - [2012/08/14 11:26:35 | 000,035,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\sS43NcfQ.sys -- (sS43NcfQ)
DRV - [2012/08/14 11:26:24 | 000,035,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\JmUjk3Ai.sys -- (JmUjk3Ai)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.mywebsearch.com/myweb...&n=77ed2945&psa=&st=sb&searchfor={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0BDAF422-7CB0-42AC-80C2-3A279B3CACF5}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3198785
IE - HKCU\..\SearchScopes\{15B78E6B-5A75-48FB-A917-52B4309A4D42}: "URL" =
IE - HKCU\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.mywebsearch.com/myweb...&n=77ed2945&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/12/14 22:24:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/07/21 07:54:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/12/13 16:48:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/08/21 23:03:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/21 07:52:37 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\
CHR - Extension: AVG Do Not Track = C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Users\JASON\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/26 18:41:45 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe (brother)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ScanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab (iCloud Web App Plugin)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF49D771-4EDE-4A85-B771-E1CDD3CA87C1}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb4 - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb5 - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18 - Protocol\Handler\intu-help-qb4 - No CLSID value found
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: hitmanpro36 - Reg Error: Value error.
SafeBootMin:64bit: hitmanpro36.sys - Reg Error: Value error.
SafeBootMin:64bit: HitmanPro36Crusader - Reg Error: Value error.
SafeBootMin:64bit: HitmanPro36CrusaderBoot - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: hitmanpro36 - Reg Error: Value error.
SafeBootMin: hitmanpro36.sys - Reg Error: Value error.
SafeBootMin: HitmanPro36Crusader - Reg Error: Value error.
SafeBootMin: HitmanPro36CrusaderBoot - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /I:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /I:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /I:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /I:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/26 19:33:47 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/08/26 18:41:49 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/08/24 16:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\{4E417984-0B3D-48F3-9FA4-E1ABB0DA51B7}
[2012/08/24 16:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BE3DA6A-4249-4BEC-9AE7-CA0EA247E62C}
[2012/08/24 16:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\{E23E3BED-ADD9-4DF7-B375-5EC5E69FD666}
[2012/08/24 16:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{C243CCC8-5474-45FC-A546-7FBC284A692E}
[2012/08/24 16:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\{F74FAF01-6ED9-4DAC-8BD2-E5F7C218B43C}
[2012/08/24 16:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\{AB89557A-DCAD-4657-A970-8F9A3EFFB34D}
[2012/08/24 16:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{232FC370-3714-4F10-BC93-DA33AA1D6D22}
[2012/08/24 16:14:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stamps.com
[2012/08/21 22:57:50 | 000,000,000 | ---D | C] -- C:\Users\JASON\Desktop\Vendio
[2012/08/21 22:57:28 | 000,000,000 | ---D | C] -- C:\Users\JASON\Desktop\Virus
[2012/08/21 22:52:00 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/08/21 22:51:41 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/08/21 22:51:40 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/08/21 22:51:38 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/08/21 22:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/08/21 08:56:22 | 000,000,000 | ---D | C] -- C:\Users\JASON\Desktop\Bourne Creative SEO Course
[2012/08/16 03:04:40 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/16 03:04:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/16 03:04:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/16 03:04:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/16 03:04:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/16 03:04:38 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/16 03:04:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/16 03:04:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/16 03:04:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/16 03:04:38 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/16 03:04:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/16 03:04:37 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/16 03:04:37 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/15 04:24:36 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/15 04:24:32 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/15 04:24:32 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/15 04:24:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/15 04:24:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/15 04:24:31 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/15 04:24:31 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/15 04:24:29 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/08/14 11:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\unhook
[2012/08/14 11:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rootkit Unhooker LE
[2012/08/11 21:31:01 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\72999610.sys
[2012/08/11 09:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/08/07 20:29:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/07 20:29:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/07 20:29:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/06 19:29:28 | 000,000,000 | ---D | C] -- C:\Users\JASON\AppData\Roaming\Malwarebytes
[2012/08/06 19:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/06 19:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/06 19:28:19 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/06 19:28:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[19 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/28 07:13:03 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/28 05:13:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/27 17:50:17 | 105,088,910 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/08/27 15:55:23 | 000,000,036 | -H-- | M] () -- C:\Windows\SysWow64\f9t.dat
[2012/08/27 10:28:05 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJASON.job
[2012/08/27 10:24:09 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/27 10:24:09 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/27 10:16:06 | 000,000,328 | ---- | M] () -- C:\Windows\Brownie.ini
[2012/08/27 10:12:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/27 10:12:22 | 3019,333,632 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/26 18:41:45 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/25 17:10:28 | 000,626,986 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/08/25 12:58:51 | 000,166,967 | ---- | M] () -- C:\Users\JASON\Desktop\freehampton.pdf
[2012/08/24 16:15:35 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\Stamps.com.lnk
[2012/08/23 17:10:13 | 004,736,524 | R--- | M] (Swearware) -- C:\Users\JASON\Desktop\ComboFix.exe
[2012/08/21 23:03:22 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012/08/21 22:51:30 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll
[2012/08/21 22:51:30 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/08/21 22:51:30 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/08/21 22:51:30 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/08/21 22:51:30 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/08/21 22:51:30 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/08/21 17:17:18 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/20 22:03:51 | 000,001,033 | ---- | M] () -- C:\Users\JASON\Desktop\Rankerizer.lnk
[2012/08/19 16:13:26 | 000,000,000 | ---- | M] () -- C:\Users\JASON\Documents\Nuance Image Printer Writer Port
[2012/08/19 16:09:59 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012/08/18 18:46:24 | 000,644,339 | ---- | M] () -- C:\Users\JASON\Desktop\specialoffer$33.pdf
[2012/08/18 18:46:23 | 000,153,799 | ---- | M] () -- C:\Users\JASON\Desktop\clicksure$33.pdf
[2012/08/16 03:29:09 | 016,274,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/16 03:03:38 | 000,000,372 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2012/08/14 11:33:34 | 000,035,712 | ---- | M] () -- C:\Windows\SysWow64\drivers\kxhaBH20.sys
[2012/08/14 11:26:35 | 000,035,712 | ---- | M] () -- C:\Windows\SysWow64\drivers\sS43NcfQ.sys
[2012/08/14 11:26:24 | 000,035,712 | ---- | M] () -- C:\Windows\SysWow64\drivers\JmUjk3Ai.sys
[2012/08/10 19:56:55 | 000,027,520 | ---- | M] () -- C:\Users\JASON\AppData\Local\dt.dat
[2012/08/09 15:47:48 | 000,777,257 | ---- | M] () -- C:\Users\JASON\Desktop\Storage space S. Orleans.JPG
[2012/08/08 11:11:11 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\72999610.sys
[2012/08/01 15:46:58 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/01 15:46:57 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[19 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/27 10:27:50 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForJASON.job
[2012/08/25 12:58:51 | 000,166,967 | ---- | C] () -- C:\Users\JASON\Desktop\freehampton.pdf
[2012/08/24 16:15:35 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\Stamps.com.lnk
[2012/08/18 18:46:24 | 000,644,339 | ---- | C] () -- C:\Users\JASON\Desktop\specialoffer$33.pdf
[2012/08/18 18:46:23 | 000,153,799 | ---- | C] () -- C:\Users\JASON\Desktop\clicksure$33.pdf
[2012/08/14 11:31:38 | 000,035,712 | ---- | C] () -- C:\Windows\SysWow64\drivers\kxhaBH20.sys
[2012/08/14 11:19:45 | 000,035,712 | ---- | C] () -- C:\Windows\SysWow64\drivers\JmUjk3Ai.sys
[2012/08/14 11:18:14 | 000,035,712 | ---- | C] () -- C:\Windows\SysWow64\drivers\sS43NcfQ.sys
[2012/08/10 19:56:55 | 000,027,520 | ---- | C] () -- C:\Users\JASON\AppData\Local\dt.dat
[2012/08/09 15:47:39 | 000,777,257 | ---- | C] () -- C:\Users\JASON\Desktop\Storage space S. Orleans.JPG
[2012/08/07 20:29:37 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/07 20:29:37 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/07 20:29:37 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/07 20:29:37 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/07 20:29:37 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/04 19:38:26 | 000,000,036 | -H-- | C] () -- C:\Windows\SysWow64\f9t.dat
[2012/03/16 14:32:55 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2011/12/25 13:40:14 | 000,000,132 | ---- | C] () -- C:\Users\JASON\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/12/24 19:00:00 | 000,000,132 | ---- | C] () -- C:\Users\JASON\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/12/20 21:04:39 | 000,000,153 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2011/12/20 21:04:39 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2011/12/20 21:03:05 | 000,022,898 | ---- | C] () -- C:\Windows\HL-3070CW.INI
[2011/12/20 21:02:24 | 000,000,328 | ---- | C] () -- C:\Windows\Brownie.ini
[2011/12/18 22:51:22 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI
[2011/11/16 14:46:22 | 000,001,456 | ---- | C] () -- C:\Users\JASON\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/10/04 09:09:22 | 000,000,600 | ---- | C] () -- C:\Users\JASON\AppData\Local\PUTTY.RND
[2011/08/19 20:26:28 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\Gsw32.exe.config
[2011/06/08 15:38:53 | 000,833,024 | ---- | C] () -- C:\Windows\SysWow64\user.dat
[2011/06/07 00:20:10 | 000,001,854 | ---- | C] () -- C:\Users\JASON\AppData\Roaming\GhostObjGAFix.xml
[2011/03/17 20:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/02/15 19:06:21 | 000,777,968 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/09 23:35:30 | 000,000,256 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/02/09 23:35:30 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/02/09 23:34:40 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2011/02/09 23:31:09 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2011/02/09 23:23:18 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/02/06 21:30:37 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2011/01/11 21:05:18 | 000,008,592 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2010/12/14 22:00:30 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2010/12/14 21:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/21 11:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

========== Custom Scans ==========

< %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

< %AppData%\Local\ >

< %systemroot%\system32\sysprep >
[19 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< *.xpi /md5 >

< %systemroot%\Downloaded Program Files\ >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/17 15:28:57 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/17 15:28:57 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/17 15:28:57 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/08/17 15:28:57 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/26 18:52:33 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/26 18:52:33 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/26 18:52:33 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/28 18:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2012/06/28 18:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/08/17 15:28:57 | 001,229,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/08/17 15:28:57 | 001,229,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/08/17 15:28:57 | 001,229,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/08/17 15:28:57 | 001,229,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/04/26 18:52:32 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/04/26 18:52:32 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/04/26 18:52:32 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/28 18:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2012/06/28 18:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >
[2012/08/14 11:26:24 | 000,035,712 | ---- | M] () -- C:\Windows\system32\drivers\JmUjk3Ai.sys
[2012/08/14 11:33:34 | 000,035,712 | ---- | M] () -- C:\Windows\system32\drivers\kxhaBH20.sys
[2012/08/14 11:26:35 | 000,035,712 | ---- | M] () -- C:\Windows\system32\drivers\sS43NcfQ.sys

< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.exe /md5 >

< "%WinDir%\$NtUninstallKB*$." /30 >

< %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[19 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\Application Data /s >

< %PROGRAMFILES%\*. >
[2011/12/31 01:03:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\7-Zip
[2011/12/18 22:59:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ABBYY FineReader for ScanSnap
[2012/02/17 21:45:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acoolsoft
[2011/12/13 17:04:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/11/15 22:54:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe Download Assistant
[2011/12/14 10:54:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe Story
[2012/01/23 00:53:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Android
[2011/07/02 17:43:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010/12/14 22:00:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2011/09/29 17:33:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
[2011/10/11 20:19:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2011/12/20 21:03:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Brother
[2011/12/20 21:03:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Brownie
[2011/07/02 22:08:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Carbonite
[2012/08/21 09:53:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
[2012/08/26 17:30:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2012/05/06 15:24:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2010/12/14 22:07:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2011/03/06 22:40:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Feedback Tool
[2011/12/18 23:58:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fujitsu
[2012/03/31 11:48:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GameTap Web Player
[2012/03/31 23:30:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2011/12/06 11:01:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2011/12/26 01:52:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HMA! Pro VPN
[2010/12/14 22:01:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hp
[2010/12/14 22:20:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2012/02/11 23:44:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iLivid
[2012/02/05 12:55:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/08/16 03:22:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/12/19 00:44:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intuit
[2012/07/24 14:45:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/12/19 00:06:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010/12/14 22:23:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\K-NFB Reading Technology Inc
[2011/12/19 00:09:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KnowledgeLake
[2012/08/06 19:28:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/04/26 20:10:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/02/19 21:42:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/02/15 03:19:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2011/07/01 16:26:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft LifeCam
[2011/02/21 09:03:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/06/13 13:15:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/06/16 09:01:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server
[2010/12/14 22:26:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/05/04 14:52:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2010/12/14 22:14:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft WSE
[2012/06/16 09:03:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/02/06 21:30:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2011/12/13 16:43:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\My Company Name
[2011/02/06 20:30:52 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2011/12/18 22:50:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PFU
[2010/12/14 22:23:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PlayReady
[2012/07/24 14:37:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2012/02/08 18:46:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Rankerizer
[2010/12/14 21:57:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2012/03/12 22:49:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Retrogamer_4wEI
[2012/07/24 14:47:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Safari
[2012/02/10 14:51:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung
[2011/02/09 23:30:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ScanSoft
[2012/08/24 16:15:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Stamps.com Internet Postage
[2011/10/26 05:31:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
[2010/12/14 21:57:58 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2012/07/14 17:58:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\UnHackMe
[2009/07/13 21:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2009/07/13 22:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/03/31 06:01:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2011/06/30 09:37:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2011/06/30 09:37:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/06/30 09:37:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2011/06/30 09:37:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/06/30 09:37:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/12/22 15:33:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Zint

< %appdata%\*.* >
[2012/01/24 18:51:40 | 000,000,132 | ---- | M] () -- C:\Users\JASON\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/01/11 02:44:53 | 000,000,132 | ---- | M] () -- C:\Users\JASON\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/06/07 00:20:10 | 000,001,854 | ---- | M] () -- C:\Users\JASON\AppData\Roaming\GhostObjGAFix.xml

< MD5 for: AFD.SYS >
[2011/12/27 20:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\SysNative\drivers\afd.sys
[2011/12/27 20:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2011/12/27 21:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2011/04/24 19:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
[2009/07/13 16:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2011/12/27 21:01:12 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=CCA39961E76B491DDF44B1E90FC8971D -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys
[2010/11/20 02:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011/04/24 19:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011/12/27 20:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=DB9D6C6B2CD95A9CA414D045B627422E -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys
[2011/04/24 20:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[2011/04/24 19:44:27 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=FBFF8B7C9D116229E9208A0D1CAEB49B -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2012/04/23 21:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2012/04/23 21:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\SysWOW64\cryptsvc.dll
[2012/04/23 21:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/20 06:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/23 21:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/23 22:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2012/04/23 22:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\SysNative\cryptsvc.dll
[2012/04/23 22:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012/04/23 21:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009/07/13 18:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/13 18:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 05:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/23 22:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012/04/23 22:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012/04/23 22:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012/04/23 21:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll