Solved Google hijack problem

K

Kergath

Posts: 13   +0
I'm having issues with a google hijack. I also performed a system restore recently and skype is no longer working for me either. Not sure if they are related issues.

Here's the logs:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7765

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

9/21/2011 4:10:36 PM
mbam-log-2011-09-21 (16-10-36).txt

Scan type: Quick scan
Objects scanned: 179256
Time elapsed: 1 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-21 17:16:33
Windows 6.1.7601 Service Pack 1
Running: gmer.exe; Driver: C:\Users\Derek\AppData\Local\Temp\ugloapow.sys


---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3881011562-596480335-2157353384-1000@RefCount 6
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Program Files\Electronic Arts\Mass Effect\x2122 2\Engine\Localization\DEU\Binaries\Uninstall-3DSexVilla2-Everlust-111.001.exe 1
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Derek\Desktop\The.Matrix.Path.Of.Neo.PC.Game(djDEVASTATE\x2122)\EAX4Unified_redist_4001.exe 1

---- EOF - GMER 1.0.15 ----

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_27
Run by Derek at 17:17:37 on 2011-09-21
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3327.1628 [GMT -7:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Steam\Steam.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\LOLReplay\LOLRecorder.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:57596
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - c:\program files\xfin_portal\auxi\comcastAu.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
uRun: [ComcastAntispyClient] "c:\program files\comcasttb\comcastspywarescan\ComcastAntispy.exe" /hide
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NBAgent] "c:\program files\nero\nero 10\nero backitup\NBAgent.exe" /WinStart
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\derek\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\derek\appdata\roaming\micros~1\windows\startm~1\programs\startup\regist~1.lnk - c:\program files\ubisoft\heroes of might and magic v\registration\RegistrationReminder.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\lolrec~1.lnk - c:\program files\lolreplay\LOLRecorder.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.87.85.102 68.87.69.150
TCP: Interfaces\{B9F0FE0F-5863-4129-8C64-B45E1ABD637E} : DhcpNameServer = 68.87.85.102 68.87.69.150
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\derek\appdata\roaming\mozilla\firefox\profiles\xkctxi5h.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.leagueoflegends.com/
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\sony\media go\npmediago.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsld11b1a23;MpKsld11b1a23;c:\programdata\microsoft\microsoft antimalware\definition updates\{200a9b08-317b-4d6c-a560-f4da4bde9784}\MpKsld11b1a23.sys [2011-9-21 28752]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-7-18 116608]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-1-26 176128]
R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-3-29 598312]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-1-26 7566848]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-1-26 238592]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-6-23 275048]
R3 ugloapow;ugloapow;c:\users\derek\appdata\local\temp\ugloapow.sys [2011-9-21 100864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-3-6 39272]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-3-6 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-6 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-6 1343400]
.
=============== Created Last 30 ================
.
2011-09-22 00:00:37 -------- d-----w- C:\gmer
2011-09-21 23:35:48 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{12df84b1-c9fc-4923-affc-e72e9195c206}\gapaengine.dll
2011-09-21 23:35:48 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{200a9b08-317b-4d6c-a560-f4da4bde9784}\MpKsld11b1a23.sys
2011-09-21 23:35:44 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{200a9b08-317b-4d6c-a560-f4da4bde9784}\offreg.dll
2011-09-21 23:35:42 7269712 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{200a9b08-317b-4d6c-a560-f4da4bde9784}\mpengine.dll
2011-09-21 23:33:36 -------- d-----w- c:\program files\Microsoft Security Client
2011-09-21 23:12:30 -------- d-----w- c:\users\derek\appdata\roaming\SUPERAntiSpyware.com
2011-09-21 23:12:16 -------- d-----w- c:\programdata\!SASCORE
2011-09-21 23:12:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-09-21 23:12:14 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-21 23:06:11 -------- d-sh--w- C:\$RECYCLE.BIN
2011-09-21 23:05:56 -------- d-----w- c:\users\derek\appdata\local\temp
2011-09-21 22:07:51 98816 ----a-w- c:\windows\sed.exe
2011-09-21 22:07:51 518144 ----a-w- c:\windows\SWREG.exe
2011-09-21 22:07:51 256000 ----a-w- c:\windows\PEV.exe
2011-09-21 22:07:51 208896 ----a-w- c:\windows\MBR.exe
2011-09-21 22:06:43 -------- d-----w- C:\ComboFix
2011-09-21 21:27:21 -------- dc----w- c:\programdata\{9937DA50-1322-492A-A1C8-1911CDD1BD57}
2011-09-21 21:23:09 -------- d-----w- c:\users\derek\appdata\roaming\Malwarebytes
2011-09-21 21:22:57 -------- d-----w- c:\programdata\Malwarebytes
2011-09-21 21:22:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-15 01:17:21 -------- d-----w- c:\program files\Ventrilo
2011-09-13 04:01:32 -------- d-----w- c:\windows\system32\appmgmt
2011-08-26 22:47:18 -------- d-----w- c:\program files\common files\scanner
2011-08-26 22:47:17 -------- d-----w- c:\program files\comcasttb
2011-08-26 22:47:06 -------- d-----w- c:\program files\CA
2011-08-26 22:47:05 -------- d-----w- c:\windows\Downloaded Installations
2011-08-26 22:45:15 -------- d-----w- c:\program files\xfin_portal
2011-08-26 22:42:02 -------- d-----w- c:\users\derek\appdata\local\SupportSoft
2011-08-26 22:40:24 -------- d-----w- c:\program files\common files\SupportSoft
2011-08-26 22:40:24 -------- d-----w- c:\program files\ComcastUI
2011-08-24 13:21:39 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2011-08-17 14:59:55 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-22 04:54:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-19 12:05:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:30:00 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-29 13:54:54 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-24 04:27:01 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-06-24 04:22:20 271360 ----a-w- c:\windows\system32\conhost.exe
.
============= FINISH: 17:29:31.37 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 3/5/2011 7:18:58 PM
System Uptime: 9/21/2011 4:23:19 PM (1 hours ago)
.
Motherboard: ECS | | G31T-M7
Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz | CPU 1 | 2203/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 931 GiB total, 734.219 GiB free.
D: is CDROM (UDF)
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslf4c8274d
Device ID: ROOT\LEGACY_MPKSLF4C8274D\0000
Manufacturer:
Name: MpKslf4c8274d
PNP Device ID: ROOT\LEGACY_MPKSLF4C8274D\0000
Service: MpKslf4c8274d
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsla4511d04
Device ID: ROOT\LEGACY_MPKSLA4511D04\0000
Manufacturer:
Name: MpKsla4511d04
PNP Device ID: ROOT\LEGACY_MPKSLA4511D04\0000
Service: MpKsla4511d04
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl68c83548
Device ID: ROOT\LEGACY_MPKSL68C83548\0000
Manufacturer:
Name: MpKsl68c83548
PNP Device ID: ROOT\LEGACY_MPKSL68C83548\0000
Service: MpKsl68c83548
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl03249d40
Device ID: ROOT\LEGACY_MPKSL03249D40\0000
Manufacturer:
Name: MpKsl03249d40
PNP Device ID: ROOT\LEGACY_MPKSL03249D40\0000
Service: MpKsl03249d40
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslfa593dc8
Device ID: ROOT\LEGACY_MPKSLFA593DC8\0000
Manufacturer:
Name: MpKslfa593dc8
PNP Device ID: ROOT\LEGACY_MPKSLFA593DC8\0000
Service: MpKslfa593dc8
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsla646d26e
Device ID: ROOT\LEGACY_MPKSLA646D26E\0000
Manufacturer:
Name: MpKsla646d26e
PNP Device ID: ROOT\LEGACY_MPKSLA646D26E\0000
Service: MpKsla646d26e
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl040600f4
Device ID: ROOT\LEGACY_MPKSL040600F4\0000
Manufacturer:
Name: MpKsl040600f4
PNP Device ID: ROOT\LEGACY_MPKSL040600F4\0000
Service: MpKsl040600f4
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl055c88b5
Device ID: ROOT\LEGACY_MPKSL055C88B5\0000
Manufacturer:
Name: MpKsl055c88b5
PNP Device ID: ROOT\LEGACY_MPKSL055C88B5\0000
Service: MpKsl055c88b5
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslfe828125
Device ID: ROOT\LEGACY_MPKSLFE828125\0000
Manufacturer:
Name: MpKslfe828125
PNP Device ID: ROOT\LEGACY_MPKSLFE828125\0000
Service: MpKslfe828125
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl093a1754
Device ID: ROOT\LEGACY_MPKSL093A1754\0000
Manufacturer:
Name: MpKsl093a1754
PNP Device ID: ROOT\LEGACY_MPKSL093A1754\0000
Service: MpKsl093a1754
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslaecd84cb
Device ID: ROOT\LEGACY_MPKSLAECD84CB\0000
Manufacturer:
Name: MpKslaecd84cb
PNP Device ID: ROOT\LEGACY_MPKSLAECD84CB\0000
Service: MpKslaecd84cb
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl39161332
Device ID: ROOT\LEGACY_MPKSL39161332\0000
Manufacturer:
Name: MpKsl39161332
PNP Device ID: ROOT\LEGACY_MPKSL39161332\0000
Service: MpKsl39161332
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl0e0bea13
Device ID: ROOT\LEGACY_MPKSL0E0BEA13\0000
Manufacturer:
Name: MpKsl0e0bea13
PNP Device ID: ROOT\LEGACY_MPKSL0E0BEA13\0000
Service: MpKsl0e0bea13
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslc36014d0
Device ID: ROOT\LEGACY_MPKSLC36014D0\0000
Manufacturer:
Name: MpKslc36014d0
PNP Device ID: ROOT\LEGACY_MPKSLC36014D0\0000
Service: MpKslc36014d0
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl47300ffd
Device ID: ROOT\LEGACY_MPKSL47300FFD\0000
Manufacturer:
Name: MpKsl47300ffd
PNP Device ID: ROOT\LEGACY_MPKSL47300FFD\0000
Service: MpKsl47300ffd
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl4c25b95f
Device ID: ROOT\LEGACY_MPKSL4C25B95F\0000
Manufacturer:
Name: MpKsl4c25b95f
PNP Device ID: ROOT\LEGACY_MPKSL4C25B95F\0000
Service: MpKsl4c25b95f
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslca656fd9
Device ID: ROOT\LEGACY_MPKSLCA656FD9\0000
Manufacturer:
Name: MpKslca656fd9
PNP Device ID: ROOT\LEGACY_MPKSLCA656FD9\0000
Service: MpKslca656fd9
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl8bc51ca4
Device ID: ROOT\LEGACY_MPKSL8BC51CA4\0000
Manufacturer:
Name: MpKsl8bc51ca4
PNP Device ID: ROOT\LEGACY_MPKSL8BC51CA4\0000
Service: MpKsl8bc51ca4
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl4ef88ffd
Device ID: ROOT\LEGACY_MPKSL4EF88FFD\0000
Manufacturer:
Name: MpKsl4ef88ffd
PNP Device ID: ROOT\LEGACY_MPKSL4EF88FFD\0000
Service: MpKsl4ef88ffd
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl95e737cd
Device ID: ROOT\LEGACY_MPKSL95E737CD\0000
Manufacturer:
Name: MpKsl95e737cd
PNP Device ID: ROOT\LEGACY_MPKSL95E737CD\0000
Service: MpKsl95e737cd
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl58ff3399
Device ID: ROOT\LEGACY_MPKSL58FF3399\0000
Manufacturer:
Name: MpKsl58ff3399
PNP Device ID: ROOT\LEGACY_MPKSL58FF3399\0000
Service: MpKsl58ff3399
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsle4e1232a
Device ID: ROOT\LEGACY_MPKSLE4E1232A\0000
Manufacturer:
Name: MpKsle4e1232a
PNP Device ID: ROOT\LEGACY_MPKSLE4E1232A\0000
Service: MpKsle4e1232a
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl9b438dda
Device ID: ROOT\LEGACY_MPKSL9B438DDA\0000
Manufacturer:
Name: MpKsl9b438dda
PNP Device ID: ROOT\LEGACY_MPKSL9B438DDA\0000
Service: MpKsl9b438dda
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl1b1b7ebf
Device ID: ROOT\LEGACY_MPKSL1B1B7EBF\0000
Manufacturer:
Name: MpKsl1b1b7ebf
PNP Device ID: ROOT\LEGACY_MPKSL1B1B7EBF\0000
Service: MpKsl1b1b7ebf
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl9d6d5027
Device ID: ROOT\LEGACY_MPKSL9D6D5027\0000
Manufacturer:
Name: MpKsl9d6d5027
PNP Device ID: ROOT\LEGACY_MPKSL9D6D5027\0000
Service: MpKsl9d6d5027
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl002e5e40
Device ID: ROOT\LEGACY_MPKSL002E5E40\0000
Manufacturer:
Name: MpKsl002e5e40
PNP Device ID: ROOT\LEGACY_MPKSL002E5E40\0000
Service: MpKsl002e5e40
.
==== System Restore Points ===================
.
RP144: 9/14/2011 6:16:17 PM - Installed Ventrilo Client
RP145: 9/15/2011 12:23:59 AM - Windows Update
RP146: 9/17/2011 12:32:34 AM - Removed Skype™ 5.5
RP147: 9/19/2011 2:42:55 AM - Windows Update
RP148: 9/21/2011 1:35:21 PM - Restore Operation
RP149: 9/21/2011 1:52:51 PM - Windows Update
RP150: 9/21/2011 2:13:24 PM - Installed Ad-Aware
RP151: 9/21/2011 2:22:18 PM - Installed Ad-Aware
RP152: 9/21/2011 2:23:58 PM - Installed Ad-Aware
RP154: 9/21/2011 3:02:05 PM - Removed Ad-Aware
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
7-Zip 9.20
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.6
Adobe Shockwave Player 11.5
Akamai NetSession Interface
Any Video Converter 3.2.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bloodline Champions
Bonjour
Borderlands
Brink
BufferChm
CA Pest Patrol Realtime Protection
Click to Call with Skype
Clone2Go Video Converter Free Version 1.3.8
Comcast Desktop Software (v1.2.0.9)
Copy
Dead Island
Definition update for Microsoft Office 2010 (KB982726)
Destinations
DeviceDiscovery
DJ_AIO_06_F2400_SW_Min
Dragon Age II
Dual-Core Optimizer
EA Installer
EA Shared Game Component: Activation
EasyBits GO
EAX4 Unified Redist
F2400
Fallout: New Vegas
ffdshow [rev 2527] [2008-12-19]
GPBaseService2
Groove Games\Land Of The Dead
Heroes of Might and Magic V
High-Definition Video Playback
HP Customer Participation Program 13.0
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
iTunes
Java Auto Updater
Java(TM) 6 Update 27
Killing Floor
League of Legends
Left 4 Dead
LOLReplay
LOTD Update Pack #2 (3/6/06)
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Mass Effect 2
Media Go
Media Go Video Playback Engine 1.64.105.02280
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.0
Microsoft IntelliType Pro 8.0
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft XNA Framework Redistributable 3.1
Mozilla Firefox 6.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack Basic
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero CoverDesigner 10 Help (CHM)
Nero DiscCopy Gadget 10
Nero DiscCopyGadget 10 Help (CHM)
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Dolby Files 10
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero Kwik Media
Nero Multimedia Suite 10
Nero Recode 10
Nero Recode 10 Help (CHM)
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero SoundTrax 10
Nero SoundTrax 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Vision 10
Nero Vision 10 Help (CHM)
Nero WaveEditor 10
Nero WaveEditor 10 Help (CHM)
NeroKwikMedia Help (CHM)
NVIDIA PhysX
Origin
Pando Media Booster
Pcsx2 0.9.6
PlayStation(R)Network Downloader
PlayStation(R)Store
QuickTime
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Shop for HP Supplies
Skype™ 5.5
SmartWebPrinting
SolutionCenter
Spybot - Search & Destroy
StarCraft II
Status
Steam
SUPERAntiSpyware
The Witcher: Enhanced Edition
Titan Quest
Titan Quest Immortal Throne
Toolbox
TrayApp
Update for Microsoft Office 2010 (KB2494150)
Vampire - The Masquerade Bloodlines
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebReg
Windows Live ID Sign-in Assistant
WinRAR archiver
XFINITY Toolbar
.
==== Event Viewer Messages From Past Week ========
.
9/21/2011 6:46:32 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
9/21/2011 3:49:02 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
9/21/2011 2:26:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Lavasoft Ad-Aware Service service to connect.
9/21/2011 2:26:09 PM, Error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/21/2011 2:24:27 PM, Error: Service Control Manager [7000] - The Lbd service failed to start due to the following error: The system cannot find the file specified.
9/21/2011 1:42:41 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
9/21/2011 1:42:04 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0
9/21/2011 1:36:27 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{f1ed7c9d-4799-11e0-aa2f-806e6f6e6963}\System Volume Information\SystemRestore\New-software' was corrupted and it has been recovered. Some data might have been lost.
9/20/2011 11:44:08 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
9/20/2011 11:43:38 AM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom1.
9/19/2011 2:32:42 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
9/19/2011 11:26:00 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
9/18/2011 9:37:49 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
9/16/2011 11:11:15 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
9/16/2011 11:11:07 AM, Error: Service Control Manager [7023] - The iPod Service service terminated with the following error: %%-2147417831
9/15/2011 6:57:18 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
9/15/2011 12:01:28 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{f1ed7c9d-4799-11e0-aa2f-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{94CA31F5-87EC-4744-B3D5-AA66816102F0}' was corrupted and it has been recovered. Some data might have been lost.
9/14/2011 6:29:51 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
.
==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================================================

You're running two AV programs, Lavasoft Ad-Watch Live! Anti-Virus and MSE.
One of them has to go.
I suggest Lavasoft goes.

Then....

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan:


On completion of the scan click "Save log", save it to your desktop and post in your next reply:


NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
I got an error when trying to run aswMBR though i'll post the log that it produced:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-21 20:04:38
-----------------------------
20:04:38.297 OS Version: Windows 6.1.7601 Service Pack 1
20:04:38.297 Number of processors: 2 586 0xF0D
20:04:38.312 ComputerName: DEREK-PC UserName: Derek
20:04:57.282 Initialze error 0 - driver not loaded
20:08:02.649 AVAST engine defs: 11092101
20:08:28.326 Scan error: Incorrect function.
20:09:20.259 The log file has been saved successfully to "C:\Users\Derek\Desktop\aswMBR.txt"

I uninstalled ad-aware and i disabled microsoft security essentials before i ran ComboFix but it told me it was still running but i ran anyways.

ComboFix 11-09-21.04 - Derek 09/21/2011 20:22:59.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3327.1988 [GMT -7:00]
Running from: c:\users\Derek\Downloads\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-08-22 to 2011-09-22 )))))))))))))))))))))))))))))))
.
.
2011-09-22 03:53 . 2011-09-22 03:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-22 01:33 . 2011-09-22 01:33 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{200A9B08-317B-4D6C-A560-F4DA4BDE9784}\MpKsl76d0532d.sys
2011-09-22 01:33 . 2011-09-22 01:33 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{200A9B08-317B-4D6C-A560-F4DA4BDE9784}\offreg.dll
2011-09-22 00:00 . 2011-09-22 00:00 -------- d-----w- C:\gmer
2011-09-21 23:35 . 2011-09-21 23:35 439632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12DF84B1-C9FC-4923-AFFC-E72E9195C206}\gapaengine.dll
2011-09-21 23:35 . 2011-09-12 23:14 7269712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{200A9B08-317B-4D6C-A560-F4DA4BDE9784}\mpengine.dll
2011-09-21 23:33 . 2011-09-21 23:33 -------- d-----w- c:\program files\Microsoft Security Client
2011-09-21 23:12 . 2011-09-21 23:12 -------- d-----w- c:\users\Derek\AppData\Roaming\SUPERAntiSpyware.com
2011-09-21 23:05 . 2011-09-22 03:53 -------- d-----w- c:\users\Derek\AppData\Local\temp
2011-09-21 21:27 . 2011-09-21 21:27 -------- dc----w- c:\programdata\{9937DA50-1322-492A-A1C8-1911CDD1BD57}
2011-09-21 21:23 . 2011-09-21 21:23 -------- d-----w- c:\users\Derek\AppData\Roaming\Malwarebytes
2011-09-21 21:22 . 2011-09-21 21:22 -------- d-----w- c:\programdata\Malwarebytes
2011-09-21 21:22 . 2011-09-21 21:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-17 07:25 . 2011-09-21 20:40 -------- d-----w- c:\users\Derek\AppData\Roaming\Ventrilo
2011-09-15 01:17 . 2011-09-21 20:40 -------- d-----w- c:\program files\Ventrilo
2011-09-13 09:34 . 2011-09-13 09:34 -------- d-----w- c:\windows\Sun
2011-08-26 22:47 . 2011-08-26 22:47 -------- d-----w- c:\program files\Common Files\scanner
2011-08-26 22:47 . 2011-08-26 22:47 -------- d-----w- c:\program files\comcasttb
2011-08-26 22:47 . 2011-08-26 22:47 -------- d-----w- c:\program files\CA
2011-08-26 22:47 . 2011-08-26 22:47 -------- d-----w- c:\windows\Downloaded Installations
2011-08-26 22:45 . 2011-09-22 00:59 -------- d-----w- c:\program files\xfin_portal
2011-08-26 22:42 . 2011-09-13 05:29 -------- d-----w- c:\users\Derek\AppData\Local\SupportSoft
2011-08-26 22:40 . 2011-08-26 22:40 -------- d-----w- c:\program files\Common Files\SupportSoft
2011-08-26 22:40 . 2011-08-26 22:40 -------- d-----w- c:\program files\ComcastUI
2011-08-24 13:21 . 2011-07-09 04:29 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-17 14:59 . 2011-05-19 21:53 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-22 04:54 . 2011-08-10 04:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-19 12:05 . 2011-06-17 01:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-16 04:27 . 2011-08-10 04:15 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 04:15 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 04:15 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:30 . 2011-08-10 04:15 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-29 13:54 . 2011-03-31 03:51 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-24 04:27 . 2011-08-10 04:15 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-06-24 04:22 . 2011-08-10 04:15 271360 ----a-w- c:\windows\system32\conhost.exe
2011-09-08 03:21 . 2011-03-27 23:38 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-21_22.49.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-06 04:04 . 2011-09-22 01:35 58748 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2011-09-22 01:35 54936 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-03-06 02:57 . 2011-09-22 01:35 15222 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3881011562-596480335-2157353384-1000_UserData.bin
+ 2011-04-27 22:25 . 2011-04-27 22:25 65024 c:\windows\System32\drivers\NisDrvWFP.sys
+ 2011-04-18 20:18 . 2011-04-18 20:18 43392 c:\windows\System32\drivers\MpNWMon.sys
- 2011-03-06 02:39 . 2011-09-21 21:31 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-06 02:39 . 2011-09-22 01:33 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-06 02:39 . 2011-09-22 01:33 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-03-06 02:39 . 2011-09-21 21:31 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:41 . 2011-09-22 01:33 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2011-09-21 21:31 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-06 02:50 . 2011-09-22 01:35 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-03-06 02:50 . 2011-09-21 21:35 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:34 . 2011-09-21 21:36 87488 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:34 . 2011-09-22 01:36 87488 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-03-06 02:50 . 2011-09-22 01:35 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-03-06 02:50 . 2011-09-21 21:35 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-03-06 02:50 . 2011-09-22 01:35 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-03-06 02:50 . 2011-09-21 21:35 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-03-06 02:51 . 2011-09-21 22:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-06 02:51 . 2011-09-22 03:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-03-06 02:51 . 2011-09-21 22:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-06 02:51 . 2011-09-22 03:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-04-06 23:48 . 2011-04-06 23:48 11120 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
+ 2011-05-17 16:27 . 2011-05-17 16:27 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2011-04-12 22:11 . 2011-04-12 22:11 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-05-17 16:27 . 2011-05-17 16:27 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
- 2010-03-18 20:16 . 2010-03-18 20:16 44368 c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-08-10 05:07 . 2011-08-10 05:07 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-08-10 05:07 . 2011-08-10 05:07 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-07-21 19:43 . 2011-07-21 19:43 27648 c:\windows\Installer\a3af0.msp
- 2011-03-21 00:58 . 2011-08-10 05:09 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-09-22 01:49 . 2011-09-22 01:49 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\5e66ba90ab2f24317ca76582f3ea3948\UIAutomationProvider.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\c42639bd8c7c7855c4d11be1f0ccdf97\System.Windows.Presentation.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\3be20b4f9e9df41aaea426041f4f410a\System.Web.ApplicationServices.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3bea7a34d24b4dc1e3925b0b9bc9d45b\System.ServiceModel.Channels.ni.dll
+ 2011-09-22 01:50 . 2011-09-22 01:50 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\882adb9ad5e9b434ef926193f595e757\System.AddIn.Contract.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\7ee890ba3e1869ab04930948df453d3f\Microsoft.VisualC.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\950b5b880e8d8af1709f06b6a1a854a0\Accessibility.ni.dll
- 2011-08-10 18:17 . 2011-08-10 18:17 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\4a63fb97b3c648a28b8047697869ee7d\UIAutomationProvider.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\4a63fb97b3c648a28b8047697869ee7d\UIAutomationProvider.ni.dll
- 2011-08-10 22:06 . 2011-08-10 22:06 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3ef94ae15e7d80bb818934265bb90c10\System.Windows.Presentation.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3ef94ae15e7d80bb818934265bb90c10\System.Windows.Presentation.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\dd2bb107a0bbac08a0ccaf93c8bb7490\System.Web.DynamicData.Design.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\dd2bb107a0bbac08a0ccaf93c8bb7490\System.Web.DynamicData.Design.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\54d33aa6cf3af2d6e28c7d46c0ce363f\System.ComponentModel.DataAnnotations.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\54d33aa6cf3af2d6e28c7d46c0ce363f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e88e6ace53ab318210c1657483321e40\System.AddIn.Contract.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e88e6ace53ab318210c1657483321e40\System.AddIn.Contract.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\cd32e850b908317981c109dd20a0d5b2\stdole.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\cd32e850b908317981c109dd20a0d5b2\stdole.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\fe7afc935e0c66172577a1ded815993b\PresentationFontCache.ni.exe
- 2011-08-10 22:04 . 2011-08-10 22:04 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\fe7afc935e0c66172577a1ded815993b\PresentationFontCache.ni.exe
- 2011-08-10 18:17 . 2011-08-10 18:17 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\e5c56e2a79ebb350e0aa6805f4d5e649\PresentationCFFRasterizer.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\e5c56e2a79ebb350e0aa6805f4d5e649\PresentationCFFRasterizer.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\69b036f1479a9aa93430f2d1676032b2\napcrypt.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\69b036f1479a9aa93430f2d1676032b2\napcrypt.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\a698e95f7aee68b567b029c993c82fdf\Microsoft.WSMan.Runtime.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\a698e95f7aee68b567b029c993c82fdf\Microsoft.WSMan.Runtime.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\f5cca6362e06e2309a6e9178394f7a8b\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\f5cca6362e06e2309a6e9178394f7a8b\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d9b43f70e7e938a37e2e5d8565d799c8\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d9b43f70e7e938a37e2e5d8565d799c8\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d1bea82d1c7c4915105caf1f24beebf1\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\d1bea82d1c7c4915105caf1f24beebf1\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cd8db1ed1e76bc6dd03076974c9193fd\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\cd8db1ed1e76bc6dd03076974c9193fd\Microsoft.Windows.Diagnosis.SDHost.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\7d5196989f1f33459333fd90719bebb0\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\7d5196989f1f33459333fd90719bebb0\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\6e586e1d91803407aa5a99fb6a4fec25\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\6e586e1d91803407aa5a99fb6a4fec25\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\405aa271df15b8ce1b0b970f37687152\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\405aa271df15b8ce1b0b970f37687152\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\2ac41c859d5e5e84993a555e3eeaea90\Microsoft.Vsa.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\2ac41c859d5e5e84993a555e3eeaea90\Microsoft.Vsa.ni.dll
- 2011-08-10 18:58 . 2011-08-10 18:58 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\fa0ab046907e7ed154ce2ba749eebb52\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\fa0ab046907e7ed154ce2ba749eebb52\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f356c4455ca50bd2b3d1707214229ad8\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f356c4455ca50bd2b3d1707214229ad8\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
- 2011-08-10 18:58 . 2011-08-10 18:58 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c5a915e87a37fdedf41ac24ee5f97bb1\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c5a915e87a37fdedf41ac24ee5f97bb1\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
- 2011-08-10 18:58 . 2011-08-10 18:58 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b282b2b3144437e0322d3c6c29e734d6\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b282b2b3144437e0322d3c6c29e734d6\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8d721ab82f8d49ed7d3fcc4f547cee5d\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8d721ab82f8d49ed7d3fcc4f547cee5d\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 84992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\772e59f6bfc61473ac9d7e0223eb5f83\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\51705dba55e430dd088a76e7c07f8d3e\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\51705dba55e430dd088a76e7c07f8d3e\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3534f931f053ffd10f687f48170cd9c0\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3534f931f053ffd10f687f48170cd9c0\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1bae59136b7143a0a5dd3d927d9ed4bd\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1bae59136b7143a0a5dd3d927d9ed4bd\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0c0a573d4a6aba73f2916a1d9e56bfb3\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0c0a573d4a6aba73f2916a1d9e56bfb3\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
- 2011-08-10 05:11 . 2011-08-10 05:11 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f7ce61c1a288adc4c39512d9f6767daf\Microsoft.VisualC.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f7ce61c1a288adc4c39512d9f6767daf\Microsoft.VisualC.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\e2aa50d1e49dd00b728aa499e89b2850\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\e2aa50d1e49dd00b728aa499e89b2850\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\d0a9152ccf7fdbbff625ca972783ece8\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\d0a9152ccf7fdbbff625ca972783ece8\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\6a8f81602a36f184aa50eb8afdc297cd\Microsoft.Office.InfoPath.Permission.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\6a8f81602a36f184aa50eb8afdc297cd\Microsoft.Office.InfoPath.Permission.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 95232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\c0f026e83b07888411e78488c610bd67\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 95232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\c0f026e83b07888411e78488c610bd67\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\ad899316f7d4bf50e407ccf443c8f4a7\Microsoft.MediaCenter.iTv.Hosting.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\ad899316f7d4bf50e407ccf443c8f4a7\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9152d7f0adafac97d853647ca783b8e4\Microsoft.Build.Framework.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9152d7f0adafac97d853647ca783b8e4\Microsoft.Build.Framework.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\5c219cc49d452997a91d916309511e68\Microsoft.Build.Framework.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\5c219cc49d452997a91d916309511e68\Microsoft.Build.Framework.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft-Windows-H#\79448418d20d1b98196b184372c9e4ff\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft-Windows-H#\79448418d20d1b98196b184372c9e4ff\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 23552 c:\windows\assembly\NativeImages_v2.0.50727_32\LoadMxf\ec98b5a1ea933fc3f5db6cae3051dbd4\LoadMxf.ni.exe
+ 2011-09-22 01:45 . 2011-09-22 01:45 23552 c:\windows\assembly\NativeImages_v2.0.50727_32\LoadMxf\ec98b5a1ea933fc3f5db6cae3051dbd4\LoadMxf.ni.exe
- 2011-08-10 22:02 . 2011-08-10 22:02 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\ipdmctrl\f300d829828ecb386ecc5b972641e44c\ipdmctrl.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\ipdmctrl\f300d829828ecb386ecc5b972641e44c\ipdmctrl.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\ac010bace23545b3a5b1825e5c7b046e\ehiUserXp.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\ac010bace23545b3a5b1825e5c7b046e\ehiUserXp.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUPnP\43878a7234dc290fe15d91a9e66b77ad\ehiUPnP.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUPnP\43878a7234dc290fe15d91a9e66b77ad\ehiUPnP.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiTVMSMusic\cd13468601c6297aa590494b3b08ff10\ehiTVMSMusic.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiTVMSMusic\cd13468601c6297aa590494b3b08ff10\ehiTVMSMusic.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 82432 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiiTv\be26ca008ddeb09baf776fd6840cb912\ehiiTv.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 82432 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiiTv\be26ca008ddeb09baf776fd6840cb912\ehiiTv.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 33792 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiBmlDataCarousel\271614702adb380f0b93f287ca955dbf\ehiBmlDataCarousel.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 33792 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiBmlDataCarousel\271614702adb380f0b93f287ca955dbf\ehiBmlDataCarousel.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiActivScp\ddf9461986193e36c2bbe7bd39fc2d66\ehiActivScp.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiActivScp\ddf9461986193e36c2bbe7bd39fc2d66\ehiActivScp.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\027211443c6da8187fe92e682c048cd5\dfsvc.ni.exe
+ 2011-09-22 01:44 . 2011-09-22 01:44 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\027211443c6da8187fe92e682c048cd5\dfsvc.ni.exe
+ 2011-09-22 01:43 . 2011-09-22 01:43 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\AuditPolicyGPManage#\8286e5ea12f08f351f0d00280de1beba\AuditPolicyGPManagedStubs.Interop.ni.dll
- 2011-08-10 05:11 . 2011-08-10 05:11 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\AuditPolicyGPManage#\8286e5ea12f08f351f0d00280de1beba\AuditPolicyGPManagedStubs.Interop.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\b614f2d2f13857c09c98b02944fc1c41\Accessibility.ni.dll
- 2011-08-10 05:11 . 2011-08-10 05:11 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\b614f2d2f13857c09c98b02944fc1c41\Accessibility.ni.dll
+ 2011-09-22 01:33 . 2011-09-22 01:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-09-21 21:31 . 2011-09-21 21:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-09-21 21:31 . 2011-09-21 21:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-22 01:33 . 2011-09-22 01:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-09-22 01:51 . 2011-09-22 01:51 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\1a890e72269abe36365d861bca8fca70\System.Xml.Serialization.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\e335cdfdb3e46fb0f75cb2ce83dabf48\dfsvc.ni.exe
+ 2011-09-21 20:51 . 2011-07-27 05:47 361472 c:\windows\winsxs\x86_microsoft-windows-d..nese-eacommonapijpn_31bf3856ad364e35_6.1.7601.21779_none_9448d5bb47afabae\IMJPAPI.DLL
+ 2011-09-21 20:51 . 2011-07-27 04:27 361472 c:\windows\winsxs\x86_microsoft-windows-d..nese-eacommonapijpn_31bf3856ad364e35_6.1.7601.17658_none_93d3d87e2e82baab\IMJPAPI.DLL
+ 2011-09-21 20:51 . 2011-07-27 04:27 361472 c:\windows\winsxs\x86_microsoft-windows-d..nese-eacommonapijpn_31bf3856ad364e35_6.1.7600.21016_none_92a02f814a5b7f59\IMJPAPI.DLL
+ 2011-09-21 20:51 . 2011-07-27 04:30 361472 c:\windows\winsxs\x86_microsoft-windows-d..nese-eacommonapijpn_31bf3856ad364e35_6.1.7600.16856_none_91eb7ae4315e1c11\IMJPAPI.DLL
+ 2009-07-14 02:05 . 2011-09-22 01:20 626040 c:\windows\System32\perfh009.dat
 
+ 2009-07-14 02:05 . 2011-09-22 01:20 107316 c:\windows\System32\perfc009.dat
+ 2011-09-21 20:51 . 2011-07-27 04:27 361472 c:\windows\System32\IME\IMEJP10\IMJPAPI.DLL
- 2009-07-13 23:26 . 2009-07-14 01:15 361472 c:\windows\System32\IME\IMEJP10\IMJPAPI.DLL
+ 2011-04-18 20:18 . 2011-04-18 20:18 165648 c:\windows\System32\drivers\MpFilter.sys
+ 2011-03-06 02:19 . 2011-09-22 01:33 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-03-06 02:19 . 2011-09-21 21:31 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:47 . 2011-09-22 01:32 387812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:47 . 2011-09-21 21:30 387812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-04-01 21:30 . 2011-09-22 01:01 773700 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3881011562-596480335-2157353384-1000-12288.dat
+ 2011-04-06 23:48 . 2011-04-06 23:48 236880 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
+ 2011-05-17 16:27 . 2011-05-17 16:27 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2011-04-12 22:11 . 2011-04-12 22:11 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-04-06 23:48 . 2011-04-06 23:48 191840 c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
+ 2011-05-17 16:27 . 2011-05-17 16:27 413520 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
+ 2011-05-17 16:27 . 2011-05-17 16:27 956240 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-05-17 16:27 . 2011-05-17 16:27 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
- 2011-04-12 22:11 . 2011-04-12 22:11 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2011-03-21 00:58 . 2011-09-22 01:25 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
+ 2011-09-22 01:52 . 2011-09-22 01:52 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\1b8d986036465b9f0db4fbaf8876ad72\WindowsFormsIntegration.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\7b9037ad1952bc81a382b2fcddd8320a\UIAutomationTypes.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\08b935a4ef1b64faec4e9739db313298\UIAutomationClient.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\0f5813c19bc6dc46e87c6beafb97d525\System.Xml.Linq.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\8681ad3f75515a261e7980d01ac5fa2e\System.Windows.Input.Manipulations.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\5314989a2066877016eaac44f927092c\System.Transactions.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\b784695a620842be9b660769dd43c898\System.ServiceProcess.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8671670b07fb8597048ef4aae0a5ede4\System.ServiceModel.Routing.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 736768 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\68dd8aa8c376dd3c44f8e56c3767ac1d\System.Security.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e8452df7471e5ba24ca642b4c4e1ef37\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\bbc34aac73481fc04fe9b7aff9927437\System.Runtime.Remoting.ni.dll
+ 2011-09-22 01:19 . 2011-09-22 01:19 145408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\21335cc2e54f4995b582cfa9d1efbcaa\System.Numerics.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\0db265c571d2baf9c46511b9955fa7c4\System.Net.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\5539ada158b0520c68ab8cbaa6dab8b2\System.Messaging.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\89a46fc2fa698580fd2fa81df5cd020a\System.Management.Instrumentation.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\e022b746f10ca855a632ff405f7f1259\System.IO.Log.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\a6518b3baf1d987d831c5fc1b295306d\System.IdentityModel.Selectors.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3c81550255199caad42b6927e52cbe20\System.EnterpriseServices.Wrapper.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3c81550255199caad42b6927e52cbe20\System.EnterpriseServices.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 377856 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\a0ced4a2cbd6aa8f9cf2a28b641e0300\System.Dynamic.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\8227f92f9e71e619b541050995617717\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\6ec8651192262a0732c9c187486e9fb9\System.DirectoryServices.Protocols.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\1652ce31226964496c1d5b5b4f69277e\System.Device.ni.dll
+ 2011-09-22 01:50 . 2011-09-22 01:50 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\5b1934fc32b50e5a42a64999d0b27112\System.Data.DataSetExtensions.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 982528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\786df9adb3752f8f67b90dedb60dc2a1\System.Configuration.ni.dll
+ 2011-09-22 01:50 . 2011-09-22 01:50 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\7a2a83b1625f100331691f44b6e9c3ab\System.Configuration.Install.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 693760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\eb22b58fc80ef55a2879bd6f121e9989\System.ComponentModel.Composition.ni.dll
+ 2011-09-22 01:50 . 2011-09-22 01:50 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\a3084fbf0204cd93a9d1e8722774f0b7\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-09-22 01:50 . 2011-09-22 01:50 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\6254a35e295c52224f7bdc9e5ac9c81f\System.AddIn.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2b905c99ccccb248a7653fabe4b55b09\System.Activities.DurableInstancing.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\51bdfe23e8b22bbed5fabfed9371b5b0\SMSvcHost.ni.exe
+ 2011-09-22 01:49 . 2011-09-22 01:49 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef32e2d63c908a8e4b21b30b2debcd03\SMDiagnostics.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 387072 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ac6b30fb021fe513bc7f5eb98874ab98\PresentationFramework.Royale.ni.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 309760 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ab273e4606367562d98caf792f366523\PresentationFramework.Classic.ni.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 595968 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\64d84a18bdebd88f137f11ec220748ff\PresentationFramework.Aero.ni.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 755712 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\08ffd91342eb8f789914456a3a0d29dd\PresentationFramework.Luna.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\43eb12b6198092efc2b8a030ace2e3f2\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\da0ae911ee95f4e67660e8e584ca8e7b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\8bd0bb7822eb2d50cb4c1a82a7f934e8\CustomMarshalers.ni.dll
- 2011-08-10 22:06 . 2011-08-10 22:06 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\41ccc24e8cc5f2474ce1105f0b8ebb78\WsatConfig.ni.exe
+ 2011-09-22 01:49 . 2011-09-22 01:49 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\41ccc24e8cc5f2474ce1105f0b8ebb78\WsatConfig.ni.exe
+ 2011-09-22 01:49 . 2011-09-22 01:49 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bb04320c07e3c71ac2d18cb382d97f41\WindowsFormsIntegration.ni.dll
- 2011-08-10 22:06 . 2011-08-10 22:06 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bb04320c07e3c71ac2d18cb382d97f41\WindowsFormsIntegration.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\8b3b6ed74cb3d94695b0eaf94a362d42\UIAutomationTypes.ni.dll
- 2011-08-10 18:17 . 2011-08-10 18:17 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\8b3b6ed74cb3d94695b0eaf94a362d42\UIAutomationTypes.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d63e6fb41aa502bf6724043e6ac1367f\UIAutomationClient.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d63e6fb41aa502bf6724043e6ac1367f\UIAutomationClient.ni.dll
- 2011-08-10 22:06 . 2011-08-10 22:06 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\1c1f731e8684204f56f37cc66b5bc60d\TaskScheduler.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\1c1f731e8684204f56f37cc66b5bc60d\TaskScheduler.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\b096bd83a66a8d1dcd761747730cc64c\System.Xml.Linq.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\b096bd83a66a8d1dcd761747730cc64c\System.Xml.Linq.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\efca1fd7e9df8e24c007cd003346e0e5\System.Web.Routing.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\efca1fd7e9df8e24c007cd003346e0e5\System.Web.Routing.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\66126f1309396535f2ba93f752016902\System.Web.RegularExpressions.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\66126f1309396535f2ba93f752016902\System.Web.RegularExpressions.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6c551bf6f7716b0f527f4274fb04cc2e\System.Web.Extensions.Design.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6c551bf6f7716b0f527f4274fb04cc2e\System.Web.Extensions.Design.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\03eda303152940cb2e78a0030cf572b5\System.Web.Entity.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\03eda303152940cb2e78a0030cf572b5\System.Web.Entity.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\7b93fe55a51f2a6010365a17546170bc\System.Web.Entity.Design.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\7b93fe55a51f2a6010365a17546170bc\System.Web.Entity.Design.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\979bf2cab91b5d50aef1525ca96ff690\System.Web.DynamicData.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\979bf2cab91b5d50aef1525ca96ff690\System.Web.DynamicData.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\067516a8300bb5fdbddb38cb9f6c934e\System.Web.Abstractions.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\067516a8300bb5fdbddb38cb9f6c934e\System.Web.Abstractions.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4e03de263f1fec29c4a7fa18986d0868\System.Transactions.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4e03de263f1fec29c4a7fa18986d0868\System.Transactions.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\86a2ec5efbcfcd1105475364d7975b15\System.ServiceProcess.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\86a2ec5efbcfcd1105475364d7975b15\System.ServiceProcess.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\c0d90fae726bca4f272ac9a2906b3741\System.Security.ni.dll
- 2011-08-10 18:16 . 2011-08-10 18:16 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\c0d90fae726bca4f272ac9a2906b3741\System.Security.ni.dll
- 2011-08-10 18:17 . 2011-08-10 18:17 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e47bab16c150f9697594d8fd65532578\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e47bab16c150f9697594d8fd65532578\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\e16f381a978103ac92bf64b99716c857\System.Net.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\e16f381a978103ac92bf64b99716c857\System.Net.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\ac9fe083b4cf11aab834d6654cdeb429\System.Messaging.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\ac9fe083b4cf11aab834d6654cdeb429\System.Messaging.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b95b509ac74958a1d8568293c3dc43ba\System.Management.Instrumentation.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b95b509ac74958a1d8568293c3dc43ba\System.Management.Instrumentation.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e083fdbcc88f5850290f2cf65ae1efae\System.IO.Log.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e083fdbcc88f5850290f2cf65ae1efae\System.IO.Log.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\736226563a7f564e4629e34d52b3d6c6\System.IdentityModel.Selectors.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\736226563a7f564e4629e34d52b3d6c6\System.IdentityModel.Selectors.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3a17291e4caa1a23f652129fc88e3dda\System.EnterpriseServices.Wrapper.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3a17291e4caa1a23f652129fc88e3dda\System.EnterpriseServices.Wrapper.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3a17291e4caa1a23f652129fc88e3dda\System.EnterpriseServices.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\3a17291e4caa1a23f652129fc88e3dda\System.EnterpriseServices.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\41d65038625368f089fc66b8a544f934\System.Drawing.Design.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\41d65038625368f089fc66b8a544f934\System.Drawing.Design.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\3c443dc0b8879bfe286a07f15060787f\System.DirectoryServices.Protocols.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\3c443dc0b8879bfe286a07f15060787f\System.DirectoryServices.Protocols.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1f6d55f401cfe7041f9fd3b4aebffa9b\System.DirectoryServices.AccountManagement.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1f6d55f401cfe7041f9fd3b4aebffa9b\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\0896f955eb175a4e0bfff73b94f57619\System.Data.Services.Design.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\0896f955eb175a4e0bfff73b94f57619\System.Data.Services.Design.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\8f130b77f8f47e23cd748679173bdf33\System.Data.Entity.Design.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\8f130b77f8f47e23cd748679173bdf33\System.Data.Entity.Design.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ad3f6eae36ce486187311de6836b4904\System.Data.DataSetExtensions.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ad3f6eae36ce486187311de6836b4904\System.Data.DataSetExtensions.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
- 2011-08-10 18:16 . 2011-08-10 18:16 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\81423a8207177ffcfac843f9d7b662d2\System.Configuration.Install.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\81423a8207177ffcfac843f9d7b662d2\System.Configuration.Install.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fc5edc97ac59d0d0d45bb9b623b9927b\System.AddIn.ni.dll
- 2011-08-10 18:58 . 2011-08-10 18:58 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fc5edc97ac59d0d0d45bb9b623b9927b\System.AddIn.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\88f0efe11487b846342fdee227f3da52\sysglobl.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\88f0efe11487b846342fdee227f3da52\sysglobl.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4a33aa8911167af5fcba60f1b02ad45b\SMSvcHost.ni.exe
+ 2011-09-22 01:47 . 2011-09-22 01:47 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4a33aa8911167af5fcba60f1b02ad45b\SMSvcHost.ni.exe
+ 2011-09-22 01:44 . 2011-09-22 01:44 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\b907dd027bbe99c5035b1d6355f83998\SMDiagnostics.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\b907dd027bbe99c5035b1d6355f83998\SMDiagnostics.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 294912 c:\windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\bebba13c472daad81b7e0e908d34e76f\SecurityAuditPoliciesSnapIn.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 294912 c:\windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\bebba13c472daad81b7e0e908d34e76f\SecurityAuditPoliciesSnapIn.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9997cb70ba2c05761f6196f65dae7588\PresentationFramework.Royale.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9997cb70ba2c05761f6196f65dae7588\PresentationFramework.Royale.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4c9a05d7eea9a270d51ffe6f9466d8f8\PresentationFramework.Luna.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4c9a05d7eea9a270d51ffe6f9466d8f8\PresentationFramework.Luna.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\16c2dcb95bda37843824b6b0d82d8ef6\PresentationFramework.Classic.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\16c2dcb95bda37843824b6b0d82d8ef6\PresentationFramework.Classic.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\7414a08bca5afde3f99fea854b32098f\napsnap.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\7414a08bca5afde3f99fea854b32098f\napsnap.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\380a55680ec523e5c32df8233cbbcca5\napinit.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\380a55680ec523e5c32df8233cbbcca5\napinit.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\8fcb3f856afb930c5add8498cadb4d13\naphlpr.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\8fcb3f856afb930c5add8498cadb4d13\naphlpr.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\46d3794a4a440f22cff17197648f6887\MSBuild.ni.exe
+ 2011-09-22 01:47 . 2011-09-22 01:47 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\46d3794a4a440f22cff17197648f6887\MSBuild.ni.exe
- 2011-08-10 22:02 . 2011-08-10 22:02 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\71b549afed40761f8be9075ca9ad8dd7\MMCFxCommon.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\71b549afed40761f8be9075ca9ad8dd7\MMCFxCommon.ni.dll
 
+ 2011-09-22 01:47 . 2011-09-22 01:47 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\1fc72faf9a51b47557273b0ffd7491f2\Microsoft.WSMan.Management.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\1fc72faf9a51b47557273b0ffd7491f2\Microsoft.WSMan.Management.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 161792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e4eb0bb5680ab582c63df3974222e537\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 161792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e4eb0bb5680ab582c63df3974222e537\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 184320 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dedfa5bd943e4a78b1d7eec44c6f737f\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 337408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d3507fe27d8923dd419bfd835581752d\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 337408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d3507fe27d8923dd419bfd835581752d\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c35af2e781284aaa8950788a83537d49\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c35af2e781284aaa8950788a83537d49\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b7d6360dcead019981eefacfa72416e6\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b7d6360dcead019981eefacfa72416e6\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 365056 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b42639fb347902bc5b1469968cd04d7b\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 365056 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b42639fb347902bc5b1469968cd04d7b\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ae8fe0125b35fc268b9b2f9e3c1b3578\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ae8fe0125b35fc268b9b2f9e3c1b3578\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 663552 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9c748be94847db6c1e5301a99ba507b4\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 663552 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9c748be94847db6c1e5301a99ba507b4\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 303104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9415b026c58ef2fc5927a383162e9e54\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 303104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9415b026c58ef2fc5927a383162e9e54\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
- 2011-08-10 18:58 . 2011-08-10 18:58 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\76ee89a9fc6963c5243918faf33baca8\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\76ee89a9fc6963c5243918faf33baca8\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 112128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6b120f8db932a314de97c4cd216f8784\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 112128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6b120f8db932a314de97c4cd216f8784\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\56f1f108a10d41cc682aefb717c3ae49\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\56f1f108a10d41cc682aefb717c3ae49\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4a8e5945ad34fa301703ba1a919726ff\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4a8e5945ad34fa301703ba1a919726ff\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\357ee59bdfd1a6401467728163ebb4b6\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\357ee59bdfd1a6401467728163ebb4b6\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 191488 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\02d9514b1b163c07b6be2916d5f0166e\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\b96b80f166196dc0e148c73dc8452d25\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\b96b80f166196dc0e148c73dc8452d25\Microsoft.Transactions.Bridge.Dtc.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 187392 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\ccf997ac543b2b58903fdf7bca34293d\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 187392 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\ccf997ac543b2b58903fdf7bca34293d\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\8e356070ffe04dd1260867eeae3a731e\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\8e356070ffe04dd1260867eeae3a731e\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 157184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\58ea9f1d5b35b9826dfc5f6ce7cf654f\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 157184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\58ea9f1d5b35b9826dfc5f6ce7cf654f\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 210944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\51f749767aea43448df7ad06e6d17c7d\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 210944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\51f749767aea43448df7ad06e6d17c7d\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\79b58ce41005165465015645e9aca5c6\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\79b58ce41005165465015645e9aca5c6\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\546b00ea58f6edb79610c186b66a7e09\Microsoft.PowerShell.Security.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\546b00ea58f6edb79610c186b66a7e09\Microsoft.PowerShell.Security.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4674f7aab6bd1d78a2531f1f59b7789e\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4674f7aab6bd1d78a2531f1f59b7789e\Microsoft.PowerShell.Commands.Management.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\25e96c962b0b32cec74991f8d52a5da2\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\25e96c962b0b32cec74991f8d52a5da2\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\05b332106dfa161a88f51f1d407cb68a\Microsoft.PowerShell.GraphicalHost.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\05b332106dfa161a88f51f1d407cb68a\Microsoft.PowerShell.GraphicalHost.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\b570b74b770a4358d562c5a31f2cbd81\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\b570b74b770a4358d562c5a31f2cbd81\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\96972941a997c074ddc332cb3c8127ea\Microsoft.Office.Tools.Common.v9.0.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\96972941a997c074ddc332cb3c8127ea\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\58a8452f9bf9f47e742eeed9d951d4cd\Microsoft.Office.Tools.v9.0.ni.dll
- 2011-08-10 18:58 . 2011-08-10 18:58 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\58a8452f9bf9f47e742eeed9d951d4cd\Microsoft.Office.Tools.v9.0.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\22917976ee488c2705e1595e73f8b2a5\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\22917976ee488c2705e1595e73f8b2a5\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 206848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\87ce9b5e36e642735313f17b8de9ac15\Microsoft.Office.InfoPath.Client.Internal.Host.Interop.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 206848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\87ce9b5e36e642735313f17b8de9ac15\Microsoft.Office.InfoPath.Client.Internal.Host.Interop.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 114688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\85a54fabbd2dfd3a4e78cf599b18f166\Microsoft.Office.InfoPath.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 114688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\85a54fabbd2dfd3a4e78cf599b18f166\Microsoft.Office.InfoPath.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 375808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\1c8f2020f97321ed4876d3ef703331e0\Microsoft.Office.Interop.InfoPath.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 375808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\1c8f2020f97321ed4876d3ef703331e0\Microsoft.Office.Interop.InfoPath.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 268800 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\f0ca68cbe1b4e2c4cf1c05fd0ca9d181\Microsoft.Office.BusinessApplications.Diagnostics.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 268800 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\f0ca68cbe1b4e2c4cf1c05fd0ca9d181\Microsoft.Office.BusinessApplications.Diagnostics.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 229888 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\d7ff7549a38cad34be4edc236f01e6d7\Microsoft.MediaCenter.iTv.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 229888 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\d7ff7549a38cad34be4edc236f01e6d7\Microsoft.MediaCenter.iTv.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 142848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\b482cb6bb553894f8a3ccc811b172f58\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 142848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\b482cb6bb553894f8a3ccc811b172f58\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 849920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\a5c7c9fc4ecd48e398cb4c809d8abf91\Microsoft.MediaCenter.Shell.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 849920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\a5c7c9fc4ecd48e398cb4c809d8abf91\Microsoft.MediaCenter.Shell.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7db0f5953b2347728d542185b11658a6\Microsoft.MediaCenter.Playback.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7db0f5953b2347728d542185b11658a6\Microsoft.MediaCenter.Playback.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 740864 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\69540ae92cded014582d929ecbad6d7a\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 740864 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\69540ae92cded014582d929ecbad6d7a\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\4bc59bbb2e91c6e7ae59f420369d4ea4\Microsoft.MediaCenter.Interop.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\4bc59bbb2e91c6e7ae59f420369d4ea4\Microsoft.MediaCenter.Interop.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 705024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\47d791d017ec3aed1a2d3f5fc9791100\Microsoft.MediaCenter.Sports.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 705024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\47d791d017ec3aed1a2d3f5fc9791100\Microsoft.MediaCenter.Sports.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 105472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\1c21bb0e47fd3d4bc6796312c5cb8d56\Microsoft.MediaCenter.Mheg.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 105472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\1c21bb0e47fd3d4bc6796312c5cb8d56\Microsoft.MediaCenter.Mheg.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\9658825555dc2c9af1a8ce12e6da2cd7\Microsoft.ManagementConsole.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\9658825555dc2c9af1a8ce12e6da2cd7\Microsoft.ManagementConsole.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 286208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\ca4fc1503283c934c8000cd0ebe9b90a\Microsoft.GroupPolicy.Interop.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 286208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\ca4fc1503283c934c8000cd0ebe9b90a\Microsoft.GroupPolicy.Interop.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 455168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\02b2dc0d65a44379fa11870638cf894e\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 455168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\02b2dc0d65a44379fa11870638cf894e\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 343040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\e3672845a3d6c3ab606facc3366fbcbd\Microsoft.BusinessData.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 343040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\e3672845a3d6c3ab606facc3366fbcbd\Microsoft.BusinessData.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c52f2b0958be337e88f37a141e18be78\Microsoft.Build.Utilities.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c52f2b0958be337e88f37a141e18be78\Microsoft.Build.Utilities.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\3f194ebe9a0c1e0903b32f663cb53556\Microsoft.Build.Utilities.v3.5.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\3f194ebe9a0c1e0903b32f663cb53556\Microsoft.Build.Utilities.v3.5.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e62aa0d898b65d0d831c11b4f56c0785\Microsoft.Build.Engine.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e62aa0d898b65d0d831c11b4f56c0785\Microsoft.Build.Engine.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\78fb000aaaba73f34dfa9028b7caef8c\Microsoft.Build.Conversion.v3.5.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\78fb000aaaba73f34dfa9028b7caef8c\Microsoft.Build.Conversion.v3.5.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 316928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\7858173b7a5d5ad1ad6b11b256a61a34\Microsoft.ApplicationId.Framework.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 316928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\7858173b7a5d5ad1ad6b11b256a61a34\Microsoft.ApplicationId.Framework.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 587776 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\3e9b7b340be2eedbe058129887e90807\Microsoft.ApplicationId.RuleWizard.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 587776 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\3e9b7b340be2eedbe058129887e90807\Microsoft.ApplicationId.RuleWizard.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 250880 c:\windows\assembly\NativeImages_v2.0.50727_32\Mcx2Dvcs\c75cc7be3eda189ceab3057410cb37d7\Mcx2Dvcs.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 250880 c:\windows\assembly\NativeImages_v2.0.50727_32\Mcx2Dvcs\c75cc7be3eda189ceab3057410cb37d7\Mcx2Dvcs.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 381952 c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\9c5436e6a51dab1ac3bf25462916c630\mcupdate.ni.exe
+ 2011-09-22 01:45 . 2011-09-22 01:45 381952 c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\9c5436e6a51dab1ac3bf25462916c630\mcupdate.ni.exe
- 2011-08-10 22:01 . 2011-08-10 22:01 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\fe969316614223634cba1c5544f4e3dd\mcstoredb.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\fe969316614223634cba1c5544f4e3dd\mcstoredb.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 371712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcplayerinterop\18b7392840e312aa71f3be695f1f02a9\mcplayerinterop.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 371712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcplayerinterop\18b7392840e312aa71f3be695f1f02a9\mcplayerinterop.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\mcGlidHostObj\70446af728bb8bd6197f1326d0a2aea1\mcGlidHostObj.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\mcGlidHostObj\70446af728bb8bd6197f1326d0a2aea1\mcGlidHostObj.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 107520 c:\windows\assembly\NativeImages_v2.0.50727_32\MCESidebarCtrl\2ab9c4499b9ca0b66ec42306cfed3fa6\MCESidebarCtrl.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 107520 c:\windows\assembly\NativeImages_v2.0.50727_32\MCESidebarCtrl\2ab9c4499b9ca0b66ec42306cfed3fa6\MCESidebarCtrl.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\31231127c783eddf25c3d21761e1a15c\EventViewer.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\31231127c783eddf25c3d21761e1a15c\EventViewer.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\ceb1e5232940cce08c296cb9dfce4688\ehRecObj.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\ceb1e5232940cce08c296cb9dfce4688\ehRecObj.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 202752 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiWUapi\8765166fc421d6759011b7ee203ec165\ehiWUapi.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 202752 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiWUapi\8765166fc421d6759011b7ee203ec165\ehiWUapi.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 340480 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiwmp\500915b29cda0fb0828e71db05814008\ehiwmp.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 340480 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiwmp\500915b29cda0fb0828e71db05814008\ehiwmp.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\85464949c28a523e3b6cf24679a9776c\ehiVidCtl.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\85464949c28a523e3b6cf24679a9776c\ehiVidCtl.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\2ddabd185f08f72237aaa70edaffa6cc\ehiProxy.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\2ddabd185f08f72237aaa70edaffa6cc\ehiProxy.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\536082f3ff1f0f6fcd7bd58878098071\ehiExtens.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\536082f3ff1f0f6fcd7bd58878098071\ehiExtens.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\c6f09d715e558a133eb8aa072d6fc6c5\ehExtHost.ni.exe
+ 2011-09-22 01:44 . 2011-09-22 01:44 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\c6f09d715e558a133eb8aa072d6fc6c5\ehExtHost.ni.exe
- 2011-08-10 19:00 . 2011-08-10 19:00 223744 c:\windows\assembly\NativeImages_v2.0.50727_32\ehCIR\0354cf4bd5196832512463b0273a9992\ehCIR.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 223744 c:\windows\assembly\NativeImages_v2.0.50727_32\ehCIR\0354cf4bd5196832512463b0273a9992\ehCIR.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d17a5e7b3e9c6ea0f5c66093771b35eb\CustomMarshalers.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d17a5e7b3e9c6ea0f5c66093771b35eb\CustomMarshalers.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a28cd0923e6ff03f952950eb713f03b3\ComSvcConfig.ni.exe
- 2011-08-10 18:59 . 2011-08-10 18:59 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a28cd0923e6ff03f952950eb713f03b3\ComSvcConfig.ni.exe
+ 2011-09-22 01:43 . 2011-09-22 01:43 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\482f9bd79c20ab87b6fa0fa2737d6aa3\BDATunePIA.ni.dll
- 2011-08-10 18:58 . 2011-08-10 18:58 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\482f9bd79c20ab87b6fa0fa2737d6aa3\BDATunePIA.ni.dll
- 2011-08-10 18:58 . 2011-08-10 18:58 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\770bfd90d5375c81fd59f5a6cb435ba7\AspNetMMCExt.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\770bfd90d5375c81fd59f5a6cb435ba7\AspNetMMCExt.ni.dll
- 2009-07-14 02:03 . 2011-09-08 09:12 7340032 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:03 . 2011-09-22 01:32 7340032 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-14 04:34 . 2011-09-22 01:35 5981297 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:34 . 2011-09-21 21:35 5981297 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2010-03-18 20:16 . 2010-03-18 20:16 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
+ 2011-04-06 23:48 . 2011-04-06 23:48 1663320 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
+ 2011-04-06 23:48 . 2011-04-06 23:48 1368920 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2011-04-06 23:48 . 2011-04-06 23:48 6428520 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2011-04-06 23:48 . 2011-04-06 23:48 3788128 c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2011-04-06 23:48 . 2011-04-06 23:48 2261832 c:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
- 2010-03-18 20:16 . 2010-03-18 20:16 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
+ 2011-04-06 23:48 . 2011-04-06 23:48 2207568 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
+ 2011-04-06 23:48 . 2011-04-06 23:48 6097256 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll
+ 2011-05-17 16:27 . 2011-05-17 16:27 2975064 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll
+ 2011-04-06 23:48 . 2011-04-06 23:48 1354584 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll
- 2011-04-12 22:11 . 2011-04-12 22:11 5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-05-17 16:27 . 2011-05-17 16:27 5197648 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-05-17 16:27 . 2011-05-17 16:27 1142616 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
- 2011-04-12 22:11 . 2011-04-12 22:11 6735176 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2011-05-17 16:27 . 2011-05-17 16:27 6735176 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 1368920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 3510600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 5028200 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 6428520 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 3788128 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 5197648 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-09-22 01:20 . 2011-09-22 01:20 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2011-08-10 05:07 . 2011-08-10 05:07 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
 
+ 2011-08-16 06:56 . 2011-08-16 06:56 3460096 c:\windows\Installer\a3adb.msp
+ 2011-05-20 00:24 . 2011-05-20 00:24 1939968 c:\windows\Installer\96e65.msi
+ 2011-06-15 22:32 . 2011-06-15 22:32 1871872 c:\windows\Installer\96e5f.msi
+ 2011-03-21 00:58 . 2011-09-22 01:25 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-03-21 00:58 . 2011-09-22 01:25 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe
- 2011-03-21 00:58 . 2011-08-10 05:09 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-03-18 20:16 . 2010-03-18 20:16 1663320 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\wpfgfx_x86.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 1303896 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\WindowsBase_x86.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 6346600 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationFramework_x86.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16 3545952 c:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationCore_x86.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 3857920 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6c4a0cae96fe506534d1ed4b8e905d04\WindowsBase.ni.dll
+ 2011-09-22 01:52 . 2011-09-22 01:52 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\e6474cae2445440fccb0e62e689e6c22\UIAutomationClientsideProviders.ni.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 9086464 c:\windows\assembly\NativeImages_v4.0.30319_32\System\ffc825af968e2afbdd0d894b475331f3\System.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 5617664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\6cf9069b4b5feb38824a79009ed9c7b4\System.Xml.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cadbfd56dbffb78f67b92027bd56862e\System.Xaml.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\a216205660fa7dabec6af4a7c52956ee\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\40c543317017c549c3d17d714c3cf1fc\System.Web.Services.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\86d3010efe01e554be5b8cd680fcfe2a\System.Speech.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f37365c0acb4b409a486f3aa4512a03e\System.ServiceModel.Discovery.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 1392640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a53b7bb4838c656363b29f79f708a0f0\System.ServiceModel.Activities.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\33b886ae33f78b046f90bda3dde2688e\System.Runtime.Serialization.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\5c659e2195f712d6638b8536da384cda\System.Runtime.DurableInstancing.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\0751e44f42a603bfe153a4bbd124f62f\System.Printing.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\307dea1fa71faaa1c2dc0175487d9639\System.Management.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\e1acefba94c07ca77d751b68bc3e33d3\System.IdentityModel.ni.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 1652736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ea0f339fb15935f1878e115be1c04f8f\System.Drawing.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\be3d47a08a8e4118e75e31a402259409\System.DirectoryServices.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\864c2fd53f879fcd5f9b335cf49a66b4\System.Deployment.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 6815232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\80bdabbd69127228408b96ca23460389\System.Data.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 2549760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\ec8c58572e78fa5fc63bb8b29ed7481a\System.Data.SqlXml.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 1343488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\04f451f2d493483696f852bdce8c36e0\System.Data.Services.Client.ni.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 2517504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\8a671058b35f625fb958ff2228fbc9cf\System.Data.Linq.ni.dll
+ 2011-09-22 01:21 . 2011-09-22 01:21 7069696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\2721a63758cab451543e8a58dc4ffeeb\System.Core.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\c527fa8c447a9edfeb14eeaf4af0a742\System.Activities.ni.dll
+ 2011-09-22 01:50 . 2011-09-22 01:50 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\5be7a4e9c92dff127c74c0d744b3f523\System.Activities.Presentation.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\1871f74f0a94ec1d26071dcc872d4189\System.Activities.Core.Presentation.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 2907136 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\5d8782e167084ab1fced20b86cfb26e2\ReachFramework.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\de59faecd59acbc6caabecbd8efbbb50\PresentationUI.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ce05202cabbee87cda0b3df2e56a6b20\Microsoft.VisualBasic.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\899c60052ad7e741dc444017cc907ca8\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\0adf14e7c198b3e2a634e53a23ddad7b\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\4376863f8deba766befd5d8e41316a91\Microsoft.Transactions.Bridge.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\2ceaa7403e2bdea36367a0a67d972f03\Microsoft.JScript.ni.dll
- 2011-09-13 04:12 . 2011-09-13 04:12 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\113a314e9f32a5efc41f409118a71063\Microsoft.CSharp.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 1616384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\113a314e9f32a5efc41f409118a71063\Microsoft.CSharp.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll
- 2011-08-10 18:16 . 2011-08-10 18:16 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll
- 2011-08-10 22:06 . 2011-08-10 22:06 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\92104881c09380b6b86ec656e8c502f6\UIAutomationClientsideProviders.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\92104881c09380b6b86ec656e8c502f6\UIAutomationClientsideProviders.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 7963648 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
- 2011-08-10 18:16 . 2011-08-10 18:16 7963648 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 5453312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
- 2011-08-10 18:16 . 2011-08-10 18:16 5453312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
- 2011-08-10 22:06 . 2011-08-10 22:06 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\a6409b4be5018e5cbad7ef197d4237e1\System.WorkflowServices.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\a6409b4be5018e5cbad7ef197d4237e1\System.WorkflowServices.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\9af55d8d4cb44eabe53e940244864daa\System.Workflow.Runtime.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\9af55d8d4cb44eabe53e940244864daa\System.Workflow.Runtime.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 4515840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\f40e6a02c815ee66b49d4f48802d9d9c\System.Workflow.ComponentModel.ni.dll
+ 2011-09-22 01:49 . 2011-09-22 01:49 4515840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\f40e6a02c815ee66b49d4f48802d9d9c\System.Workflow.ComponentModel.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\82e83c3d87d72cafffc60c55585daaaa\System.Workflow.Activities.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\82e83c3d87d72cafffc60c55585daaaa\System.Workflow.Activities.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\873449038f590bc102daf0effd94c952\System.Web.Services.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\873449038f590bc102daf0effd94c952\System.Web.Services.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4de6ad3bad2dc4fbbbd33b16b1a7b219\System.Web.Mobile.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4de6ad3bad2dc4fbbbd33b16b1a7b219\System.Web.Mobile.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\871d3f0cc83d73a106151257ee74a4aa\System.Web.Extensions.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\871d3f0cc83d73a106151257ee74a4aa\System.Web.Extensions.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2c7c32228442440e4c23f772fd64b24b\System.Speech.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2c7c32228442440e4c23f772fd64b24b\System.Speech.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0139ae05cabaf2ac25cc85279e187e0a\System.ServiceModel.Web.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0139ae05cabaf2ac25cc85279e187e0a\System.ServiceModel.Web.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e285e2af5e0e8ac7d91936b2cb18542f\System.Runtime.Serialization.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e285e2af5e0e8ac7d91936b2cb18542f\System.Runtime.Serialization.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\b2834d89c14922370db32e5e4564e03a\System.Printing.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\b2834d89c14922370db32e5e4564e03a\System.Printing.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\d22401acd64bf25bd6f92a2ab44c5b0d\System.Management.Automation.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\d22401acd64bf25bd6f92a2ab44c5b0d\System.Management.Automation.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\5ab23d203c8bfade7160ea915719c730\System.IdentityModel.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\5ab23d203c8bfade7160ea915719c730\System.IdentityModel.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
- 2011-08-10 18:17 . 2011-08-10 18:17 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ac4d095d0371999fa879f8167e9a82fa\System.DirectoryServices.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ac4d095d0371999fa879f8167e9a82fa\System.DirectoryServices.ni.dll
- 2011-08-10 18:17 . 2011-08-10 18:17 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\364993b444187c2dd988cab2fb0f98c6\System.Deployment.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\364993b444187c2dd988cab2fb0f98c6\System.Deployment.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\b7d1c271ec6b4df64c95563fc81ffc2f\System.Data.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\b7d1c271ec6b4df64c95563fc81ffc2f\System.Data.ni.dll
- 2011-08-10 18:16 . 2011-08-10 18:16 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\6c9eef4471f39022ab9418637c7ee9e1\System.Data.SqlXml.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\6c9eef4471f39022ab9418637c7ee9e1\System.Data.SqlXml.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\702efea190a39de2bacb81cbaf32de99\System.Data.Services.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\702efea190a39de2bacb81cbaf32de99\System.Data.Services.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3da17a7980d13fae329f2c3a77797b08\System.Data.Services.Client.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3da17a7980d13fae329f2c3a77797b08\System.Data.Services.Client.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\12dc224b1ddff3b0c5b3fce1ac958a3f\System.Data.OracleClient.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\12dc224b1ddff3b0c5b3fce1ac958a3f\System.Data.OracleClient.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1992ecfb8eb3318820e3d28df55bee6a\System.Data.Linq.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1992ecfb8eb3318820e3d28df55bee6a\System.Data.Linq.ni.dll
- 2011-08-10 22:05 . 2011-08-10 22:05 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\301160f0d81368efb2f79e9b714ec505\System.Data.Entity.ni.dll
+ 2011-09-22 01:48 . 2011-09-22 01:48 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\301160f0d81368efb2f79e9b714ec505\System.Data.Entity.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\ebdaeeb5ef1a6209d67a2f70fcaf5cd5\System.Core.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\ebdaeeb5ef1a6209d67a2f70fcaf5cd5\System.Core.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 1351168 c:\windows\assembly\NativeImages_v2.0.50727_32\SrpUxSnapIn\1d6036aecde52527be8ef132c7f21c52\SrpUxSnapIn.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 1351168 c:\windows\assembly\NativeImages_v2.0.50727_32\SrpUxSnapIn\1d6036aecde52527be8ef132c7f21c52\SrpUxSnapIn.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\a09206d231b222c74183c7255bcacb35\ReachFramework.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\a09206d231b222c74183c7255bcacb35\ReachFramework.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7f0d64056a690c2fe26071b7368b4c56\PresentationUI.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7f0d64056a690c2fe26071b7368b4c56\PresentationUI.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c16377318357fb4fcda87c1015815a76\PresentationBuildTasks.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c16377318357fb4fcda87c1015815a76\PresentationBuildTasks.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\dedb365e2c9ea7bdab2d94edab2bf994\Narrator.ni.exe
+ 2011-09-22 01:47 . 2011-09-22 01:47 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\dedb365e2c9ea7bdab2d94edab2bf994\Narrator.ni.exe
+ 2011-09-22 01:47 . 2011-09-22 01:47 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\97051ca60f5e2ea7927adebcb2af9097\MMCEx.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\97051ca60f5e2ea7927adebcb2af9097\MMCEx.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\40f947b2a4ecb8ba656104c3f77bb79b\MIGUIControls.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\40f947b2a4ecb8ba656104c3f77bb79b\MIGUIControls.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 1300992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0e8e6ead7f4a6b149f12335a81660a83\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 1300992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0e8e6ead7f4a6b149f12335a81660a83\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\47a4b624c147aae197214d4ee5f0661b\Microsoft.VisualBasic.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\47a4b624c147aae197214d4ee5f0661b\Microsoft.VisualBasic.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\0d7a48003dd32151b3518b3ee7f13350\Microsoft.Transactions.Bridge.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\0d7a48003dd32151b3518b3ee7f13350\Microsoft.Transactions.Bridge.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\cc48d4fd4b90ec099b5768ba7c2feb3c\Microsoft.PowerShell.Commands.Utility.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\cc48d4fd4b90ec099b5768ba7c2feb3c\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2382705165b2bbc756181d6a5dae25d6\Microsoft.PowerShell.Editor.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2382705165b2bbc756181d6a5dae25d6\Microsoft.PowerShell.Editor.ni.dll
- 2011-08-10 22:04 . 2011-08-10 22:04 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\21182b3224f3c2aea9e41d915ba7bebe\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\21182b3224f3c2aea9e41d915ba7bebe\Microsoft.PowerShell.GPowerShell.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\20dc7f1c1038bda85dbcdad44cf7e92f\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\20dc7f1c1038bda85dbcdad44cf7e92f\Microsoft.Office.Tools.Excel.v9.0.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 1787904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\fdf6074f600abc65f2421689e6a9a8e7\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 1787904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\fdf6074f600abc65f2421689e6a9a8e7\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 1183744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\482b2286c8e9ca76a486365ddccbca1d\Microsoft.Office.Interop.InfoPath.SemiTrust.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 1183744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\482b2286c8e9ca76a486365ddccbca1d\Microsoft.Office.Interop.InfoPath.SemiTrust.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 4743168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\cbd8bd03e99a594e832f3416a268e1d3\Microsoft.Office.BusinessApplications.SyncServices.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 4743168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\cbd8bd03e99a594e832f3416a268e1d3\Microsoft.Office.BusinessApplications.SyncServices.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 2091520 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\9eb098a89d482bd53c08e5f91f7bdcb0\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 2091520 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\9eb098a89d482bd53c08e5f91f7bdcb0\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 3190272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\6341c1ae808c7ebd681f187ef3582ece\Microsoft.Office.BusinessData.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 3190272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\6341c1ae808c7ebd681f187ef3582ece\Microsoft.Office.BusinessData.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 1547776 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\504e4330282715990af2f4d8c8aaf190\Microsoft.Office.BusinessApplications.Runtime.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 1547776 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\504e4330282715990af2f4d8c8aaf190\Microsoft.Office.BusinessApplications.Runtime.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\ffec5408d56ba9fb311518d6ec521691\Microsoft.MediaCenter.UI.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\ffec5408d56ba9fb311518d6ec521691\Microsoft.MediaCenter.UI.ni.dll
- 2011-08-10 19:00 . 2011-08-10 19:00 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\81359c52225ae557ddf7dbdf3c0bf048\Microsoft.MediaCenter.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\81359c52225ae557ddf7dbdf3c0bf048\Microsoft.MediaCenter.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 1125376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\095434506dfac602ab100a99c49f790c\Microsoft.MediaCenter.Bml.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 1125376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\095434506dfac602ab100a99c49f790c\Microsoft.MediaCenter.Bml.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\35138a36b7d07f4d37adf96745ef80cb\Microsoft.JScript.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\35138a36b7d07f4d37adf96745ef80cb\Microsoft.JScript.ni.dll
- 2011-08-10 22:03 . 2011-08-10 22:03 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\9c17eb4bfbca7719a4f10bbd3473d07d\Microsoft.Ink.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\9c17eb4bfbca7719a4f10bbd3473d07d\Microsoft.Ink.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 4071424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\7b33c762eb77d661a3f1acb831e2b67b\Microsoft.GroupPolicy.Reporting.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 4071424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\7b33c762eb77d661a3f1acb831e2b67b\Microsoft.GroupPolicy.Reporting.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\4b45a3a1f24d0d773f9f8fb2d8ce8164\Microsoft.Build.Tasks.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\4b45a3a1f24d0d773f9f8fb2d8ce8164\Microsoft.Build.Tasks.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\01de5c2808a0c30578614dae24c5d591\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\01de5c2808a0c30578614dae24c5d591\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\db9750e8aae34d7bd25b76564f2cebd5\Microsoft.Build.Engine.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\db9750e8aae34d7bd25b76564f2cebd5\Microsoft.Build.Engine.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\9004890e93911c7612aa5f218c474618\mcstore.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\9004890e93911c7612aa5f218c474618\mcstore.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 3328512 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\24f438b585be87a5734e48aa616bbc07\mcepg.ni.dll
- 2011-08-10 22:01 . 2011-08-10 22:01 3328512 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\24f438b585be87a5734e48aa616bbc07\mcepg.ni.dll
+ 2011-05-24 10:00 . 2011-09-22 01:18 25325517 c:\windows\winsxs\ManifestCache\a786a517e28d5687_blobs.bin
+ 2011-03-06 03:07 . 2011-09-22 01:23 46249416 c:\windows\System32\MRT.exe
- 2011-03-28 05:23 . 2011-09-21 21:30 42435968 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3881011562-596480335-2157353384-1000-8192.dat
+ 2011-03-28 05:23 . 2011-09-22 01:32 42435968 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3881011562-596480335-2157353384-1000-8192.dat
+ 2011-05-19 05:55 . 2011-05-19 05:55 19624448 c:\windows\Installer\a3ab3.msp
+ 2011-09-22 01:21 . 2011-09-22 01:21 13138432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\0e3eea502999efc06079a0f40a795731\System.Windows.Forms.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\56df5c322f32e926eb46047f65d0a357\System.ServiceModel.ni.dll
+ 2011-09-22 01:51 . 2011-09-22 01:51 13346816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\093195c829c13c7ad35cb3ad43b52b6a\System.Data.Entity.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 18000384 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d23889e1eceadc97a6f227dbb392cb60\PresentationFramework.ni.dll
+ 2011-09-22 01:22 . 2011-09-22 01:22 11450880 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\55b41158ada67f5b5a132e120e7de269\PresentationCore.ni.dll
+ 2011-09-22 01:19 . 2011-09-22 01:19 14407680 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\93e7df09dacd5fef442cc22d28efec83\mscorlib.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
- 2011-08-10 18:17 . 2011-08-10 18:17 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 11819520 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\33b601c8e2cf4993e68d763389246197\System.Web.ni.dll
- 2011-08-10 18:18 . 2011-08-10 18:18 11819520 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\33b601c8e2cf4993e68d763389246197\System.Web.ni.dll
- 2011-08-10 18:59 . 2011-08-10 18:59 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\052fc9c848a7f4630980ae0fd7a282e0\System.ServiceModel.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\052fc9c848a7f4630980ae0fd7a282e0\System.ServiceModel.ni.dll
+ 2011-09-22 01:44 . 2011-09-22 01:44 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\cbd362859e818467b75aaf0287af0fe2\System.Design.ni.dll
- 2011-08-10 18:19 . 2011-08-10 18:19 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\cbd362859e818467b75aaf0287af0fe2\System.Design.ni.dll
+ 2011-09-22 01:47 . 2011-09-22 01:47 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll
- 2011-08-10 18:17 . 2011-08-10 18:17 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll
+ 2011-09-22 01:46 . 2011-09-22 01:46 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll
- 2011-08-10 18:17 . 2011-08-10 18:17 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll
- 2011-08-10 05:11 . 2011-08-10 05:11 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
+ 2011-09-22 01:43 . 2011-09-22 01:43 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
+ 2011-09-22 01:45 . 2011-09-22 01:45 18686976 c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\68e0ac1bcbdf7fed0c8041181c8aff87\ehshell.ni.dll
- 2011-08-10 22:02 . 2011-08-10 22:02 18686976 c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\68e0ac1bcbdf7fed0c8041181c8aff87\ehshell.ni.dll
+ 2011-04-07 02:43 . 2011-04-07 02:43 123313664 c:\windows\Installer\a3ac7.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\steam.exe" [2011-08-03 1242448]
"Desktop Software"="c:\program files\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-08-26 17361032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-22 1778064]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-07 1797488]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-22 91520]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-04-08 1406248]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-09-01 1047208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
c:\users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2011-4-9 576000]
Registration Heroes of Might & Magic 5.LNK - c:\program files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe [2011-3-30 868352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
LOLRecorder.lnk - c:\program files\LOLReplay\LOLRecorder.exe [2011-8-27 372736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKsl002e5e40;MpKsl002e5e40;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BEC80BE6-62AD-491F-A5BA-BF13D5804781}\MpKsl002e5e40.sys [x]
R1 MpKsl03249d40;MpKsl03249d40;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C2C5A6CC-1FED-4574-B4EF-99BD553B8D36}\MpKsl03249d40.sys [x]
R1 MpKsl040600f4;MpKsl040600f4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B133DB4A-8696-444B-B341-9174AF32A3AF}\MpKsl040600f4.sys [x]
R1 MpKsl055c88b5;MpKsl055c88b5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2E9F1E25-37AC-402D-BD27-7B202604CA4F}\MpKsl055c88b5.sys [x]
R1 MpKsl093a1754;MpKsl093a1754;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1A386B1-78A5-4F18-B46F-3DA3ED2F3629}\MpKsl093a1754.sys [x]
R1 MpKsl0e0bea13;MpKsl0e0bea13;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A107679D-E6D1-4B1D-A179-A9CAF5509ED3}\MpKsl0e0bea13.sys [x]
R1 MpKsl1b1b7ebf;MpKsl1b1b7ebf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{53896F6C-109C-40C6-8D7E-23FADB9FE428}\MpKsl1b1b7ebf.sys [x]
R1 MpKsl39161332;MpKsl39161332;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7272F1A1-E3D9-4151-A365-02E7E2D14D60}\MpKsl39161332.sys [x]
R1 MpKsl47300ffd;MpKsl47300ffd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1D5DEA57-B4F9-4F72-AA3E-BB057CEAD9D3}\MpKsl47300ffd.sys [x]
R1 MpKsl4c25b95f;MpKsl4c25b95f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{33FDADE8-0EEF-46E5-890B-F23CC9CD2679}\MpKsl4c25b95f.sys [x]
R1 MpKsl4ef88ffd;MpKsl4ef88ffd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD9B4117-D71F-4C42-A403-2C88F39897EE}\MpKsl4ef88ffd.sys [x]
R1 MpKsl58ff3399;MpKsl58ff3399;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BEC80BE6-62AD-491F-A5BA-BF13D5804781}\MpKsl58ff3399.sys [x]
R1 MpKsl68c83548;MpKsl68c83548;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E6812986-CE24-44AC-9C83-A0793251F027}\MpKsl68c83548.sys [x]
R1 MpKsl8bc51ca4;MpKsl8bc51ca4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA7CFBF1-EEC2-4900-BCAD-90A1F4A8408C}\MpKsl8bc51ca4.sys [x]
R1 MpKsl95e737cd;MpKsl95e737cd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8AC43A24-B16D-4897-91D0-BFE0F2D9BFC4}\MpKsl95e737cd.sys [x]
R1 MpKsl9b438dda;MpKsl9b438dda;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{66377808-71FB-488D-B788-077C1EA52D70}\MpKsl9b438dda.sys [x]
R1 MpKsl9d6d5027;MpKsl9d6d5027;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{529B0A21-E307-4C56-B06D-A9002765309A}\MpKsl9d6d5027.sys [x]
R1 MpKsla4511d04;MpKsla4511d04;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5C1DAC28-D9F0-433A-9E88-CEA686D3C7D7}\MpKsla4511d04.sys [x]
R1 MpKsla646d26e;MpKsla646d26e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{20FF1153-2611-45AB-BDED-9981E58A0C59}\MpKsla646d26e.sys [x]
R1 MpKslaecd84cb;MpKslaecd84cb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7272F1A1-E3D9-4151-A365-02E7E2D14D60}\MpKslaecd84cb.sys [x]
R1 MpKslc36014d0;MpKslc36014d0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E6812986-CE24-44AC-9C83-A0793251F027}\MpKslc36014d0.sys [x]
R1 MpKslca656fd9;MpKslca656fd9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{46B8DBC8-5CDF-46FD-9E2D-B9F338155853}\MpKslca656fd9.sys [x]
R1 MpKsle4e1232a;MpKsle4e1232a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{46B8DBC8-5CDF-46FD-9E2D-B9F338155853}\MpKsle4e1232a.sys [x]
R1 MpKslf4c8274d;MpKslf4c8274d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2C145FE5-7943-4D07-A025-EA6F9A09D14D}\MpKslf4c8274d.sys [x]
R1 MpKslfa593dc8;MpKslfa593dc8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B9CF9C14-9375-4361-8B23-7E89251DAB51}\MpKslfa593dc8.sys [x]
R1 MpKslfe828125;MpKslfe828125;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{03D616AA-0FAB-4259-A769-BFD51CAF40C0}\MpKslfe828125.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-22 30963576]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-06 1343400]
S1 MpKsl76d0532d;MpKsl76d0532d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{200A9B08-317B-4D6C-A560-F4DA4BDE9784}\MpKsl76d0532d.sys [2011-09-22 28752]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-27 176128]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-06-17 616408]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2011-03-29 598312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-27 7566848]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-27 238592]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*NewlyCreated* - MPKSL76D0532D
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:57596
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 68.87.85.102 68.87.69.150
FF - ProfilePath - c:\users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\xkctxi5h.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.leagueoflegends.com/
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLL
Notify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3881011562-596480335-2157353384-1000\Software\SecuROM\License information*]
"datasecu"=hex:7a,17,17,14,6c,f7,1b,1a,ac,65,d3,c8,4c,a8,4c,f3,e3,01,17,94,c1,
bf,97,ab,a4,94,e4,7d,03,1e,1a,1a,e8,fe,8c,2a,16,d6,3c,c9,06,33,d5,ad,b4,44,\
"rkeysecu"=hex:f2,ff,11,5e,5a,6c,15,a8,b9,da,6a,0d,9f,27,c5,7c
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(640)
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
.
Completion time: 2011-09-21 21:08:48
ComboFix-quarantined-files.txt 2011-09-22 04:08
ComboFix2.txt 2011-09-21 23:05
.
Pre-Run: 803,568,660,480 bytes free
Post-Run: 803,325,489,152 bytes free
.
- - End Of File - - 36FB38E3D4232CF89C075F0C936D7212
 
Please download Rootkit Unhooker from one of the following links and save it to your desktop.
In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can download, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".
 
RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows 7
Version 6.1.7601 (Service Pack 1)
Number of processors #2
==============================================
>Drivers
==============================================
0x94014000 C:\Windows\system32\DRIVERS\atikmdag.sys 7888896 bytes (ATI Technologies Inc., ATI Radeon Kernel Mode Driver)
0x82C38000 C:\Windows\system32\ntoskrnl.exe 4206592 bytes (Microsoft Corporation, NT Kernel & System)
0x82C38000 PnpManager 4206592 bytes
0x82C38000 RAW 4206592 bytes
0x82C38000 WMIxWDM 4206592 bytes
0x970F0000 Win32k 2416640 bytes
0x970F0000 C:\Windows\System32\win32k.sys 2416640 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8C834000 C:\Windows\System32\drivers\tcpip.sys 1351680 bytes (Microsoft Corporation, TCP/IP Driver)
0x8C422000 C:\Windows\System32\Drivers\Ntfs.sys 1241088 bytes (Microsoft Corporation, NT File System Driver)
0x93510000 C:\Windows\System32\drivers\dxgkrnl.sys 749568 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8C603000 C:\Windows\system32\drivers\ndis.sys 749568 bytes (Microsoft Corporation, NDIS 6.20 driver)
0x83514000 C:\Windows\system32\CI.dll 700416 bytes (Microsoft Corporation, Code Integrity Module)
0x9FC1E000 C:\Windows\system32\drivers\peauth.sys 618496 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x9527E000 C:\Windows\system32\drivers\HTTP.sys 544768 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x83434000 C:\Windows\system32\mcupdate_GenuineIntel.dll 544768 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x835BF000 C:\Windows\system32\drivers\Wdf01000.sys 462848 bytes (Microsoft Corporation, Kernel Mode Driver Framework Runtime)
0x93414000 C:\Windows\system32\drivers\csc.sys 409600 bytes (Microsoft Corporation, Windows Client Side Caching Driver)
0x8C58F000 C:\Windows\System32\Drivers\cng.sys 380928 bytes (Microsoft Corporation, Kernel Cryptography, Next Generation)
0x8C71D000 C:\Windows\system32\drivers\afd.sys 368640 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x9FD47000 C:\Windows\System32\DRIVERS\srv.sys 335872 bytes (Microsoft Corporation, Server driver)
0x9506A000 C:\Windows\system32\drivers\HdAudio.sys 327680 bytes (Microsoft Corporation, High Definition Audio Function Driver)
0x9FCED000 C:\Windows\System32\DRIVERS\srv2.sys 327680 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x97380000 C:\Windows\System32\ATMFD.DLL 315392 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0x9360C000 C:\Windows\system32\DRIVERS\USBPORT.SYS 307200 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x836ED000 C:\Windows\System32\drivers\volmgrx.sys 307200 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8363E000 C:\Windows\system32\drivers\ACPI.sys 294912 bytes (Microsoft Corporation, ACPI Driver for NT)
0x935C7000 C:\Windows\system32\DRIVERS\Rt86win7.sys 282624 bytes (Realtek , Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver )
0x9500B000 C:\Windows\system32\DRIVERS\usbhub.sys 278528 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x834D2000 C:\Windows\system32\CLFS.SYS 270336 bytes (Microsoft Corporation, Common Log File System Driver)
0x8C7B5000 C:\Windows\system32\DRIVERS\rdbss.sys 266240 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x95102000 C:\Windows\system32\DRIVERS\udfs.sys 262144 bytes (Microsoft Corporation, UDF File System Driver)
0x934D1000 C:\Windows\system32\DRIVERS\atikmpag.sys 258048 bytes (Advanced Micro Devices, Inc., AMD multi-vendor Miniport Driver)
0x8C9B8000 C:\Windows\system32\drivers\volsnap.sys 258048 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8C6BA000 C:\Windows\system32\drivers\NETIO.SYS 253952 bytes (Microsoft Corporation, Network I/O Subsystem)
0x95351000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 241664 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x9479A000 C:\Windows\System32\drivers\dxgmms1.sys 233472 bytes (Microsoft Corporation, DirectX Graphics MMS)
0x82C01000 ACPI_HAL 225280 bytes
0x82C01000 C:\Windows\system32\halmacpi.dll 225280 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x83400000 C:\Windows\system32\drivers\fltmgr.sys 212992 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x937B3000 C:\Windows\system32\drivers\ks.sys 212992 bytes (Microsoft Corporation, Kernel CSA Library)
0x8CA44000 C:\Windows\System32\DRIVERS\fvevol.sys 204800 bytes (Microsoft Corporation, BitLocker Drive Encryption Driver)
0x8CBC0000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8C97E000 C:\Windows\System32\drivers\fwpkclnt.sys 200704 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x950BA000 C:\Windows\system32\drivers\portcls.sys 192512 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8C9FF000 C:\Windows\System32\drivers\rdyboost.sys 184320 bytes (Microsoft Corporation, ReadyBoost Driver)
0x8C551000 C:\Windows\System32\Drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x9FDAE000 C:\Windows\System32\Drivers\fastfat.SYS 172032 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x83697000 C:\Windows\system32\drivers\pci.sys 172032 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x83763000 C:\Windows\system32\drivers\vmbus.sys 172032 bytes (Microsoft Corporation, Virtual Machine Bus)
0x8CAFD000 C:\Windows\system32\DRIVERS\MpFilter.sys 159744 bytes (Microsoft Corporation, Microsoft antimalware file system filter driver)
0x9378D000 C:\Windows\system32\DRIVERS\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8CA87000 C:\Windows\system32\DRIVERS\CLASSPNP.SYS 151552 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8C6F8000 C:\Windows\System32\Drivers\ksecpkg.sys 151552 bytes (Microsoft Corporation, Kernel Security Support Provider Interface Packages)
0x951BD000 C:\Windows\system32\DRIVERS\Dot4.sys 147456 bytes (Microsoft Corporation, IEEE-1284.4-1999 Driver)
0x837A8000 C:\Windows\system32\drivers\ataport.SYS 143360 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x9532E000 C:\Windows\system32\DRIVERS\mrxsmb.sys 143360 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x936F1000 C:\Windows\system32\DRIVERS\ndiswan.sys 139264 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x9FCBF000 C:\Windows\System32\DRIVERS\srvnet.sys 135168 bytes (Microsoft Corporation, Server Network driver)
0x9349E000 C:\Windows\system32\DRIVERS\tunnel.sys 135168 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8CB3E000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x8CADE000 C:\Windows\system32\DRIVERS\cdrom.sys 126976 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x947D3000 C:\Windows\system32\drivers\HDAudBus.sys 126976 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x8C800000 C:\Windows\system32\DRIVERS\pacer.sys 126976 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x973D0000 C:\Windows\System32\cdd.dll 122880 bytes (Microsoft Corporation, Canonical Display Driver)
0x93770000 C:\Windows\system32\DRIVERS\mcdbus.sys 118784 bytes (MagicISO, Inc., MagicISO SCSI Host Controller)
0x95226000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x9538C000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 110592 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x8C777000 C:\Windows\system32\DRIVERS\serial.sys 106496 bytes (Microsoft Corporation, Serial Device Driver)
0x95241000 C:\Windows\system32\drivers\WudfPf.sys 106496 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x95303000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x950E9000 C:\Windows\system32\drivers\drmk.sys 102400 bytes (Microsoft Corporation, Microsoft Trusted Audio Drivers)
0x93478000 C:\Windows\System32\Drivers\dfsc.sys 98304 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x93684000 C:\Windows\system32\DRIVERS\i8042prt.sys 98304 bytes (Microsoft Corporation, i8042 Port Driver)
0x9366C000 C:\Windows\system32\DRIVERS\parport.sys 98304 bytes (Microsoft Corporation, Parallel Port Driver)
0x936CE000 C:\Windows\system32\DRIVERS\rasl2tp.sys 98304 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x93713000 C:\Windows\system32\DRIVERS\raspppoe.sys 98304 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x9372B000 C:\Windows\system32\DRIVERS\raspptp.sys 94208 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x93742000 C:\Windows\system32\DRIVERS\rassstp.sys 94208 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8CB9D000 C:\Windows\system32\DRIVERS\tdx.sys 94208 bytes (Microsoft Corporation, TDI Translation Driver)
0x9517E000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0x8374D000 C:\Windows\System32\drivers\mountmgr.sys 90112 bytes (Microsoft Corporation, Mount Point Manager)
0x951F5000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 77824 bytes (Microsoft Corporation, Hid Class Library)
0x8C57C000 C:\Windows\System32\Drivers\ksecdd.sys 77824 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x9526B000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x8C791000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8378D000 00000090 73728 bytes
0x936BC000 C:\Windows\system32\DRIVERS\AgileVpn.sys 73728 bytes (Microsoft Corporation, RAS Agile Vpn Miniport Call Manager)
0x934BF000 C:\Windows\system32\DRIVERS\intelppm.sys 73728 bytes (Microsoft Corporation, Processor Device Driver)
0x9531C000 C:\Windows\System32\drivers\mpsdrv.sys 73728 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8378D000 C:\Windows\system32\drivers\winhv.sys 73728 bytes (Microsoft Corporation, Windows Hypervisor Interface Driver)
0x8CA76000 C:\Windows\system32\DRIVERS\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x9516D000 C:\Windows\System32\Drivers\dump_dumpfve.sys 69632 bytes
0x837D4000 C:\Windows\system32\drivers\fileinfo.sys 69632 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x95059000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x836CC000 C:\Windows\System32\drivers\partmgr.sys 69632 bytes (Microsoft Corporation, Partition Management Driver)
0x834B9000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x8C7A4000 C:\Windows\system32\drivers\termdd.sys 69632 bytes (Microsoft Corporation, Remote Desktop Server Driver)
0x9525B000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8CA2C000 C:\Windows\System32\Drivers\mup.sys 65536 bytes (Microsoft Corporation, Multiple UNC Provider Driver)
0x836DD000 C:\Windows\system32\drivers\volmgr.sys 65536 bytes (Microsoft Corporation, Volume Manager Driver)
0x937E7000 C:\Windows\system32\DRIVERS\AmdLLD.sys 61440 bytes (AMD, Inc., AMD Low Level Device Driver)
0x9FE5E000 C:\Windows\system32\DRIVERS\NisDrvWFP.sys 61440 bytes (Microsoft Corporation, Microsoft Network Inspection System Driver)
0x94000000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x93490000 C:\Windows\system32\DRIVERS\blbdrive.sys 57344 bytes (Microsoft Corporation, BLB Drive Driver)
0x8C81F000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8CB8F000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8373F000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8C5EC000 C:\Windows\System32\drivers\pcw.sys 57344 bytes (Microsoft Corporation, Performance Counters for Windows Driver)
0x93400000 C:\Windows\system32\DRIVERS\umbus.sys 57344 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x95197000 C:\Windows\system32\DRIVERS\usbscan.sys 57344 bytes (Microsoft Corporation, USB Scanner Driver)
0x83630000 C:\Windows\system32\drivers\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0x936AF000 C:\Windows\system32\drivers\CompositeBus.sys 53248 bytes (Microsoft Corporation, Multi-Transport Composite Bus Enumerator)
0x9514C000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x951B0000 C:\Windows\system32\DRIVERS\dot4usb.sys 53248 bytes (Microsoft Corporation, DOT4USB filter driver)
0x93763000 C:\Windows\system32\DRIVERS\kbdclass.sys 53248 bytes (Microsoft Corporation, Keyboard Class Driver)
0x9369C000 C:\Windows\system32\DRIVERS\mouclass.sys 53248 bytes (Microsoft Corporation, Mouse Class Driver)
0x9FCE0000 C:\Windows\System32\drivers\tcpipreg.sys 53248 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8CB5F000 C:\Windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x8C40A000 C:\Windows\System32\drivers\discache.sys 49152 bytes (Microsoft Corporation, System Indexer/Cache Driver)
0x9520F000 C:\Windows\system32\DRIVERS\kbdhid.sys 49152 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x8CBB4000 C:\Windows\system32\DRIVERS\TDI.SYS 49152 bytes (Microsoft Corporation, TDI Wrapper)
0x8CB32000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x9FE42000 C:\Users\Derek\AppData\Local\Temp\aswMBR.sys 45056 bytes
0x95159000 C:\Windows\System32\Drivers\dump_dumpata.sys 45056 bytes
0x93661000 C:\Windows\system32\DRIVERS\fdc.sys 45056 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0x951EA000 C:\Windows\system32\DRIVERS\hidusb.sys 45056 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x9521B000 C:\Windows\system32\DRIVERS\monitor.sys 45056 bytes (Microsoft Corporation, Monitor Driver)
0x8CB84000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x936E6000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x951A5000 C:\Windows\system32\DRIVERS\usbprint.sys 45056 bytes (Microsoft Corporation, USB Printer driver)
0x947F2000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x836C1000 C:\Windows\system32\drivers\vdrvroot.sys 45056 bytes (Microsoft Corporation, Virtual Drive Root Enumerator)
0x95142000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x9504F000 C:\Windows\system32\DRIVERS\flpydisk.sys 40960 bytes (Microsoft Corporation, Floppy Driver)
0x9FD3D000 C:\Windows\system32\DRIVERS\MpNWMon.sys 40960 bytes (Microsoft Corporation, Network monitor driver)
0x8C400000 C:\Windows\system32\drivers\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x8C7F6000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x93759000 C:\Windows\system32\DRIVERS\rdpbus.sys 40960 bytes (Microsoft Corporation, Microsoft RDP Bus Device driver)
0x9FCB5000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x93657000 C:\Windows\system32\DRIVERS\serenum.sys 40960 bytes (Microsoft Corporation, Serial Port Enumerator)
0x837CB000 C:\Windows\system32\drivers\amdxata.sys 36864 bytes (Advanced Micro Devices, Storage Filter Driver)
0x8379F000 C:\Windows\system32\drivers\atapi.sys 36864 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x9FE7B000 C:\Windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x951E1000 C:\Windows\system32\DRIVERS\Dot4Prt.sys 36864 bytes (Microsoft Corporation, IEEE-1284.4 Print Class Driver)
0x95164000 C:\Windows\System32\Drivers\dump_atapi.sys 36864 bytes
0x8C5FA000 C:\Windows\System32\Drivers\Fs_Rec.sys 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x97350000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8C9AF000 C:\Windows\system32\drivers\vmstorfl.sys 36864 bytes (Microsoft Corporation, Virtual Storage Filter Driver)
0x83686000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x834CA000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x9FE4F000 C:\Users\Derek\AppData\Local\Temp\catchme.sys 32768 bytes
0x8CA3C000 C:\Windows\System32\drivers\hwpolicy.sys 32768 bytes (Microsoft Corporation, Hardware Policy Driver)
0x8368F000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8CB6C000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8CB74000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Encoder Miniport)
0x8CB7C000 C:\Windows\system32\drivers\rdprefmp.sys 32768 bytes (Microsoft Corporation, RDP Reflector Driver Miniport)
0x8C9F7000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8CB2B000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x95208000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x83738000 C:\Windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x8CB24000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x953A7000 C:\Windows\system32\DRIVERS\parvdm.sys 28672 bytes (Microsoft Corporation, VDM Parallel Driver)
0x8CBF2000 C:\Windows\system32\DRIVERS\wfplwf.sys 28672 bytes (Microsoft Corporation, WFP NDIS 6.20 Lightweight Filter Driver)
0x936A9000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x9FE6D000 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9ED0A321-B675-4571-883A-E6AAEC66FB5C}\MpKsl3c9fef5f.sys 24576 bytes (Microsoft Corporation, KSLDriver)
0x9FE4D000 C:\Windows\system32\Drivers\PROCEXP113.SYS 8192 bytes
0x9400F000 C:\Windows\system32\drivers\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x95195000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0x80BC5000 00000088 6656 bytes
0x80BC5000 C:\Windows\system32\kdcom.dll 6656 bytes (Microsoft Corporation, Serial Kernel Debugger)
!!!!!!!!!!!Hidden driver: 0x86621F38 00000316 0 bytes
==============================================
>Stealth
==============================================
0x86628990 Unknown page with executable code, 1648 bytes
0x8662663B Unknown page with executable code, 2501 bytes
0x86626108 Unknown thread object [ ETHREAD 0x861ACD48 ] TID: 216, 600 bytes
0x86626B2D Unknown thread object [ ETHREAD 0x86636960 ] TID: 224, 600 bytes
0x86627A11 Unknown thread object [ ETHREAD 0x86636688 ] TID: 228, 600 bytes
0x86623FB5 Unknown page with executable code, 75 bytes


!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)
 
Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
2011/09/22 19:55:01.0735 0912 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10
2011/09/22 19:55:02.0185 0912 ================================================================================
2011/09/22 19:55:02.0185 0912 SystemInfo:
2011/09/22 19:55:02.0185 0912
2011/09/22 19:55:02.0185 0912 OS Version: 6.1.7601 ServicePack: 1.0
2011/09/22 19:55:02.0185 0912 Product type: Workstation
2011/09/22 19:55:02.0186 0912 ComputerName: DEREK-PC
2011/09/22 19:55:02.0186 0912 UserName: Derek
2011/09/22 19:55:02.0186 0912 Windows directory: C:\Windows
2011/09/22 19:55:02.0186 0912 System windows directory: C:\Windows
2011/09/22 19:55:02.0186 0912 Processor architecture: Intel x86
2011/09/22 19:55:02.0186 0912 Number of processors: 2
2011/09/22 19:55:02.0186 0912 Page size: 0x1000
2011/09/22 19:55:02.0186 0912 Boot type: Normal boot
2011/09/22 19:55:02.0186 0912 ================================================================================
2011/09/22 19:55:03.0658 0912 Initialize success
2011/09/22 19:55:07.0914 5304 ================================================================================
2011/09/22 19:55:07.0914 5304 Scan started
2011/09/22 19:55:07.0914 5304 Mode: Manual;
2011/09/22 19:55:07.0914 5304 ================================================================================
2011/09/22 19:55:08.0904 5304 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
2011/09/22 19:55:08.0935 5304 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
2011/09/22 19:55:08.0956 5304 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
2011/09/22 19:55:08.0995 5304 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/09/22 19:55:09.0029 5304 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/09/22 19:55:09.0056 5304 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/09/22 19:55:09.0119 5304 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
2011/09/22 19:55:09.0143 5304 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/09/22 19:55:09.0166 5304 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/09/22 19:55:09.0226 5304 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/09/22 19:55:09.0274 5304 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/09/22 19:55:09.0300 5304 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/09/22 19:55:09.0320 5304 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/09/22 19:55:09.0484 5304 amdkmdag (d05cf4523e0c04ef82454abfd84fdc1d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/22 19:55:09.0643 5304 amdkmdap (92dc2e0ae49148f83b24d89c737b0c97) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/09/22 19:55:09.0702 5304 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
2011/09/22 19:55:09.0718 5304 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/09/22 19:55:09.0763 5304 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
2011/09/22 19:55:09.0787 5304 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/09/22 19:55:09.0807 5304 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
2011/09/22 19:55:09.0873 5304 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
2011/09/22 19:55:09.0946 5304 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/09/22 19:55:09.0965 5304 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/09/22 19:55:09.0997 5304 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/22 19:55:10.0036 5304 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/09/22 19:55:10.0229 5304 atikmdag (d05cf4523e0c04ef82454abfd84fdc1d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/22 19:55:10.0567 5304 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/09/22 19:55:10.0594 5304 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/09/22 19:55:10.0624 5304 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/09/22 19:55:10.0656 5304 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/09/22 19:55:10.0731 5304 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/22 19:55:10.0752 5304 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/09/22 19:55:10.0778 5304 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/09/22 19:55:10.0815 5304 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/09/22 19:55:10.0840 5304 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/09/22 19:55:10.0864 5304 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/09/22 19:55:10.0907 5304 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/09/22 19:55:10.0922 5304 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/09/22 19:55:10.0983 5304 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/22 19:55:11.0041 5304 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/22 19:55:11.0065 5304 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/22 19:55:11.0106 5304 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/09/22 19:55:11.0148 5304 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/22 19:55:11.0179 5304 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/09/22 19:55:11.0213 5304 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/09/22 19:55:11.0246 5304 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/22 19:55:11.0300 5304 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
2011/09/22 19:55:11.0351 5304 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/09/22 19:55:11.0405 5304 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
2011/09/22 19:55:11.0472 5304 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
2011/09/22 19:55:11.0493 5304 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/09/22 19:55:11.0545 5304 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/09/22 19:55:11.0609 5304 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
2011/09/22 19:55:11.0645 5304 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/09/22 19:55:11.0670 5304 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/09/22 19:55:11.0704 5304 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/09/22 19:55:11.0753 5304 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/22 19:55:11.0835 5304 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/09/22 19:55:11.0940 5304 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/09/22 19:55:11.0988 5304 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/09/22 19:55:12.0035 5304 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/09/22 19:55:12.0066 5304 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/09/22 19:55:12.0094 5304 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/22 19:55:12.0132 5304 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/09/22 19:55:12.0148 5304 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/09/22 19:55:12.0175 5304 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/22 19:55:12.0199 5304 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/09/22 19:55:12.0227 5304 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/09/22 19:55:12.0287 5304 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/09/22 19:55:12.0311 5304 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/22 19:55:12.0348 5304 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
2011/09/22 19:55:12.0367 5304 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/09/22 19:55:12.0443 5304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/09/22 19:55:12.0464 5304 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/09/22 19:55:12.0523 5304 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
2011/09/22 19:55:12.0570 5304 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
2011/09/22 19:55:12.0593 5304 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/09/22 19:55:12.0622 5304 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/09/22 19:55:12.0652 5304 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/22 19:55:12.0694 5304 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/22 19:55:12.0771 5304 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/09/22 19:55:12.0831 5304 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
2011/09/22 19:55:12.0872 5304 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
2011/09/22 19:55:12.0902 5304 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/22 19:55:12.0962 5304 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
2011/09/22 19:55:12.0987 5304 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/09/22 19:55:13.0016 5304 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/09/22 19:55:13.0047 5304 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/22 19:55:13.0068 5304 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/22 19:55:13.0108 5304 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
2011/09/22 19:55:13.0131 5304 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/09/22 19:55:13.0163 5304 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/09/22 19:55:13.0180 5304 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/09/22 19:55:13.0213 5304 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
2011/09/22 19:55:13.0264 5304 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/22 19:55:13.0289 5304 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/22 19:55:13.0343 5304 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/22 19:55:13.0370 5304 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/09/22 19:55:13.0513 5304 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/22 19:55:13.0556 5304 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/09/22 19:55:13.0584 5304 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/09/22 19:55:13.0600 5304 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/09/22 19:55:13.0628 5304 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/09/22 19:55:13.0662 5304 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/09/22 19:55:13.0712 5304 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
2011/09/22 19:55:13.0740 5304 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/09/22 19:55:13.0765 5304 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/09/22 19:55:13.0800 5304 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/09/22 19:55:13.0894 5304 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/22 19:55:13.0941 5304 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/22 19:55:13.0968 5304 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/22 19:55:14.0011 5304 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
2011/09/22 19:55:14.0072 5304 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/09/22 19:55:14.0118 5304 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
2011/09/22 19:55:14.0572 5304 MpKslb90d6e82 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9ED0A321-B675-4571-883A-E6AAEC66FB5C}\MpKslb90d6e82.sys
2011/09/22 19:55:14.0655 5304 MpKsle94120ba (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9ED0A321-B675-4571-883A-E6AAEC66FB5C}\MpKsle94120ba.sys
2011/09/22 19:55:14.0806 5304 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/09/22 19:55:14.0842 5304 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/22 19:55:14.0891 5304 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
2011/09/22 19:55:14.0944 5304 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/22 19:55:14.0996 5304 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/22 19:55:15.0024 5304 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/22 19:55:15.0066 5304 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
2011/09/22 19:55:15.0109 5304 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
2011/09/22 19:55:15.0165 5304 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/09/22 19:55:15.0185 5304 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/09/22 19:55:15.0254 5304 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/09/22 19:55:15.0297 5304 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/22 19:55:15.0325 5304 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/22 19:55:15.0341 5304 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/09/22 19:55:15.0386 5304 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/09/22 19:55:15.0443 5304 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
2011/09/22 19:55:15.0465 5304 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/09/22 19:55:15.0487 5304 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/09/22 19:55:15.0506 5304 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/09/22 19:55:15.0547 5304 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/22 19:55:15.0680 5304 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
2011/09/22 19:55:15.0714 5304 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/09/22 19:55:15.0742 5304 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/22 19:55:15.0793 5304 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/22 19:55:15.0845 5304 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/22 19:55:15.0892 5304 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
2011/09/22 19:55:15.0923 5304 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/22 19:55:15.0972 5304 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/22 19:55:16.0037 5304 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/09/22 19:55:16.0098 5304 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/09/22 19:55:16.0133 5304 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/09/22 19:55:16.0158 5304 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/22 19:55:16.0237 5304 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
2011/09/22 19:55:16.0275 5304 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/09/22 19:55:16.0325 5304 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
2011/09/22 19:55:16.0364 5304 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
2011/09/22 19:55:16.0418 5304 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/09/22 19:55:16.0454 5304 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/09/22 19:55:16.0513 5304 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/09/22 19:55:16.0550 5304 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
2011/09/22 19:55:16.0579 5304 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/09/22 19:55:16.0626 5304 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
2011/09/22 19:55:16.0647 5304 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/09/22 19:55:16.0670 5304 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/09/22 19:55:16.0699 5304 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/09/22 19:55:16.0733 5304 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/09/22 19:55:16.0839 5304 Point32 (420336f91eb745811cf130c80ede0653) C:\Windows\system32\DRIVERS\point32.sys
2011/09/22 19:55:16.0883 5304 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/22 19:55:16.0900 5304 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/09/22 19:55:16.0952 5304 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/22 19:55:17.0001 5304 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/09/22 19:55:17.0035 5304 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/09/22 19:55:17.0060 5304 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/22 19:55:17.0079 5304 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/22 19:55:17.0101 5304 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/09/22 19:55:17.0125 5304 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/22 19:55:17.0158 5304 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/22 19:55:17.0179 5304 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/22 19:55:17.0223 5304 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/22 19:55:17.0254 5304 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/09/22 19:55:17.0281 5304 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/22 19:55:17.0316 5304 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
2011/09/22 19:55:17.0339 5304 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/22 19:55:17.0363 5304 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/09/22 19:55:17.0411 5304 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/09/22 19:55:17.0447 5304 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
2011/09/22 19:55:17.0488 5304 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
2011/09/22 19:55:17.0546 5304 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/22 19:55:17.0600 5304 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/09/22 19:55:17.0646 5304 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
2011/09/22 19:55:17.0696 5304 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
2011/09/22 19:55:17.0724 5304 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
2011/09/22 19:55:17.0773 5304 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/22 19:55:17.0825 5304 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/22 19:55:17.0849 5304 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/09/22 19:55:17.0899 5304 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/09/22 19:55:17.0965 5304 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/09/22 19:55:17.0980 5304 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/22 19:55:18.0004 5304 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/22 19:55:18.0019 5304 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/22 19:55:18.0080 5304 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/09/22 19:55:18.0108 5304 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/09/22 19:55:18.0137 5304 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/09/22 19:55:18.0176 5304 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/09/22 19:55:18.0211 5304 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/09/22 19:55:18.0270 5304 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
2011/09/22 19:55:18.0320 5304 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/22 19:55:18.0344 5304 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/22 19:55:18.0403 5304 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/09/22 19:55:18.0458 5304 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
2011/09/22 19:55:18.0496 5304 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
2011/09/22 19:55:18.0512 5304 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
2011/09/22 19:55:18.0622 5304 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
2011/09/22 19:55:18.0689 5304 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/22 19:55:18.0743 5304 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/22 19:55:18.0799 5304 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
2011/09/22 19:55:18.0822 5304 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
2011/09/22 19:55:18.0856 5304 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/22 19:55:18.0872 5304 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
2011/09/22 19:55:18.0953 5304 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/22 19:55:18.0996 5304 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
2011/09/22 19:55:19.0065 5304 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/22 19:55:19.0108 5304 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/22 19:55:19.0144 5304 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/22 19:55:19.0184 5304 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/22 19:55:19.0222 5304 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/22 19:55:19.0248 5304 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/09/22 19:55:19.0312 5304 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
2011/09/22 19:55:19.0364 5304 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/22 19:55:19.0401 5304 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/09/22 19:55:19.0424 5304 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/22 19:55:19.0471 5304 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/22 19:55:19.0502 5304 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/09/22 19:55:19.0520 5304 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/22 19:55:19.0564 5304 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/22 19:55:19.0607 5304 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/22 19:55:19.0630 5304 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/22 19:55:19.0685 5304 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/09/22 19:55:19.0707 5304 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/22 19:55:19.0726 5304 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/09/22 19:55:19.0799 5304 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
2011/09/22 19:55:19.0828 5304 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/09/22 19:55:19.0854 5304 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/09/22 19:55:19.0876 5304 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/09/22 19:55:19.0916 5304 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
2011/09/22 19:55:19.0963 5304 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
2011/09/22 19:55:19.0985 5304 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
2011/09/22 19:55:20.0020 5304 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/09/22 19:55:20.0061 5304 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
2011/09/22 19:55:20.0090 5304 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/09/22 19:55:20.0123 5304 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/09/22 19:55:20.0150 5304 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/09/22 19:55:20.0198 5304 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/22 19:55:20.0211 5304 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/22 19:55:20.0274 5304 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/09/22 19:55:20.0319 5304 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/22 19:55:20.0398 5304 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/09/22 19:55:20.0415 5304 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/09/22 19:55:20.0493 5304 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/22 19:55:20.0555 5304 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/22 19:55:20.0614 5304 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
2011/09/22 19:55:20.0658 5304 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/22 19:55:20.0699 5304 MBR (0x1B8) (6f9a1d528242bc09104b85e0becf5554) \Device\Harddisk0\DR0
2011/09/22 19:55:20.0705 5304 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
2011/09/22 19:55:20.0716 5304 Boot (0x1200) (2df0d862e581774744a6031277e9528d) \Device\Harddisk0\DR0\Partition0
 
Reposted it again but it seems to be the same as the last one.

Also: skype is now running for me after the last fix but a game (league of legends) stopped running last night.

Edit: My mistake my notepad was off screen and figured out the issue. Here is the entire scan.

2011/09/22 19:55:01.0735 0912 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10
2011/09/22 19:55:02.0185 0912 ================================================================================
2011/09/22 19:55:02.0185 0912 SystemInfo:
2011/09/22 19:55:02.0185 0912
2011/09/22 19:55:02.0185 0912 OS Version: 6.1.7601 ServicePack: 1.0
2011/09/22 19:55:02.0185 0912 Product type: Workstation
2011/09/22 19:55:02.0186 0912 ComputerName: DEREK-PC
2011/09/22 19:55:02.0186 0912 UserName: Derek
2011/09/22 19:55:02.0186 0912 Windows directory: C:\Windows
2011/09/22 19:55:02.0186 0912 System windows directory: C:\Windows
2011/09/22 19:55:02.0186 0912 Processor architecture: Intel x86
2011/09/22 19:55:02.0186 0912 Number of processors: 2
2011/09/22 19:55:02.0186 0912 Page size: 0x1000
2011/09/22 19:55:02.0186 0912 Boot type: Normal boot
2011/09/22 19:55:02.0186 0912 ================================================================================
2011/09/22 19:55:03.0658 0912 Initialize success
2011/09/22 19:55:07.0914 5304 ================================================================================
2011/09/22 19:55:07.0914 5304 Scan started
2011/09/22 19:55:07.0914 5304 Mode: Manual;
2011/09/22 19:55:07.0914 5304 ================================================================================
2011/09/22 19:55:08.0904 5304 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
2011/09/22 19:55:08.0935 5304 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
2011/09/22 19:55:08.0956 5304 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
2011/09/22 19:55:08.0995 5304 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/09/22 19:55:09.0029 5304 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/09/22 19:55:09.0056 5304 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/09/22 19:55:09.0119 5304 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
2011/09/22 19:55:09.0143 5304 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/09/22 19:55:09.0166 5304 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/09/22 19:55:09.0226 5304 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/09/22 19:55:09.0274 5304 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/09/22 19:55:09.0300 5304 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/09/22 19:55:09.0320 5304 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/09/22 19:55:09.0484 5304 amdkmdag (d05cf4523e0c04ef82454abfd84fdc1d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/22 19:55:09.0643 5304 amdkmdap (92dc2e0ae49148f83b24d89c737b0c97) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/09/22 19:55:09.0702 5304 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
2011/09/22 19:55:09.0718 5304 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/09/22 19:55:09.0763 5304 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
2011/09/22 19:55:09.0787 5304 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/09/22 19:55:09.0807 5304 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
2011/09/22 19:55:09.0873 5304 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
2011/09/22 19:55:09.0946 5304 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/09/22 19:55:09.0965 5304 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/09/22 19:55:09.0997 5304 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/22 19:55:10.0036 5304 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/09/22 19:55:10.0229 5304 atikmdag (d05cf4523e0c04ef82454abfd84fdc1d) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/22 19:55:10.0567 5304 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/09/22 19:55:10.0594 5304 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/09/22 19:55:10.0624 5304 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/09/22 19:55:10.0656 5304 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/09/22 19:55:10.0731 5304 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/22 19:55:10.0752 5304 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/09/22 19:55:10.0778 5304 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/09/22 19:55:10.0815 5304 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/09/22 19:55:10.0840 5304 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/09/22 19:55:10.0864 5304 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/09/22 19:55:10.0907 5304 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/09/22 19:55:10.0922 5304 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/09/22 19:55:10.0983 5304 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/22 19:55:11.0041 5304 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/22 19:55:11.0065 5304 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/22 19:55:11.0106 5304 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/09/22 19:55:11.0148 5304 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/22 19:55:11.0179 5304 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/09/22 19:55:11.0213 5304 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/09/22 19:55:11.0246 5304 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/22 19:55:11.0300 5304 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
2011/09/22 19:55:11.0351 5304 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/09/22 19:55:11.0405 5304 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
2011/09/22 19:55:11.0472 5304 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
2011/09/22 19:55:11.0493 5304 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/09/22 19:55:11.0545 5304 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/09/22 19:55:11.0609 5304 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
2011/09/22 19:55:11.0645 5304 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/09/22 19:55:11.0670 5304 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/09/22 19:55:11.0704 5304 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/09/22 19:55:11.0753 5304 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/22 19:55:11.0835 5304 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/09/22 19:55:11.0940 5304 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/09/22 19:55:11.0988 5304 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/09/22 19:55:12.0035 5304 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/09/22 19:55:12.0066 5304 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/09/22 19:55:12.0094 5304 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/22 19:55:12.0132 5304 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/09/22 19:55:12.0148 5304 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/09/22 19:55:12.0175 5304 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/22 19:55:12.0199 5304 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/09/22 19:55:12.0227 5304 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/09/22 19:55:12.0287 5304 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/09/22 19:55:12.0311 5304 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/22 19:55:12.0348 5304 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
2011/09/22 19:55:12.0367 5304 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/09/22 19:55:12.0443 5304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/09/22 19:55:12.0464 5304 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/09/22 19:55:12.0523 5304 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
2011/09/22 19:55:12.0570 5304 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
2011/09/22 19:55:12.0593 5304 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/09/22 19:55:12.0622 5304 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/09/22 19:55:12.0652 5304 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/22 19:55:12.0694 5304 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/22 19:55:12.0771 5304 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/09/22 19:55:12.0831 5304 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
2011/09/22 19:55:12.0872 5304 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
2011/09/22 19:55:12.0902 5304 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/22 19:55:12.0962 5304 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
2011/09/22 19:55:12.0987 5304 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/09/22 19:55:13.0016 5304 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/09/22 19:55:13.0047 5304 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/22 19:55:13.0068 5304 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/22 19:55:13.0108 5304 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
2011/09/22 19:55:13.0131 5304 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/09/22 19:55:13.0163 5304 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/09/22 19:55:13.0180 5304 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/09/22 19:55:13.0213 5304 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
2011/09/22 19:55:13.0264 5304 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/22 19:55:13.0289 5304 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/22 19:55:13.0343 5304 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/22 19:55:13.0370 5304 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/09/22 19:55:13.0513 5304 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/22 19:55:13.0556 5304 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/09/22 19:55:13.0584 5304 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/09/22 19:55:13.0600 5304 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/09/22 19:55:13.0628 5304 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/09/22 19:55:13.0662 5304 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/09/22 19:55:13.0712 5304 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
2011/09/22 19:55:13.0740 5304 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/09/22 19:55:13.0765 5304 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/09/22 19:55:13.0800 5304 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/09/22 19:55:13.0894 5304 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/22 19:55:13.0941 5304 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/22 19:55:13.0968 5304 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/22 19:55:14.0011 5304 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
2011/09/22 19:55:14.0072 5304 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/09/22 19:55:14.0118 5304 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
2011/09/22 19:55:14.0572 5304 MpKslb90d6e82 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9ED0A321-B675-4571-883A-E6AAEC66FB5C}\MpKslb90d6e82.sys
2011/09/22 19:55:14.0655 5304 MpKsle94120ba (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9ED0A321-B675-4571-883A-E6AAEC66FB5C}\MpKsle94120ba.sys
2011/09/22 19:55:14.0806 5304 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/09/22 19:55:14.0842 5304 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/22 19:55:14.0891 5304 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
2011/09/22 19:55:14.0944 5304 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/22 19:55:14.0996 5304 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/22 19:55:15.0024 5304 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/22 19:55:15.0066 5304 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
2011/09/22 19:55:15.0109 5304 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
2011/09/22 19:55:15.0165 5304 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/09/22 19:55:15.0185 5304 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/09/22 19:55:15.0254 5304 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/09/22 19:55:15.0297 5304 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/22 19:55:15.0325 5304 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/22 19:55:15.0341 5304 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/09/22 19:55:15.0386 5304 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/09/22 19:55:15.0443 5304 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
2011/09/22 19:55:15.0465 5304 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/09/22 19:55:15.0487 5304 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/09/22 19:55:15.0506 5304 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/09/22 19:55:15.0547 5304 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/22 19:55:15.0680 5304 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
2011/09/22 19:55:15.0714 5304 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/09/22 19:55:15.0742 5304 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/22 19:55:15.0793 5304 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/22 19:55:15.0845 5304 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/22 19:55:15.0892 5304 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
2011/09/22 19:55:15.0923 5304 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/22 19:55:15.0972 5304 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/22 19:55:16.0037 5304 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/09/22 19:55:16.0098 5304 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/09/22 19:55:16.0133 5304 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/09/22 19:55:16.0158 5304 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/22 19:55:16.0237 5304 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
2011/09/22 19:55:16.0275 5304 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/09/22 19:55:16.0325 5304 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
2011/09/22 19:55:16.0364 5304 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
2011/09/22 19:55:16.0418 5304 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/09/22 19:55:16.0454 5304 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/09/22 19:55:16.0513 5304 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/09/22 19:55:16.0550 5304 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
2011/09/22 19:55:16.0579 5304 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/09/22 19:55:16.0626 5304 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
2011/09/22 19:55:16.0647 5304 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/09/22 19:55:16.0670 5304 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/09/22 19:55:16.0699 5304 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/09/22 19:55:16.0733 5304 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/09/22 19:55:16.0839 5304 Point32 (420336f91eb745811cf130c80ede0653) C:\Windows\system32\DRIVERS\point32.sys
2011/09/22 19:55:16.0883 5304 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/22 19:55:16.0900 5304 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/09/22 19:55:16.0952 5304 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/22 19:55:17.0001 5304 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/09/22 19:55:17.0035 5304 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/09/22 19:55:17.0060 5304 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/22 19:55:17.0079 5304 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/22 19:55:17.0101 5304 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/09/22 19:55:17.0125 5304 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/22 19:55:17.0158 5304 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/22 19:55:17.0179 5304 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/22 19:55:17.0223 5304 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/22 19:55:17.0254 5304 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/09/22 19:55:17.0281 5304 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/22 19:55:17.0316 5304 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
2011/09/22 19:55:17.0339 5304 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/22 19:55:17.0363 5304 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/09/22 19:55:17.0411 5304 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/09/22 19:55:17.0447 5304 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
2011/09/22 19:55:17.0488 5304 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
2011/09/22 19:55:17.0546 5304 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/22 19:55:17.0600 5304 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/09/22 19:55:17.0646 5304 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
2011/09/22 19:55:17.0696 5304 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
2011/09/22 19:55:17.0724 5304 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
2011/09/22 19:55:17.0773 5304 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/22 19:55:17.0825 5304 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/22 19:55:17.0849 5304 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/09/22 19:55:17.0899 5304 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/09/22 19:55:17.0965 5304 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/09/22 19:55:17.0980 5304 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/22 19:55:18.0004 5304 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/22 19:55:18.0019 5304 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/22 19:55:18.0080 5304 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/09/22 19:55:18.0108 5304 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/09/22 19:55:18.0137 5304 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/09/22 19:55:18.0176 5304 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/09/22 19:55:18.0211 5304 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/09/22 19:55:18.0270 5304 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
2011/09/22 19:55:18.0320 5304 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/22 19:55:18.0344 5304 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/22 19:55:18.0403 5304 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/09/22 19:55:18.0458 5304 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
2011/09/22 19:55:18.0496 5304 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
2011/09/22 19:55:18.0512 5304 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
2011/09/22 19:55:18.0622 5304 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
2011/09/22 19:55:18.0689 5304 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/22 19:55:18.0743 5304 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/22 19:55:18.0799 5304 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
2011/09/22 19:55:18.0822 5304 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
2011/09/22 19:55:18.0856 5304 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/22 19:55:18.0872 5304 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
2011/09/22 19:55:18.0953 5304 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/22 19:55:18.0996 5304 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
2011/09/22 19:55:19.0065 5304 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/22 19:55:19.0108 5304 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/22 19:55:19.0144 5304 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/22 19:55:19.0184 5304 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/22 19:55:19.0222 5304 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/22 19:55:19.0248 5304 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/09/22 19:55:19.0312 5304 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
2011/09/22 19:55:19.0364 5304 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/22 19:55:19.0401 5304 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/09/22 19:55:19.0424 5304 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/22 19:55:19.0471 5304 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/22 19:55:19.0502 5304 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/09/22 19:55:19.0520 5304 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/22 19:55:19.0564 5304 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/22 19:55:19.0607 5304 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/22 19:55:19.0630 5304 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/22 19:55:19.0685 5304 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/09/22 19:55:19.0707 5304 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/22 19:55:19.0726 5304 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/09/22 19:55:19.0799 5304 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
2011/09/22 19:55:19.0828 5304 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/09/22 19:55:19.0854 5304 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/09/22 19:55:19.0876 5304 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/09/22 19:55:19.0916 5304 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
2011/09/22 19:55:19.0963 5304 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
2011/09/22 19:55:19.0985 5304 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
2011/09/22 19:55:20.0020 5304 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/09/22 19:55:20.0061 5304 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
2011/09/22 19:55:20.0090 5304 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/09/22 19:55:20.0123 5304 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/09/22 19:55:20.0150 5304 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/09/22 19:55:20.0198 5304 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/22 19:55:20.0211 5304 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/22 19:55:20.0274 5304 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/09/22 19:55:20.0319 5304 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/22 19:55:20.0398 5304 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/09/22 19:55:20.0415 5304 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/09/22 19:55:20.0493 5304 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/22 19:55:20.0555 5304 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/22 19:55:20.0614 5304 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
2011/09/22 19:55:20.0658 5304 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/22 19:55:20.0699 5304 MBR (0x1B8) (6f9a1d528242bc09104b85e0becf5554) \Device\Harddisk0\DR0
2011/09/22 19:55:20.0705 5304 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
2011/09/22 19:55:20.0716 5304 Boot (0x1200) (2df0d862e581774744a6031277e9528d) \Device\Harddisk0\DR0\Partition0
2011/09/22 19:55:20.0734 5304 Boot (0x1200) (0050d3c46719eff53efd7d1b2d596e03) \Device\Harddisk0\DR0\Partition1
2011/09/22 19:55:20.0741 5304 ================================================================================
2011/09/22 19:55:20.0742 5304 Scan finished
2011/09/22 19:55:20.0742 5304 ================================================================================
2011/09/22 19:55:20.0754 5276 Detected object count: 1
2011/09/22 19:55:20.0754 5276 Actual detected object count: 1
2011/09/22 19:55:30.0763 5276 \Device\Harddisk0\DR0 (Rootkit.Boot.SST.a) - will be cured after reboot
2011/09/22 19:55:30.0763 5276 \Device\Harddisk0\DR0 - ok
2011/09/22 19:55:30.0764 5276 Rootkit.Boot.SST.a(\Device\Harddisk0\DR0) - User select action: Cure
2011/09/22 19:55:47.0710 4988 Deinitialize success
 
Reinstalled the game and it seems to be working so idk maybe that was it. The google hijack seems to have stopped also.

Heres the log:

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows 7
Version 6.1.7601 (Service Pack 1)
Number of processors #2
==============================================
>Drivers
==============================================
0x9401A000 C:\Windows\system32\DRIVERS\atikmdag.sys 7888896 bytes (ATI Technologies Inc., ATI Radeon Kernel Mode Driver)
0x82C10000 C:\Windows\system32\ntoskrnl.exe 4206592 bytes (Microsoft Corporation, NT Kernel & System)
0x82C10000 PnpManager 4206592 bytes
0x82C10000 RAW 4206592 bytes
0x82C10000 WMIxWDM 4206592 bytes
0x96950000 Win32k 2416640 bytes
0x96950000 C:\Windows\System32\win32k.sys 2416640 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8C80F000 C:\Windows\System32\drivers\tcpip.sys 1351680 bytes (Microsoft Corporation, TCP/IP Driver)
0x8C401000 C:\Windows\System32\Drivers\Ntfs.sys 1241088 bytes (Microsoft Corporation, NT File System Driver)
0x93501000 C:\Windows\System32\drivers\dxgkrnl.sys 749568 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8C5E2000 C:\Windows\system32\drivers\ndis.sys 749568 bytes (Microsoft Corporation, NDIS 6.20 driver)
0x8C10A000 C:\Windows\system32\CI.dll 700416 bytes (Microsoft Corporation, Code Integrity Module)
0x9F42A000 C:\Windows\system32\drivers\peauth.sys 618496 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x95689000 C:\Windows\system32\drivers\HTTP.sys 544768 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x8C02A000 C:\Windows\system32\mcupdate_GenuineIntel.dll 544768 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x8C1B5000 C:\Windows\system32\drivers\Wdf01000.sys 462848 bytes (Microsoft Corporation, Kernel Mode Driver Framework Runtime)
0x93405000 C:\Windows\system32\drivers\csc.sys 409600 bytes (Microsoft Corporation, Windows Client Side Caching Driver)
0x8C56E000 C:\Windows\System32\Drivers\cng.sys 380928 bytes (Microsoft Corporation, Kernel Cryptography, Next Generation)
0x8CB9B000 C:\Windows\system32\drivers\afd.sys 368640 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x9F549000 C:\Windows\System32\DRIVERS\srv.sys 335872 bytes (Microsoft Corporation, Server driver)
0x95475000 C:\Windows\system32\drivers\HdAudio.sys 327680 bytes (Microsoft Corporation, High Definition Audio Function Driver)
0x9F4F9000 C:\Windows\System32\DRIVERS\srv2.sys 327680 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x96800000 C:\Windows\System32\ATMFD.DLL 315392 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0x935FD000 C:\Windows\system32\DRIVERS\USBPORT.SYS 307200 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8C2E3000 C:\Windows\System32\drivers\volmgrx.sys 307200 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8C234000 C:\Windows\system32\drivers\ACPI.sys 294912 bytes (Microsoft Corporation, ACPI Driver for NT)
0x935B8000 C:\Windows\system32\DRIVERS\Rt86win7.sys 282624 bytes (Realtek , Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver )
0x95416000 C:\Windows\system32\DRIVERS\usbhub.sys 278528 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x8C0C8000 C:\Windows\system32\CLFS.SYS 270336 bytes (Microsoft Corporation, Common Log File System Driver)
0x8C78B000 C:\Windows\system32\DRIVERS\rdbss.sys 266240 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x95517000 C:\Windows\system32\DRIVERS\udfs.sys 262144 bytes (Microsoft Corporation, UDF File System Driver)
0x934C2000 C:\Windows\system32\DRIVERS\atikmpag.sys 258048 bytes (Advanced Micro Devices, Inc., AMD multi-vendor Miniport Driver)
0x8C993000 C:\Windows\system32\drivers\volsnap.sys 258048 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8C699000 C:\Windows\system32\drivers\NETIO.SYS 253952 bytes (Microsoft Corporation, Network I/O Subsystem)
0x9575C000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 241664 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x947A0000 C:\Windows\System32\drivers\dxgmms1.sys 233472 bytes (Microsoft Corporation, DirectX Graphics MMS)
0x83013000 ACPI_HAL 225280 bytes
0x83013000 C:\Windows\system32\halmacpi.dll 225280 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x8C3CA000 C:\Windows\system32\drivers\fltmgr.sys 212992 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x9379E000 C:\Windows\system32\drivers\ks.sys 212992 bytes (Microsoft Corporation, Kernel CSA Library)
0x8CA1F000 C:\Windows\System32\DRIVERS\fvevol.sys 204800 bytes (Microsoft Corporation, BitLocker Drive Encryption Driver)
0x8C6FC000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8C959000 C:\Windows\System32\drivers\fwpkclnt.sys 200704 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x954C5000 C:\Windows\system32\drivers\portcls.sys 192512 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8C9DA000 C:\Windows\System32\drivers\rdyboost.sys 184320 bytes (Microsoft Corporation, ReadyBoost Driver)
0x8C530000 C:\Windows\System32\Drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x9F5B0000 C:\Windows\System32\Drivers\fastfat.SYS 172032 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x8C28D000 C:\Windows\system32\drivers\pci.sys 172032 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x8C359000 C:\Windows\system32\drivers\vmbus.sys 172032 bytes (Microsoft Corporation, Virtual Machine Bus)
0x8CAD8000 C:\Windows\system32\DRIVERS\MpFilter.sys 159744 bytes (Microsoft Corporation, Microsoft antimalware file system filter driver)
0x93778000 C:\Windows\system32\DRIVERS\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8CA62000 C:\Windows\system32\DRIVERS\CLASSPNP.SYS 151552 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8C6D7000 C:\Windows\System32\Drivers\ksecpkg.sys 151552 bytes (Microsoft Corporation, Kernel Security Support Provider Interface Packages)
0x955C8000 C:\Windows\system32\DRIVERS\Dot4.sys 147456 bytes (Microsoft Corporation, IEEE-1284.4-1999 Driver)
0x8C39E000 C:\Windows\system32\drivers\ataport.SYS 143360 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x95739000 C:\Windows\system32\DRIVERS\mrxsmb.sys 143360 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x936DC000 C:\Windows\system32\DRIVERS\ndiswan.sys 139264 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x9F4CB000 C:\Windows\System32\DRIVERS\srvnet.sys 135168 bytes (Microsoft Corporation, Server Network driver)
0x9348F000 C:\Windows\system32\DRIVERS\tunnel.sys 135168 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8CB19000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x8CAB9000 C:\Windows\system32\DRIVERS\cdrom.sys 126976 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x947D9000 C:\Windows\system32\drivers\HDAudBus.sys 126976 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x8C72E000 C:\Windows\system32\DRIVERS\pacer.sys 126976 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x96850000 C:\Windows\System32\cdd.dll 122880 bytes (Microsoft Corporation, Canonical Display Driver)
0x9375B000 C:\Windows\system32\DRIVERS\mcdbus.sys 118784 bytes (MagicISO, Inc., MagicISO SCSI Host Controller)
0x95631000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x95797000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 110592 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x8C74D000 C:\Windows\system32\DRIVERS\serial.sys 106496 bytes (Microsoft Corporation, Serial Device Driver)
0x9564C000 C:\Windows\system32\drivers\WudfPf.sys 106496 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x9570E000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x954F4000 C:\Windows\system32\drivers\drmk.sys 102400 bytes (Microsoft Corporation, Microsoft Trusted Audio Drivers)
0x93469000 C:\Windows\System32\Drivers\dfsc.sys 98304 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x93675000 C:\Windows\system32\DRIVERS\i8042prt.sys 98304 bytes (Microsoft Corporation, i8042 Port Driver)
0x9365D000 C:\Windows\system32\DRIVERS\parport.sys 98304 bytes (Microsoft Corporation, Parallel Port Driver)
0x936B9000 C:\Windows\system32\DRIVERS\rasl2tp.sys 98304 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x936FE000 C:\Windows\system32\DRIVERS\raspppoe.sys 98304 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x93716000 C:\Windows\system32\DRIVERS\raspptp.sys 94208 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x9372D000 C:\Windows\system32\DRIVERS\rassstp.sys 94208 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8CB78000 C:\Windows\system32\DRIVERS\tdx.sys 94208 bytes (Microsoft Corporation, TDI Translation Driver)
0x95589000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0x8C343000 C:\Windows\System32\drivers\mountmgr.sys 90112 bytes (Microsoft Corporation, Mount Point Manager)
0x95600000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 77824 bytes (Microsoft Corporation, Hid Class Library)
0x8C55B000 C:\Windows\System32\Drivers\ksecdd.sys 77824 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x95676000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x8C767000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8C383000 00000090 73728 bytes
0x936A7000 C:\Windows\system32\DRIVERS\AgileVpn.sys 73728 bytes (Microsoft Corporation, RAS Agile Vpn Miniport Call Manager)
0x934B0000 C:\Windows\system32\DRIVERS\intelppm.sys 73728 bytes (Microsoft Corporation, Processor Device Driver)
0x95727000 C:\Windows\System32\drivers\mpsdrv.sys 73728 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8C383000 C:\Windows\system32\drivers\winhv.sys 73728 bytes (Microsoft Corporation, Windows Hypervisor Interface Driver)
0x8CA51000 C:\Windows\system32\DRIVERS\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x95578000 C:\Windows\System32\Drivers\dump_dumpfve.sys 69632 bytes
0x8C000000 C:\Windows\system32\drivers\fileinfo.sys 69632 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x95464000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8C2C2000 C:\Windows\System32\drivers\partmgr.sys 69632 bytes (Microsoft Corporation, Partition Management Driver)
0x8C0AF000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x8C77A000 C:\Windows\system32\drivers\termdd.sys 69632 bytes (Microsoft Corporation, Remote Desktop Server Driver)
0x95666000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8CA07000 C:\Windows\System32\Drivers\mup.sys 65536 bytes (Microsoft Corporation, Multiple UNC Provider Driver)
0x8C2D3000 C:\Windows\system32\drivers\volmgr.sys 65536 bytes (Microsoft Corporation, Volume Manager Driver)
0x937D2000 C:\Windows\system32\DRIVERS\AmdLLD.sys 61440 bytes (AMD, Inc., AMD Low Level Device Driver)
0x9F59B000 C:\Windows\system32\DRIVERS\NisDrvWFP.sys 61440 bytes (Microsoft Corporation, Microsoft Network Inspection System Driver)
0x9400B000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x93481000 C:\Windows\system32\DRIVERS\blbdrive.sys 57344 bytes (Microsoft Corporation, BLB Drive Driver)
0x8C800000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8CB6A000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8C335000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8C5CB000 C:\Windows\System32\drivers\pcw.sys 57344 bytes (Microsoft Corporation, Performance Counters for Windows Driver)
0x937E1000 C:\Windows\system32\DRIVERS\umbus.sys 57344 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x955A2000 C:\Windows\system32\DRIVERS\usbscan.sys 57344 bytes (Microsoft Corporation, USB Scanner Driver)
0x8C226000 C:\Windows\system32\drivers\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0x9369A000 C:\Windows\system32\drivers\CompositeBus.sys 53248 bytes (Microsoft Corporation, Multi-Transport Composite Bus Enumerator)
0x95557000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x955BB000 C:\Windows\system32\DRIVERS\dot4usb.sys 53248 bytes (Microsoft Corporation, DOT4USB filter driver)
0x9374E000 C:\Windows\system32\DRIVERS\kbdclass.sys 53248 bytes (Microsoft Corporation, Keyboard Class Driver)
0x9368D000 C:\Windows\system32\DRIVERS\mouclass.sys 53248 bytes (Microsoft Corporation, Mouse Class Driver)
0x9F4EC000 C:\Windows\System32\drivers\tcpipreg.sys 53248 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8CB3A000 C:\Windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x8C7E0000 C:\Windows\System32\drivers\discache.sys 49152 bytes (Microsoft Corporation, System Indexer/Cache Driver)
0x9561A000 C:\Windows\system32\DRIVERS\kbdhid.sys 49152 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x8CB8F000 C:\Windows\system32\DRIVERS\TDI.SYS 49152 bytes (Microsoft Corporation, TDI Wrapper)
0x8CB0D000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x95564000 C:\Windows\System32\Drivers\dump_dumpata.sys 45056 bytes
0x93652000 C:\Windows\system32\DRIVERS\fdc.sys 45056 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0x955F5000 C:\Windows\system32\DRIVERS\hidusb.sys 45056 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x95626000 C:\Windows\system32\DRIVERS\monitor.sys 45056 bytes (Microsoft Corporation, Monitor Driver)
0x8CB5F000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x936D1000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x955B0000 C:\Windows\system32\DRIVERS\usbprint.sys 45056 bytes (Microsoft Corporation, USB Printer driver)
0x94000000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8C2B7000 C:\Windows\system32\drivers\vdrvroot.sys 45056 bytes (Microsoft Corporation, Virtual Drive Root Enumerator)
0x9550D000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x9545A000 C:\Windows\system32\DRIVERS\flpydisk.sys 40960 bytes (Microsoft Corporation, Floppy Driver)
0x957B9000 C:\Windows\system32\DRIVERS\MpNWMon.sys 40960 bytes (Microsoft Corporation, Network monitor driver)
0x8C7D6000 C:\Windows\system32\drivers\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x8C7CC000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x93744000 C:\Windows\system32\DRIVERS\rdpbus.sys 40960 bytes (Microsoft Corporation, Microsoft RDP Bus Device driver)
0x9F4C1000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x93648000 C:\Windows\system32\DRIVERS\serenum.sys 40960 bytes (Microsoft Corporation, Serial Port Enumerator)
0x8C3C1000 C:\Windows\system32\drivers\amdxata.sys 36864 bytes (Advanced Micro Devices, Storage Filter Driver)
0x8C395000 C:\Windows\system32\drivers\atapi.sys 36864 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x9F65A000 C:\Windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x955EC000 C:\Windows\system32\DRIVERS\Dot4Prt.sys 36864 bytes (Microsoft Corporation, IEEE-1284.4 Print Class Driver)
0x9556F000 C:\Windows\System32\Drivers\dump_atapi.sys 36864 bytes
0x8C5D9000 C:\Windows\System32\Drivers\Fs_Rec.sys 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x96BB0000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8C98A000 C:\Windows\system32\drivers\vmstorfl.sys 36864 bytes (Microsoft Corporation, Virtual Storage Filter Driver)
0x8C27C000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x8C0C0000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x8CA17000 C:\Windows\System32\drivers\hwpolicy.sys 32768 bytes (Microsoft Corporation, Hardware Policy Driver)
0x80BA5000 C:\Windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Serial Kernel Debugger)
0x8C285000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8CB47000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8CB4F000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Encoder Miniport)
0x8CB57000 C:\Windows\system32\drivers\rdprefmp.sys 32768 bytes (Microsoft Corporation, RDP Reflector Driver Miniport)
0x8C9D2000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8CB06000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x95613000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x8C32E000 C:\Windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x8CAFF000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x957B2000 C:\Windows\system32\DRIVERS\parvdm.sys 28672 bytes (Microsoft Corporation, VDM Parallel Driver)
0x8CBF5000 C:\Windows\system32\DRIVERS\wfplwf.sys 28672 bytes (Microsoft Corporation, WFP NDIS 6.20 Lightweight Filter Driver)
0x947F8000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x9F5AA000 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AB72E3F9-3A61-4D72-BB74-FADE1A027574}\MpKslb9a7e23c.sys 24576 bytes (Microsoft Corporation, KSLDriver)
0x947FE000 C:\Windows\system32\drivers\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x955A0000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================


Nothing detected :(
 
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-22 21:22:34
-----------------------------
21:22:34.431 OS Version: Windows 6.1.7601 Service Pack 1
21:22:34.431 Number of processors: 2 586 0xF0D
21:22:34.432 ComputerName: DEREK-PC UserName: Derek
21:22:35.870 Initialize success
21:22:40.959 AVAST engine defs: 11092101
21:22:43.243 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
21:22:43.245 Disk 0 Vendor: WDC_WD10EADS-114BB1 80.00A80 Size: 953869MB BusType: 3
21:22:45.262 Disk 0 MBR read successfully
21:22:45.265 Disk 0 MBR scan
21:22:45.270 Disk 0 Windows 7 default MBR code
21:22:45.274 Disk 0 scanning sectors +1953521664
21:22:45.383 Disk 0 scanning C:\Windows\system32\drivers
21:22:58.900 Service scanning
21:22:59.398 Service MpKslb9a7e23c c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AB72E3F9-3A61-4D72-BB74-FADE1A027574}\MpKslb9a7e23c.sys **LOCKED** 32
21:22:59.406 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
21:23:00.057 Modules scanning
21:23:08.346 Disk 0 trace - called modules:
21:23:08.361 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
21:23:08.694 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x862109a8]
21:23:08.700 3 CLASSPNP.SYS[8ca6659e] -> nt!IofCallDriver -> [0x85d60760]
21:23:08.706 5 ACPI.sys[8c23d3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0x85db8908]
21:23:10.634 AVAST engine scan C:\Windows
21:23:17.034 AVAST engine scan C:\Windows\system32
21:27:42.348 AVAST engine scan C:\Windows\system32\drivers
21:28:11.006 AVAST engine scan C:\Users\Derek
21:51:01.673 Disk 0 MBR has been saved successfully to "C:\Users\Derek\Desktop\MBR.dat"
21:51:01.759 The log file has been saved successfully to "C:\Users\Derek\Desktop\aswMBR.txt"


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-22 21:54:59
-----------------------------
21:54:59.848 OS Version: Windows 6.1.7601 Service Pack 1
21:54:59.848 Number of processors: 2 586 0xF0D
21:54:59.848 ComputerName: DEREK-PC UserName: Derek
21:55:22.020 Initialize success
21:55:26.496 AVAST engine defs: 11092101
21:55:29.315 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
21:55:29.318 Disk 0 Vendor: WDC_WD10EADS-114BB1 80.00A80 Size: 953869MB BusType: 3
21:55:31.336 Disk 0 MBR read successfully
21:55:31.339 Disk 0 MBR scan
21:55:31.343 Disk 0 Windows 7 default MBR code
21:55:31.347 Disk 0 scanning sectors +1953521664
21:55:31.452 Disk 0 scanning C:\Windows\system32\drivers
21:55:47.184 Service scanning
21:55:52.320 Service MpKsl72951d0f c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AB72E3F9-3A61-4D72-BB74-FADE1A027574}\MpKsl72951d0f.sys **LOCKED** 32
21:55:52.328 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
21:55:52.982 Modules scanning
21:55:58.469 Disk 0 trace - called modules:
21:55:58.491 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
21:55:58.497 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8620a810]
21:55:58.504 3 CLASSPNP.SYS[8ca6759e] -> nt!IofCallDriver -> [0x85470918]
21:55:58.509 5 ACPI.sys[8c22c3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0x85db8030]
21:55:59.863 AVAST engine scan C:\Windows
21:56:04.085 AVAST engine scan C:\Windows\system32
21:58:53.816 AVAST engine scan C:\Windows\system32\drivers
21:59:10.782 AVAST engine scan C:\Users\Derek
22:24:10.797 AVAST engine scan C:\ProgramData
22:28:37.357 Scan finished successfully
22:51:03.763 Disk 0 MBR has been saved successfully to "C:\Users\Derek\Desktop\MBR.dat"
22:51:03.821 The log file has been saved successfully to "C:\Users\Derek\Desktop\aswMBR.txt"


ComboFix 11-09-23.03 - Derek 09/23/2011 12:07:54.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3327.1902 [GMT -7:00]
Running from: c:\users\Derek\Downloads\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-08-23 to 2011-09-23 )))))))))))))))))))))))))))))))
.
.
2011-09-23 19:14 . 2011-09-23 19:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-21 21:27 . 2011-09-21 21:27 -------- dc----w- c:\programdata\{9937DA50-1322-492A-A1C8-1911CDD1BD57}
2011-09-21 21:23 . 2011-09-21 21:23 -------- d-----w- c:\users\Derek\AppData\Roaming\Malwarebytes
2011-09-21 21:22 . 2011-09-21 21:22 -------- d-----w- c:\programdata\Malwarebytes
2011-09-21 21:22 . 2011-09-21 21:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-17 07:25 . 2011-09-21 20:40 -------- d-----w- c:\users\Derek\AppData\Roaming\Ventrilo
2011-09-15 01:17 . 2011-09-21 20:40 -------- d-----w- c:\program files\Ventrilo
2011-09-13 09:34 . 2011-09-13 09:34 -------- d-----w- c:\windows\Sun
2011-08-26 22:47 . 2011-08-26 22:47 -------- d-----w- c:\program files\Common Files\scanner
2011-08-26 22:47 . 2011-08-26 22:47 -------- d-----w- c:\program files\comcasttb
2011-08-26 22:47 . 2011-08-26 22:47 -------- d-----w- c:\program files\CA
2011-08-26 22:47 . 2011-08-26 22:47 -------- d-----w- c:\windows\Downloaded Installations
2011-08-26 22:45 . 2011-09-22 00:59 -------- d-----w- c:\program files\xfin_portal
2011-08-26 22:42 . 2011-09-13 05:29 -------- d-----w- c:\users\Derek\AppData\Local\SupportSoft
2011-08-26 22:40 . 2011-08-26 22:40 -------- d-----w- c:\program files\Common Files\SupportSoft
2011-08-26 22:40 . 2011-08-26 22:40 -------- d-----w- c:\program files\ComcastUI
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-17 14:59 . 2011-05-19 21:53 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-22 04:54 . 2011-08-10 04:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-19 12:05 . 2011-06-17 01:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-16 04:27 . 2011-08-10 04:15 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 04:15 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 04:15 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 04:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 04:29 . 2011-08-24 13:21 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-09 02:30 . 2011-08-10 04:15 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-29 13:54 . 2011-03-31 03:51 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-09-08 03:21 . 2011-03-27 23:38 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\steam.exe" [2011-08-03 1242448]
"Desktop Software"="c:\program files\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-09-12 17351304]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-09-22 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-22 1778064]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-07 1797488]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-22 91520]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-04-08 1406248]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-09-01 1047208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
c:\users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2011-4-9 576000]
Registration Heroes of Might & Magic 5.LNK - c:\program files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe [2011-3-30 868352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
LOLRecorder.lnk - c:\program files\LOLReplay\LOLRecorder.exe [2011-9-21 405504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKsl002e5e40;MpKsl002e5e40;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BEC80BE6-62AD-491F-A5BA-BF13D5804781}\MpKsl002e5e40.sys [x]
R1 MpKsl03249d40;MpKsl03249d40;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C2C5A6CC-1FED-4574-B4EF-99BD553B8D36}\MpKsl03249d40.sys [x]
R1 MpKsl040600f4;MpKsl040600f4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B133DB4A-8696-444B-B341-9174AF32A3AF}\MpKsl040600f4.sys [x]
R1 MpKsl055c88b5;MpKsl055c88b5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2E9F1E25-37AC-402D-BD27-7B202604CA4F}\MpKsl055c88b5.sys [x]
R1 MpKsl093a1754;MpKsl093a1754;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1A386B1-78A5-4F18-B46F-3DA3ED2F3629}\MpKsl093a1754.sys [x]
R1 MpKsl0e0bea13;MpKsl0e0bea13;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A107679D-E6D1-4B1D-A179-A9CAF5509ED3}\MpKsl0e0bea13.sys [x]
R1 MpKsl1b1b7ebf;MpKsl1b1b7ebf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{53896F6C-109C-40C6-8D7E-23FADB9FE428}\MpKsl1b1b7ebf.sys [x]
R1 MpKsl39161332;MpKsl39161332;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7272F1A1-E3D9-4151-A365-02E7E2D14D60}\MpKsl39161332.sys [x]
R1 MpKsl47300ffd;MpKsl47300ffd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1D5DEA57-B4F9-4F72-AA3E-BB057CEAD9D3}\MpKsl47300ffd.sys [x]
R1 MpKsl4c25b95f;MpKsl4c25b95f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{33FDADE8-0EEF-46E5-890B-F23CC9CD2679}\MpKsl4c25b95f.sys [x]
R1 MpKsl4ef88ffd;MpKsl4ef88ffd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CD9B4117-D71F-4C42-A403-2C88F39897EE}\MpKsl4ef88ffd.sys [x]
R1 MpKsl58ff3399;MpKsl58ff3399;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BEC80BE6-62AD-491F-A5BA-BF13D5804781}\MpKsl58ff3399.sys [x]
R1 MpKsl68c83548;MpKsl68c83548;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E6812986-CE24-44AC-9C83-A0793251F027}\MpKsl68c83548.sys [x]
R1 MpKsl72951d0f;MpKsl72951d0f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB72E3F9-3A61-4D72-BB74-FADE1A027574}\MpKsl72951d0f.sys [x]
R1 MpKsl8bc51ca4;MpKsl8bc51ca4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA7CFBF1-EEC2-4900-BCAD-90A1F4A8408C}\MpKsl8bc51ca4.sys [x]
R1 MpKsl95e737cd;MpKsl95e737cd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8AC43A24-B16D-4897-91D0-BFE0F2D9BFC4}\MpKsl95e737cd.sys [x]
R1 MpKsl9b438dda;MpKsl9b438dda;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{66377808-71FB-488D-B788-077C1EA52D70}\MpKsl9b438dda.sys [x]
R1 MpKsl9d6d5027;MpKsl9d6d5027;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{529B0A21-E307-4C56-B06D-A9002765309A}\MpKsl9d6d5027.sys [x]
R1 MpKsla4511d04;MpKsla4511d04;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5C1DAC28-D9F0-433A-9E88-CEA686D3C7D7}\MpKsla4511d04.sys [x]
R1 MpKsla646d26e;MpKsla646d26e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{20FF1153-2611-45AB-BDED-9981E58A0C59}\MpKsla646d26e.sys [x]
R1 MpKslaecd84cb;MpKslaecd84cb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7272F1A1-E3D9-4151-A365-02E7E2D14D60}\MpKslaecd84cb.sys [x]
R1 MpKslc36014d0;MpKslc36014d0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E6812986-CE24-44AC-9C83-A0793251F027}\MpKslc36014d0.sys [x]
R1 MpKslca656fd9;MpKslca656fd9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{46B8DBC8-5CDF-46FD-9E2D-B9F338155853}\MpKslca656fd9.sys [x]
R1 MpKsle4e1232a;MpKsle4e1232a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{46B8DBC8-5CDF-46FD-9E2D-B9F338155853}\MpKsle4e1232a.sys [x]
R1 MpKslf4c8274d;MpKslf4c8274d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2C145FE5-7943-4D07-A025-EA6F9A09D14D}\MpKslf4c8274d.sys [x]
R1 MpKslfa593dc8;MpKslfa593dc8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B9CF9C14-9375-4361-8B23-7E89251DAB51}\MpKslfa593dc8.sys [x]
R1 MpKslfe828125;MpKslfe828125;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{03D616AA-0FAB-4259-A769-BFD51CAF40C0}\MpKslfe828125.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-22 30963576]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-06 1343400]
S1 MpKsl5c355ebc;MpKsl5c355ebc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB72E3F9-3A61-4D72-BB74-FADE1A027574}\MpKsl5c355ebc.sys [2011-09-23 28752]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-27 176128]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-06-17 616408]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2011-03-29 598312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-27 7566848]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-27 238592]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL5C355EBC
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:57596
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 68.87.85.102 68.87.69.150
FF - ProfilePath - c:\users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\xkctxi5h.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.leagueoflegends.com/
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3881011562-596480335-2157353384-1000\Software\SecuROM\License information*]
"datasecu"=hex:7a,17,17,14,6c,f7,1b,1a,ac,65,d3,c8,4c,a8,4c,f3,e3,01,17,94,c1,
bf,97,ab,a4,94,e4,7d,03,1e,1a,1a,e8,fe,8c,2a,16,d6,3c,c9,06,33,d5,ad,b4,44,\
"rkeysecu"=hex:f2,ff,11,5e,5a,6c,15,a8,b9,da,6a,0d,9f,27,c5,7c
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(664)
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
.
Completion time: 2011-09-23 12:16:29
ComboFix-quarantined-files.txt 2011-09-23 19:16
ComboFix2.txt 2011-09-22 04:09
ComboFix3.txt 2011-09-21 23:05
.
Pre-Run: 799,777,701,888 bytes free
Post-Run: 799,587,475,456 bytes free
.
- - End Of File - - 491E7D349D447277385EDD3CE5F89F93
 
All looks good.

How is computer doing?

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
The google hijacks have stopped and all of my programs start. It seems to be running a little slower than before but that could be any number of reasons lol.

Heres the logs:

OTL logfile created on: 9/23/2011 4:55:25 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Derek\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 71.63% Memory free
6.49 Gb Paging File | 5.15 Gb Available in Paging File | 79.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.41 Gb Total Space | 744.73 Gb Free Space | 79.96% Space Free | Partition Type: NTFS
Drive D: | 4.24 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 5.47 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DEREK-PC | User Name: Derek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/23 16:51:42 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Derek\Downloads\OTL.exe
PRC - [2011/09/22 08:10:09 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2011/09/21 12:29:50 | 000,405,504 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe
PRC - [2011/08/03 09:01:17 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/03/29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/26 22:55:56 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/01/26 22:55:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/08/19 10:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/06/17 10:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2009/02/23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files\MagicDisc\MagicDisc.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/22 08:10:07 | 014,410,024 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2011/09/22 08:10:04 | 000,914,216 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-52.dll
MOD - [2011/09/22 08:10:04 | 000,190,248 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2011/09/22 08:10:04 | 000,155,432 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-52.dll
MOD - [2011/09/22 08:10:04 | 000,091,432 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-50.dll
MOD - [2011/09/21 18:45:56 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll
MOD - [2011/09/21 18:44:29 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011/09/21 18:44:14 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\b7d1c271ec6b4df64c95563fc81ffc2f\System.Data.ni.dll
MOD - [2011/09/21 18:44:10 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011/09/21 18:43:45 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011/09/21 18:43:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011/09/21 18:43:39 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011/09/21 18:43:31 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011/09/21 12:29:50 | 000,405,504 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe
MOD - [2011/08/30 22:18:24 | 000,369,152 | ---- | M] () -- C:\Program Files\LOLReplay\lrf.dll
MOD - [2010/11/17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/11/04 18:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/08/19 10:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
MOD - [2007/04/16 15:47:34 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/09/22 08:10:09 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/21 16:14:31 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/03/06 03:00:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/26 22:55:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/06/17 10:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Stopped] -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)


========== Driver Services (SafeList) ==========

DRV - [2011/09/23 13:08:09 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CC6F7E7B-0035-4213-B42E-33408EE45E0F}\MpKslabc765cf.sys -- (MpKslabc765cf)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011/01/26 23:36:16 | 007,566,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/01/26 23:36:16 | 007,566,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/01/26 22:13:12 | 000,238,592 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 03:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/06/29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3881011562-596480335-2157353384-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3881011562-596480335-2157353384-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 44 ED FD E1 F2 CB 01 [binary data]
IE - HKU\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57596

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.leagueoflegends.com/"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files\Common Files\doubleTwist\NPPodcast.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/29 19:03:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/07 20:21:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/12 22:29:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/29 19:03:54 | 000,000,000 | ---D | M]

[2011/03/27 18:35:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Derek\AppData\Roaming\Mozilla\Extensions
[2011/09/23 14:32:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\xkctxi5h.default\extensions
[2011/09/21 13:40:28 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\xkctxi5h.default\extensions\anttoolbar@ant.com
[2011/09/23 14:32:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\xkctxi5h.default\extensions\staged
[2011/03/21 15:12:42 | 000,000,863 | -H-- | M] () -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\xkctxi5h.default\searchplugins\conduit.xml
[2011/06/24 13:40:41 | 000,009,981 | -H-- | M] () -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\xkctxi5h.default\searchplugins\CouponAlert_2p.xml
[2011/09/21 13:38:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/21 13:40:25 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/06/16 18:02:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/09/13 02:32:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/09/13 02:36:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\DEREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XKCTXI5H.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\DEREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XKCTXI5H.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2011/09/07 20:21:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/22 17:29:29 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/03/18 11:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/07/19 05:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 11:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/04/06 21:17:23 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/08/11 20:16:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/21 18:10:10 | 000,436,898 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15053 more lines...
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKU\S-1-5-21-3881011562-596480335-2157353384-1000..\Run: [ComcastAntispyClient] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKU\S-1-5-21-3881011562-596480335-2157353384-1000..\Run: [Desktop Software] C:\Program Files\Common Files\SupportSoft\bin\bcont.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-3881011562-596480335-2157353384-1000..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-3881011562-596480335-2157353384-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Heroes of Might & Magic 5.LNK = C:\Program Files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-3881011562-596480335-2157353384-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.85.102 68.87.69.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9F0FE0F-5863-4129-8C64-B45E1ABD637E}: DhcpNameServer = 68.87.85.102 68.87.69.150
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/01/17 11:59:50 | 003,610,200 | ---- | M] () - C:\autosave.fos -- [ NTFS ]
O32 - AutoRun File - [2007/01/23 16:48:51 | 000,000,041 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011/03/17 07:20:06 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-3881011562-596480335-2157353384-1000..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/23 12:16:31 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/09/23 12:15:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/09/22 20:27:15 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011/09/22 19:54:25 | 001,403,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Derek\Desktop\tdsskiller.exe
[2011/09/22 11:55:15 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/09/21 21:35:29 | 000,000,000 | ---D | C] -- C:\Users\Derek\Desktop\LeagueOfLegends
[2011/09/21 20:04:16 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Derek\Desktop\aswMBR.exe
[2011/09/21 17:17:16 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Derek\Desktop\dds.scr
[2011/09/21 17:00:37 | 000,000,000 | ---D | C] -- C:\gmer
[2011/09/21 16:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/09/21 16:12:30 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\SUPERAntiSpyware.com
[2011/09/21 16:05:56 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Local\temp
[2011/09/21 15:07:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/09/21 15:07:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/09/21 15:07:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/09/21 14:55:58 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/21 14:47:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/21 14:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\{9937DA50-1322-492A-A1C8-1911CDD1BD57}
[2011/09/21 14:23:09 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\Malwarebytes
[2011/09/21 14:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/21 14:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/09/21 14:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/17 00:25:54 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\Ventrilo
[2011/09/15 12:27:24 | 000,000,000 | ---D | C] -- C:\Users\Derek\Desktop\Skins
[2011/09/15 12:23:50 | 000,000,000 | ---D | C] -- C:\Users\Derek\Desktop\League of Legends Backups
[2011/09/15 12:19:15 | 000,000,000 | ---D | C] -- C:\Users\Derek\Desktop\Riven Skin
[2011/09/15 12:18:00 | 000,000,000 | ---D | C] -- C:\Users\Derek\Desktop\1.4.2
[2011/09/14 18:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2011/09/13 02:34:08 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/09/13 01:59:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/09/12 21:01:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2011/09/06 18:06:41 | 000,000,000 | ---D | C] -- C:\Users\Derek\Documents\DeadIsland
[2011/08/26 15:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\scanner
[2011/08/26 15:47:17 | 000,000,000 | ---D | C] -- C:\Program Files\comcasttb
[2011/08/26 15:47:06 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2011/08/26 15:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/08/26 15:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\xfin_portal
[2011/08/26 15:42:02 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Local\SupportSoft
[2011/08/26 15:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2011/08/26 15:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\ComcastUI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/23 13:14:20 | 000,021,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/23 13:14:20 | 000,021,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/23 13:07:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/23 13:07:00 | 2616,647,680 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/22 22:51:03 | 000,000,512 | ---- | M] () -- C:\Users\Derek\Desktop\MBR.dat
[2011/09/22 21:53:10 | 359,178,031 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/09/22 20:33:22 | 000,001,720 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/09/22 19:58:49 | 000,001,919 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2011/09/22 19:58:49 | 000,001,847 | ---- | M] () -- C:\Users\Derek\Desktop\LOL Recorder.lnk
[2011/09/22 19:54:42 | 001,403,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Derek\Desktop\tdsskiller.exe
[2011/09/21 22:22:37 | 000,139,264 | ---- | M] () -- C:\Users\Derek\Desktop\RKUnhookerLE.EXE
[2011/09/21 21:51:34 | 001,336,048 | ---- | M] () -- C:\Users\Derek\Desktop\Female EZ.jpg
[2011/09/21 21:18:17 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Derek\Desktop\aswMBR.exe
[2011/09/21 18:20:31 | 000,626,040 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/21 18:20:31 | 000,107,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/21 18:10:10 | 000,436,898 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/09/21 17:17:18 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Derek\Desktop\dds.scr
[2011/09/21 16:34:20 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/09/21 15:48:39 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110921-181010.backup
[2011/09/21 14:25:47 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/09/21 14:25:47 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/09/21 14:22:58 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/21 13:49:58 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/09/20 22:51:59 | 000,004,585 | ---- | M] () -- C:\Users\Derek\Desktop\Untitled.png
[2011/09/13 01:59:07 | 000,002,503 | ---- | M] () -- C:\Users\Derek\Desktop\Skype.lnk
[2011/09/12 22:12:20 | 000,490,683 | ---- | M] () -- C:\Users\Derek\Desktop\lee sin.jpg
[2011/09/12 20:36:47 | 000,000,440 | ---- | M] () -- C:\ProgramData\P1kAlMiG2Kb7Fz
[2011/09/12 20:33:42 | 000,000,232 | ---- | M] () -- C:\ProgramData\~P1kAlMiG2Kb7Fz
[2011/09/12 20:33:42 | 000,000,168 | ---- | M] () -- C:\ProgramData\~P1kAlMiG2Kb7Fzr
[2011/09/06 18:06:27 | 000,000,215 | -H-- | M] () -- C:\Users\Derek\Desktop\Dead Island.url
[2011/09/01 20:02:02 | 001,100,131 | -H-- | M] () -- C:\Users\Derek\Documents\BrilliantCoupon_V16_20100419.pdf
[2011/08/26 15:42:03 | 000,000,197 | -H-- | M] () -- C:\Users\Derek\Desktop\Comcast Email.url
[2011/08/26 15:42:03 | 000,000,191 | -H-- | M] () -- C:\Users\Derek\Desktop\Comcast Security.url
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/22 21:51:01 | 000,000,512 | ---- | C] () -- C:\Users\Derek\Desktop\MBR.dat
[2011/09/22 20:33:22 | 000,001,720 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/09/22 11:55:11 | 359,178,031 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/09/21 22:22:32 | 000,139,264 | ---- | C] () -- C:\Users\Derek\Desktop\RKUnhookerLE.EXE
[2011/09/21 21:51:30 | 001,336,048 | ---- | C] () -- C:\Users\Derek\Desktop\Female EZ.jpg
[2011/09/21 16:33:40 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/09/21 15:07:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/09/21 15:07:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/09/21 15:07:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/09/21 15:07:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/09/21 15:07:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/09/21 14:22:58 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/21 13:57:15 | 000,002,503 | ---- | C] () -- C:\Users\Derek\Desktop\Skype.lnk
[2011/09/21 13:49:58 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/09/20 22:51:59 | 000,004,585 | ---- | C] () -- C:\Users\Derek\Desktop\Untitled.png
[2011/09/12 22:12:10 | 000,490,683 | ---- | C] () -- C:\Users\Derek\Desktop\lee sin.jpg
[2011/09/12 20:33:42 | 000,000,232 | ---- | C] () -- C:\ProgramData\~P1kAlMiG2Kb7Fz
[2011/09/12 20:33:42 | 000,000,168 | ---- | C] () -- C:\ProgramData\~P1kAlMiG2Kb7Fzr
[2011/09/12 20:33:39 | 000,000,440 | ---- | C] () -- C:\ProgramData\P1kAlMiG2Kb7Fz
[2011/09/06 18:05:06 | 000,000,215 | -H-- | C] () -- C:\Users\Derek\Desktop\Dead Island.url
[2011/09/01 20:02:02 | 001,100,131 | -H-- | C] () -- C:\Users\Derek\Documents\BrilliantCoupon_V16_20100419.pdf
[2011/08/26 15:42:03 | 000,000,197 | -H-- | C] () -- C:\Users\Derek\Desktop\Comcast Email.url
[2011/08/26 15:42:03 | 000,000,191 | -H-- | C] () -- C:\Users\Derek\Desktop\Comcast Security.url
[2011/08/13 14:25:16 | 000,012,596 | -HS- | C] () -- C:\Users\Derek\AppData\Local\0048k445d7v5ikh72424tvc3b4
[2011/08/13 14:25:16 | 000,002,220 | -HS- | C] () -- C:\ProgramData\0048k445d7v5ikh72424tvc3b4
[2011/06/29 16:19:18 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll
[2011/04/25 21:07:45 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/04/20 20:55:46 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/04/20 20:55:46 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/04/09 02:37:36 | 000,000,292 | ---- | C] () -- C:\Windows\vtmb.ini
[2011/04/01 18:35:05 | 000,867,610 | ---- | C] () -- C:\Users\Derek\AppData\Roaming\unins000.exe
[2011/04/01 18:35:05 | 000,000,000 | -H-- | C] () -- C:\Users\Derek\AppData\Roaming\unins000.dat
[2011/03/30 22:45:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/30 21:25:17 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2011/03/29 18:57:11 | 000,165,725 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011/03/06 15:11:17 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/03/06 15:09:57 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/03/05 19:35:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/01/26 22:12:00 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010/12/21 02:27:22 | 000,003,113 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/12/17 16:00:46 | 000,227,587 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/12/03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/07/13 21:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:33:53 | 000,409,472 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 19:05:48 | 000,626,040 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 19:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 19:05:48 | 000,107,316 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 19:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 19:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 19:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 16:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 02:30:02 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011/04/12 21:11:01 | 000,000,000 | -H-D | M] -- C:\Users\Derek\AppData\Roaming\AnvSoft
[2011/09/12 22:29:28 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Catalina Marketing Corp
[2011/04/12 21:02:11 | 000,000,000 | -H-D | M] -- C:\Users\Derek\AppData\Roaming\Clone2Go Video Converter Free Version
[2011/09/12 22:29:28 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\GetRightToGo
[2011/09/12 21:00:49 | 000,000,000 | -H-D | M] -- C:\Users\Derek\AppData\Roaming\go
[2011/05/08 14:51:23 | 000,000,000 | -H-D | M] -- C:\Users\Derek\AppData\Roaming\LolClient
[2011/04/12 21:17:15 | 000,000,000 | -H-D | M] -- C:\Users\Derek\AppData\Roaming\Sony
[2011/09/12 22:23:36 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\thriXXX
[2011/07/05 07:09:24 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2011/09/21 13:41:53 | 000,058,608 | ---- | M] () -- C:\aaw7boot.log
[2009/06/10 14:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2011/01/17 11:59:50 | 003,610,200 | ---- | M] () -- C:\autosave.fos
[2011/09/23 12:16:30 | 000,018,101 | ---- | M] () -- C:\ComboFix.txt
[2009/06/10 14:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2011/09/23 13:07:00 | 2616,647,680 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2011/09/23 13:07:02 | 3488,866,304 | -HS- | M] () -- C:\pagefile.sys
[2011/09/22 19:55:47 | 000,067,914 | ---- | M] () -- C:\TDSSKiller.2.5.23.0_22.09.2011_19.55.01_log.txt
[2011/09/22 20:21:27 | 000,066,806 | ---- | M] () -- C:\TDSSKiller.2.5.23.0_22.09.2011_20.14.57_log.txt
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\Fonts\*.com >
[2009/07/13 21:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 21:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 21:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 21:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 14:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/04/16 14:08:20 | 000,312,832 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\hpfpp70v.dll
[2009/07/13 18:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2010/11/20 05:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2011/08/13 14:26:06 | 000,000,127 | ---- | M] () -- C:\Users\Derek\AppData\Roaming\Microsoft\gb_19813686.bat
[2011/08/14 15:53:52 | 000,000,137 | ---- | M] () -- C:\Users\Derek\AppData\Roaming\Microsoft\gb_29735662.bat

< %PROGRAMFILES%\*.* >
[2009/07/13 21:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/03/05 19:51:29 | 000,000,221 | -HS- | M] () -- C:\Users\Derek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/09/21 21:18:17 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Derek\Desktop\aswMBR.exe
[2011/09/21 22:22:37 | 000,139,264 | ---- | M] () -- C:\Users\Derek\Desktop\RKUnhookerLE.EXE
[2011/09/22 19:54:42 | 001,403,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Derek\Desktop\tdsskiller.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 14:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2005/09/11 16:55:14 | 000,000,043 | ---- | M] () -- C:\Users\Derek\Favorites\autorun.inf
[2005/09/11 16:55:14 | 000,001,042 | ---- | M] () -- C:\Users\Derek\Favorites\autorun.ini
[2005/09/11 16:55:14 | 000,022,246 | ---- | M] () -- C:\Users\Derek\Favorites\css.ico
[2005/09/11 23:43:32 | 481,285,404 | -H-- | M] () -- C:\Users\Derek\Favorites\css4.cab
[2011/03/06 20:21:28 | 000,000,402 | -HS- | M] () -- C:\Users\Derek\Favorites\desktop.ini
[2005/09/11 16:55:21 | 000,010,929 | -H-- | M] () -- C:\Users\Derek\Favorites\game_install_agreement.rtf
[2005/09/11 16:55:21 | 000,010,824 | -H-- | M] () -- C:\Users\Derek\Favorites\steam_install_agreement.rtf
[2005/09/11 16:55:21 | 000,000,101 | ---- | M] () -- C:\Users\Derek\Favorites\valve.inf

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/08/13 14:30:32 | 000,002,220 | -HS- | M] () -- C:\ProgramData\0048k445d7v5ikh72424tvc3b4
[2011/09/12 21:00:17 | 000,002,274 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2011/09/12 20:36:47 | 000,000,440 | ---- | M] () -- C:\ProgramData\P1kAlMiG2Kb7Fz
[2011/09/12 20:33:42 | 000,000,232 | ---- | M] () -- C:\ProgramData\~P1kAlMiG2Kb7Fz
[2011/09/12 20:33:42 | 000,000,168 | ---- | M] () -- C:\ProgramData\~P1kAlMiG2Kb7Fzr

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >


OTL Extras logfile created on: 9/23/2011 4:55:25 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Derek\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 71.63% Memory free
6.49 Gb Paging File | 5.15 Gb Available in Paging File | 79.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.41 Gb Total Space | 744.73 Gb Free Space | 79.96% Space Free | Partition Type: NTFS
Drive D: | 4.24 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 5.47 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DEREK-PC | User Name: Derek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3881011562-596480335-2157353384-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 27
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28101984-0BA6-40FD-9ABE-72F62F80C06C}" = Heroes of Might and Magic V
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D565319-8B91-41CB-961C-0DDC86101AC5}" = Dragon Age II
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C90C4C4-559D-4FE8-A4BF-37550E74D1FC}" = Bloodline Champions
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4E70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7D62ABA3-35EC-623E-2C5F-1B3332CB705B}" = Media Go Video Playback Engine 1.64.105.02280
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD232781-26CA-4E18-BC70-4343A2F0D583}" = Microsoft IntelliPoint 8.0
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CEF7211D-CE3A-44C4-B321-D84A2099AE94}" = Comcast Desktop Software (v1.2.0.9)
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F05A5232-CE5E-4274-AB27-44EB8105898D}" = CA Pest Patrol Realtime Protection
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Any Video Converter_is1" = Any Video Converter 3.2.1
"Clone2Go Video Converter Free Version_is1" = Clone2Go Video Converter Free Version 1.3.8
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"EA Installer.1522122559" = EA Installer
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"LandOfTheDead" = Groove Games\Land Of The Dead
"LOLReplay" = LOLReplay
"LOTD Update Pack #2 (3/6/06)" = LOTD Update Pack #2 (3/6/06)
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 6.0.2 (x86 en-US)" = Mozilla Firefox 6.0.2 (x86 en-US)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"Shop for HP Supplies" = Shop for HP Supplies
"StarCraft II" = StarCraft II
"Steam App 1250" = Killing Floor
"Steam App 22350" = Brink
"Steam App 22380" = Fallout: New Vegas
"Steam App 500" = Left 4 Dead
"Steam App 91310" = Dead Island
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3881011562-596480335-2157353384-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/22/2011 11:13:17 AM | Computer Name = Derek-PC | Source = BackItUp5 | ID = 5225
Description =

Error - 9/22/2011 12:12:47 PM | Computer Name = Derek-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.

Error - 9/22/2011 5:29:35 PM | Computer Name = Derek-PC | Source = BackItUp5 | ID = 5225
Description =

Error - 9/22/2011 10:58:00 PM | Computer Name = Derek-PC | Source = BackItUp5 | ID = 5225
Description =

Error - 9/22/2011 11:13:21 PM | Computer Name = Derek-PC | Source = BackItUp5 | ID = 5225
Description =

Error - 9/23/2011 12:54:01 AM | Computer Name = Derek-PC | Source = BackItUp5 | ID = 5225
Description =

Error - 9/23/2011 10:16:31 AM | Computer Name = Derek-PC | Source = BackItUp5 | ID = 5225
Description =

Error - 9/23/2011 12:34:28 PM | Computer Name = Derek-PC | Source = BackItUp5 | ID = 5225
Description =

Error - 9/23/2011 2:05:18 PM | Computer Name = Derek-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.

Error - 9/23/2011 4:07:36 PM | Computer Name = Derek-PC | Source = BackItUp5 | ID = 5225
Description =

[ System Events ]
Error - 9/22/2011 11:11:06 AM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053

Error - 9/22/2011 11:11:47 AM | Computer Name = Derek-PC | Source = DCOM | ID = 10010
Description =

Error - 9/22/2011 2:55:16 PM | Computer Name = Derek-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:54:01 AM on ?9/?22/?2011 was unexpected.

Error - 9/22/2011 2:55:21 PM | Computer Name = Derek-PC | Source = BugCheck | ID = 1001
Description =

Error - 9/23/2011 12:53:15 AM | Computer Name = Derek-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:52:22 PM on ?9/?22/?2011 was unexpected.

Error - 9/23/2011 12:53:18 AM | Computer Name = DEREK-PC | Source = BugCheck | ID = 1001
Description =

Error - 9/23/2011 12:53:45 AM | Computer Name = Derek-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 9/23/2011 3:07:48 PM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 9/23/2011 3:11:27 PM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 9/23/2011 3:14:28 PM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.


< End of report >
 
Good news :)

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
IE - HKU\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57596
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll File not found
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll File not found
O4 - Startup: C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Heroes of Might & Magic 5.LNK = C:\Program Files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe ()
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2011/08/13 14:25:16 | 000,012,596 | -HS- | C] () -- C:\Users\Derek\AppData\Local\0048k445d7v5ikh72424tvc3b4
[2011/08/13 14:25:16 | 000,002,220 | -HS- | C] () -- C:\ProgramData\0048k445d7v5ikh72424tvc3b4

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

====================================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
All processes killed
========== OTL ==========
HKU\S-1-5-21-3881011562-596480335-2157353384-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4b9bcce8-a70b-402a-a7e1-db96831ee26f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b9bcce8-a70b-402a-a7e1-db96831ee26f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4b9bcce8-a70b-402a-a7e1-db96831ee26f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b9bcce8-a70b-402a-a7e1-db96831ee26f}\ not found.
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Heroes of Might & Magic 5.LNK moved successfully.
C:\Program Files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe moved successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder deleted successfully.
C:\Users\Derek\AppData\Local\0048k445d7v5ikh72424tvc3b4 moved successfully.
C:\ProgramData\0048k445d7v5ikh72424tvc3b4 moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Derek
->Temp folder emptied: 103228 bytes
->Temporary Internet Files folder emptied: 171071841 bytes
->Java cache emptied: 3710545 bytes
->FireFox cache emptied: 158519154 bytes
->Flash cache emptied: 59780 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5789 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 318.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Derek
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.29.1 log created on 09232011_235911

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Results of screen317's Security Check version 0.99.7
Windows 7 Service Pack 1 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Microsoft Security Essentials
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
MVPS Hosts File
Malwarebytes' Anti-Malware
Java(TM) 6 Update 27
Out of date Java installed!
Adobe Flash Player 10.3.183.5
Adobe Reader 9.4.6
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
``````````End of Log````````````

As for the ESET:
C:\ProgramData\Spybot - Search & Destroy\Recovery\WinPalevo1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
 
Update Adobe Reader

You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

====================================================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
782
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back