pcodyk

Just got a block for firefox

Been using Firefox for the past week going to the same sites where I see the blocked ip. I have not seen any ips being blocked.

so far I have only seen this message with IE. I don't use fire fox that much. I started using it this week and so far have not seen any blocked connections

I just got another block and the only pages I accessed were my credit card servicing site. The same ip that was blocked when I was on Yahoo was blocked on this site as well. I don't us the internet much. but it seems like these blocks are more related with using IE and less about what site I am on. It just happens I use Yahoo more than any other site because the first thing I do it check my fantasy baseball.

Blocked IP: 178.255.83.1 July 1st was the last occurance was on yahoo when this occurred.

The last couple of times I get the message I have been on Yahoo Fantasy Baseball. It seems to happen ever couple of days. I would think that Yahoo would be pretty secure.

Thanks for your reply. McAfee has not been much help so far they think its ok for Net Guard to start blocking connections. If I get anything meanful from them I will let you know. My concerns is it started of all of the sudden. This happend after I got the fake virus scan malware. I restored back to a restore point 3 weeks earlier to get rid of that. My fear is that maybe there was something left. I unistalled java and Adobe and Adobe reader and installed the latest. Now I have: java 7 update 5 Adobe Flash player 11 Active X Adobe Reader X (10.1.3) On thing that I had trouble with is the unistall ComboFix. says it cannot find it. McAffee thought it was a virus and removed it before I ran the install. Not sure if there is anything else I need to do to get ComboFix removed. These Blocked connections don't happen everyday and I am not sure what triggers them. So far I have not had any pop up, however need to give it more time to make sure. Usually I think its gone and then another on pops up.

After running all three still get Blocked connections.

. + 2012-06-19 01:54 . 2012-05-17 22:25 73216 c:\windows\SysWOW64\mshtmled.dll - 2012-04-13 00:26 . 2012-02-28 01:08 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll + 2012-06-19 01:54 . 2012-05-17 22:31 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll - 2012-04-13 00:26 . 2012-02-28 01:08 65024 c:\windows\SysWOW64\jsproxy.dll + 2012-06-19 01:54 . 2012-05-17 22:31 65024 c:\windows\SysWOW64\jsproxy.dll + 2008-01-21 03:20 . 2012-06-11 01:15 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-01-21 03:20 . 2012-05-07 01:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-01-21 03:20 . 2012-06-11 01:15 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-01-21 03:20 . 2012-05-07 01:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-01-21 03:20 . 2012-05-07 01:52 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-21 03:20 . 2012-06-11 01:15 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-21 02:23 . 2012-06-24 16:01 67442 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-02-28 16:55 . 2012-06-24 16:01 17102 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-839219865-2642079739-2401695854-1000_UserData.bin + 2012-06-19 01:54 . 2012-05-18 01:51 96768 c:\windows\system32\mshtmled.dll + 2012-06-19 01:54 . 2012-05-18 01:56 86528 c:\windows\system32\migration\WininetPlugin.dll - 2012-04-13 00:26 . 2012-02-28 06:47 86528 c:\windows\system32\migration\WininetPlugin.dll + 2012-06-19 01:54 . 2012-05-18 01:56 85504 c:\windows\system32\jsproxy.dll - 2012-04-13 00:26 . 2012-02-28 06:47 85504 c:\windows\system32\jsproxy.dll + 2009-02-28 16:55 . 2012-06-24 22:27 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-02-28 16:55 . 2012-05-31 01:31 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-02-28 16:55 . 2012-05-31 01:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-02-28 16:55 . 2012-06-24 22:27 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-02-28 16:55 . 2012-06-24 22:27 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-02-28 16:55 . 2012-05-31 01:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2012-05-11 01:14 . 2012-05-11 01:14 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll + 2012-06-19 01:53 . 2012-06-19 01:53 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll + 2012-06-19 01:53 . 2012-06-19 01:53 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll - 2012-05-11 01:14 . 2012-05-11 01:14 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll - 2012-05-11 01:14 . 2012-05-11 01:14 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2012-06-19 01:53 . 2012-06-19 01:53 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2012-06-19 01:53 . 2012-06-19 01:53 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll - 2012-05-11 01:14 . 2012-05-11 01:14 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll + 2012-06-19 01:53 . 2012-06-19 01:53 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll - 2012-05-11 01:14 . 2012-05-11 01:14 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll - 2012-05-11 01:14 . 2012-05-11 01:14 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll + 2012-06-19 01:53 . 2012-06-19 01:53 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll - 2012-05-11 01:14 . 2012-05-11 01:14 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll + 2012-06-19 01:53 . 2012-06-19 01:53 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll + 2012-06-19 01:53 . 2012-06-19 01:53 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll - 2012-05-11 01:14 . 2012-05-11 01:14 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll + 2012-06-19 01:53 . 2012-06-19 01:53 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll - 2012-05-11 01:14 . 2012-05-11 01:14 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll - 2012-05-11 01:14 . 2012-05-11 01:14 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll + 2012-06-19 01:53 . 2012-06-19 01:53 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll - 2012-05-11 01:14 . 2012-05-11 01:14 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll + 2012-06-19 01:53 . 2012-06-19 01:53 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll + 2012-06-19 01:53 . 2012-06-19 01:53 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2012-05-11 01:14 . 2012-05-11 01:14 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2012-05-11 01:14 . 2012-05-11 01:14 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll + 2012-06-19 01:53 . 2012-06-19 01:53 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll - 2012-05-11 01:14 . 2012-05-11 01:14 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2012-06-19 01:53 . 2012-06-19 01:53 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2012-06-19 01:53 . 2012-06-19 01:53 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll - 2012-05-11 01:14 . 2012-05-11 01:14 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll + 2012-06-19 01:53 . 2012-06-19 01:53 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll - 2012-05-11 01:14 . 2012-05-11 01:14 62880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll - 2012-05-11 01:14 . 2012-05-11 01:14 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-06-19 01:53 . 2012-06-19 01:53 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-06-19 01:53 . 2012-06-19 01:53 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2012-05-11 01:14 . 2012-05-11 01:14 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2012-06-19 01:53 . 2012-06-19 01:53 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2012-05-11 01:14 . 2012-05-11 01:14 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2012-06-19 01:53 . 2012-06-19 01:53 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-05-11 01:14 . 2012-05-11 01:14 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-06-19 01:53 . 2012-06-19 01:53 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2012-05-11 01:14 . 2012-05-11 01:14 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-06-19 01:52 . 2012-06-19 01:52 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-05-11 01:13 . 2012-05-11 01:13 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2012-05-11 01:13 . 2012-05-11 01:13 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-06-19 01:52 . 2012-06-19 01:52 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-06-19 01:51 . 2012-06-19 01:51 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\51b404ef8e47dfb0f4b2511f95c0a00b\System.Web.DynamicData.Design.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\45cea41d795fbfd7e085a8ad6671b7c8\System.Web.DynamicData.Design.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\d09941112a210f778ac1a6a05d1d2273\WindowsLiveWriter.ni.exe + 2012-06-19 01:57 . 2012-06-19 01:57 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\38351aea59964260d8925718bc726bd3\WindowsLiveWriter.ni.exe + 2012-06-19 01:59 . 2012-06-19 01:59 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d3f6ff3e9626fdcccb4b7e9f681ebf2f\System.Web.DynamicData.Design.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3e2877309499e4ab661dc95252da9e39\System.Web.DynamicData.Design.ni.dll + 2012-06-24 22:50 . 2012-06-24 22:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-05-31 01:48 . 2012-05-31 01:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-05-31 01:48 . 2012-05-31 01:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-06-24 22:50 . 2012-06-24 22:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-06-19 01:54 . 2012-05-17 22:33 231936 c:\windows\SysWOW64\url.dll - 2012-04-13 00:26 . 2012-02-28 01:09 231936 c:\windows\SysWOW64\url.dll + 2012-06-19 01:54 . 2012-05-17 22:29 716800 c:\windows\SysWOW64\jscript.dll - 2012-04-13 00:26 . 2012-02-28 01:06 716800 c:\windows\SysWOW64\jscript.dll + 2012-06-19 01:54 . 2012-05-17 22:29 142848 c:\windows\SysWOW64\ieUnatt.exe - 2011-07-23 18:17 . 2011-07-23 18:17 142848 c:\windows\SysWOW64\ieUnatt.exe - 2012-04-13 00:26 . 2012-02-28 00:59 176640 c:\windows\SysWOW64\ieui.dll + 2012-06-19 01:54 . 2012-05-17 22:20 176640 c:\windows\SysWOW64\ieui.dll + 2009-02-28 17:16 . 2012-06-24 22:05 496004 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2006-11-02 15:45 . 2012-06-24 16:01 116234 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2012-04-13 00:26 . 2012-02-28 06:48 237056 c:\windows\system32\url.dll + 2012-06-19 01:54 . 2012-05-18 01:58 237056 c:\windows\system32\url.dll + 2006-11-02 12:46 . 2012-06-24 16:04 604502 c:\windows\system32\perfh009.dat - 2006-11-02 12:46 . 2012-05-31 00:46 604502 c:\windows\system32\perfh009.dat - 2006-11-02 12:46 . 2012-05-31 00:46 104202 c:\windows\system32\perfc009.dat + 2006-11-02 12:46 . 2012-06-24 16:04 104202 c:\windows\system32\perfc009.dat - 2012-04-13 00:26 . 2012-02-28 06:45 818688 c:\windows\system32\jscript.dll + 2012-06-19 01:54 . 2012-05-18 01:55 818688 c:\windows\system32\jscript.dll - 2011-07-23 18:16 . 2011-07-23 18:16 173056 c:\windows\system32\ieUnatt.exe + 2012-06-19 01:54 . 2012-05-18 01:55 173056 c:\windows\system32\ieUnatt.exe + 2012-06-19 01:54 . 2012-05-18 01:47 248320 c:\windows\system32\ieui.dll - 2012-04-13 00:26 . 2012-02-28 06:39 248320 c:\windows\system32\ieui.dll + 2006-11-02 15:21 . 2012-06-19 23:05 335824 c:\windows\system32\FNTCACHE.DAT - 2006-11-02 15:21 . 2012-05-11 01:37 335824 c:\windows\system32\FNTCACHE.DAT - 2011-06-26 14:49 . 2012-05-31 01:47 312044 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-06-26 14:49 . 2012-06-24 22:49 312044 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-04-21 16:03 . 2012-04-21 16:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll + 2012-06-17 23:55 . 2012-04-23 11:01 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll - 2012-04-12 01:08 . 2012-01-26 11:00 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll + 2012-04-21 16:03 . 2012-04-21 16:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll - 2012-04-12 01:08 . 2012-01-26 11:00 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2012-06-17 23:55 . 2012-04-23 11:01 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll - 2012-05-11 01:14 . 2012-05-11 01:14 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2012-06-19 01:53 . 2012-06-19 01:53 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2012-06-19 01:53 . 2012-06-19 01:53 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll - 2012-05-11 01:14 . 2012-05-11 01:14 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll + 2012-06-19 01:53 . 2012-06-19 01:53 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll - 2012-05-11 01:14 . 2012-05-11 01:14 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll - 2012-05-11 01:14 . 2012-05-11 01:14 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll + 2012-06-19 01:53 . 2012-06-19 01:53 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll - 2012-05-11 01:14 . 2012-05-11 01:14 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-06-19 01:53 . 2012-06-19 01:53 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2012-06-19 01:53 . 2012-06-19 01:53 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll - 2012-05-11 01:14 . 2012-05-11 01:14 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll + 2012-06-19 01:53 . 2012-06-19 01:53 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2012-05-11 01:14 . 2012-05-11 01:14 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2012-05-11 01:14 . 2012-05-11 01:14 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll + 2012-06-19 01:53 . 2012-06-19 01:53 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll + 2012-06-19 01:53 . 2012-06-19 01:53 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll - 2012-05-11 01:14 . 2012-05-11 01:14 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll - 2012-05-11 01:14 . 2012-05-11 01:14 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll + 2012-06-19 01:53 . 2012-06-19 01:53 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll - 2012-05-11 01:14 . 2012-05-11 01:14 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2012-06-19 01:53 . 2012-06-19 01:53 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2012-06-19 01:53 . 2012-06-19 01:53 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2012-05-11 01:14 . 2012-05-11 01:14 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2012-05-11 01:14 . 2012-05-11 01:14 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2012-06-19 01:53 . 2012-06-19 01:53 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2012-06-19 01:53 . 2012-06-19 01:53 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll - 2012-05-11 01:14 . 2012-05-11 01:14 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll - 2012-05-11 01:14 . 2012-05-11 01:14 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll + 2012-06-19 01:53 . 2012-06-19 01:53 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll - 2012-05-11 01:14 . 2012-05-11 01:14 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-06-19 01:53 . 2012-06-19 01:53 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-06-19 01:53 . 2012-06-19 01:53 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2012-05-11 01:14 . 2012-05-11 01:14 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-06-19 01:53 . 2012-06-19 01:53 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll - 2012-05-11 01:14 . 2012-05-11 01:14 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll - 2012-05-11 01:14 . 2012-05-11 01:14 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll + 2012-06-19 01:53 . 2012-06-19 01:53 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll - 2012-05-11 01:14 . 2012-05-11 01:14 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2012-06-19 01:53 . 2012-06-19 01:53 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll - 2012-05-11 01:14 . 2012-05-11 01:14 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll + 2012-06-19 01:53 . 2012-06-19 01:53 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll - 2012-05-11 01:14 . 2012-05-11 01:14 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll + 2012-06-19 01:53 . 2012-06-19 01:53 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll + 2012-06-19 01:53 . 2012-06-19 01:53 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-06-19 01:53 . 2012-06-19 01:53 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2012-05-11 01:14 . 2012-05-11 01:14 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2012-05-11 01:14 . 2012-05-11 01:14 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2012-06-19 01:53 . 2012-06-19 01:53 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2012-06-19 01:53 . 2012-06-19 01:53 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll - 2012-05-11 01:14 . 2012-05-11 01:14 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll - 2012-05-11 01:14 . 2012-05-11 01:14 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2012-06-19 01:53 . 2012-06-19 01:53 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2012-05-11 01:14 . 2012-05-11 01:14 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-06-19 01:53 . 2012-06-19 01:53 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-06-19 01:53 . 2012-06-19 01:53 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll - 2012-05-11 01:14 . 2012-05-11 01:14 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll - 2012-05-11 01:14 . 2012-05-11 01:14 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll + 2012-06-19 01:53 . 2012-06-19 01:53 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll - 2012-05-11 01:14 . 2012-05-11 01:14 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2012-06-19 01:53 . 2012-06-19 01:53 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2012-05-11 01:14 . 2012-05-11 01:14 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll + 2012-06-19 01:53 . 2012-06-19 01:53 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll - 2012-05-11 01:14 . 2012-05-11 01:14 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll + 2012-06-19 01:53 . 2012-06-19 01:53 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll + 2012-06-19 01:53 . 2012-06-19 01:53 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll - 2012-05-11 01:14 . 2012-05-11 01:14 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll + 2012-06-19 01:53 . 2012-06-19 01:53 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll - 2012-05-11 01:14 . 2012-05-11 01:14 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll - 2012-05-11 01:14 . 2012-05-11 01:14 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2012-06-19 01:53 . 2012-06-19 01:53 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2012-05-11 01:14 . 2012-05-11 01:14 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll + 2012-06-19 01:53 . 2012-06-19 01:53 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2012-05-11 01:14 . 2012-05-11 01:14 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll + 2012-06-19 01:53 . 2012-06-19 01:53 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll - 2012-05-11 01:14 . 2012-05-11 01:14 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2012-06-19 01:53 . 2012-06-19 01:53 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll - 2012-05-11 01:14 . 2012-05-11 01:14 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll + 2012-06-19 01:53 . 2012-06-19 01:53 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll - 2012-05-11 01:14 . 2012-05-11 01:14 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2012-06-19 01:53 . 2012-06-19 01:53 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2012-06-19 01:53 . 2012-06-19 01:53 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll - 2012-05-11 01:14 . 2012-05-11 01:14 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2012-06-19 01:53 . 2012-06-19 01:53 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2012-05-11 01:14 . 2012-05-11 01:14 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2012-06-19 01:53 . 2012-06-19 01:53 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2012-05-11 01:14 . 2012-05-11 01:14 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2012-06-19 01:53 . 2012-06-19 01:53 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll - 2012-05-11 01:14 . 2012-05-11 01:14 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll + 2012-06-19 01:53 . 2012-06-19 01:53 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2012-05-11 01:14 . 2012-05-11 01:14 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2012-05-11 01:14 . 2012-05-11 01:14 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll + 2012-06-19 01:53 . 2012-06-19 01:53 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll - 2012-05-11 01:14 . 2012-05-11 01:14 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-06-19 01:53 . 2012-06-19 01:53 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - 2012-05-11 01:14 . 2012-05-11 01:14 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll + 2012-06-19 01:53 . 2012-06-19 01:53 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll - 2012-05-11 01:14 . 2012-05-11 01:14 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-19 01:53 . 2012-06-19 01:53 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-19 01:53 . 2012-06-19 01:53 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-05-11 01:14 . 2012-05-11 01:14 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-06-19 01:53 . 2012-06-19 01:53 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2012-05-11 01:14 . 2012-05-11 01:14 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2012-05-11 01:13 . 2012-05-11 01:13 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-06-19 01:52 . 2012-06-19 01:52 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll + 2012-06-19 01:52 . 2012-06-19 01:52 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll - 2012-05-11 01:13 . 2012-05-11 01:13 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll - 2012-05-11 01:13 . 2012-05-11 01:13 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-19 01:52 . 2012-06-19 01:52 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-19 01:52 . 2012-06-19 01:52 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-05-11 01:13 . 2012-05-11 01:13 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-06-19 01:52 . 2012-06-19 01:52 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2012-05-11 01:13 . 2012-05-11 01:13 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2012-06-19 01:57 . 2012-06-19 01:57 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll + 2012-06-19 01:57 . 2012-06-19 01:57 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll + 2012-06-19 01:57 . 2012-06-19 01:57 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll + 2012-06-19 01:57 . 2012-06-19 01:57 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll + 2012-06-19 01:52 . 2012-06-19 01:52 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\58441b4216f3051caa7041fa1cd9476d\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-06-19 01:55 . 2012-06-19 01:55 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\097137b03ff37196b4b8ba62db34d64a\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8cc4dd9babffe370cf375925fba15f84\Microsoft.VisualBasic.Compatibility.Data.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\80961515d3044ea901548167c32a5098\WindowsFormsIntegration.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\7abedc6a15e80e3c212baa95941bf58f\WindowsFormsIntegration.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 290304 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\d3d3488e1e7b49196219986409296048\TaskScheduler.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 290304 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\3b418c7263e7bee8431e453c3d656213\TaskScheduler.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\d317134f146313d51b3b5ee7a1695884\System.Web.Routing.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\7ed738c9e6e9fd019aefaac8f56c8369\System.Web.Routing.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 449536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\00a0903af7c1c11be3cca7a98cb6ce18\System.Web.Entity.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\d21212991ecf3309c0ca510c61a237f1\System.Web.Entity.Design.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\51ee514bc742cadcb78b85f0380db9df\System.Web.Entity.Design.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 754176 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\c2380ec5280efd702bfe2e25715d3c11\System.Web.DynamicData.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 754176 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\765b0ef0320723cd625712734e362ade\System.Web.DynamicData.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\2ed431cbe077cfcd288ecda76d4b96a0\System.Web.Abstractions.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\07eaba9f6f7f91bf97c28254b591d8b7\System.Web.Abstractions.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8363064608e30064d2740d8d84c0117a\System.ServiceProcess.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\3684a5e85850ee745803ade3c6280f2d\System.ServiceProcess.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 782848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\f16066c5217b2bae461d1c3a36b6675a\System.Messaging.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 782848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\4432d66cfd92f7294b99e7c0b8d5d4e2\System.Messaging.ni.dll + 2012-06-19 23:06 . 2012-06-19 23:06 289280 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\bf139e01549b7cab9fab5bf9da914194\System.Drawing.Design.ni.dll + 2012-06-19 01:43 . 2012-06-19 01:43 289280 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\4fe5c7e6ca867dc10be89bb2057d13a7\System.Drawing.Design.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 191488 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\576f9dcaf73e3e48cb4bd57f88e44c33\System.Configuration.Install.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 852992 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\e9bd06b6e8d13de7688a7b8d9caae4be\napsnap.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 852992 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\3c2d0e2498e965850c59c3fa49d805db\napsnap.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 154112 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\d18aaabc1ed8e516fd6e15673ced499f\napinit.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 154112 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\ae67752c0a44317b61c0070bf9469be5\napinit.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 414720 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\d5f4f13114a618bff85ea70be9060c28\MMCFxCommon.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 414720 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\a89f24a37e86820513a964c8c35b933b\MMCFxCommon.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 933376 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\571c66f0a8ca17316e9b6e1a7f71640b\Microsoft.MediaCenter.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 794624 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\e37340446b8b435f5facfbbd67d7226c\Microsoft.ManagementConsole.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 794624 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\a4de1bbf800bcc9e700b80d51f26f91e\Microsoft.ManagementConsole.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 645120 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\cbaec0147fffacc1c80d7b03a74a7f9f\EventViewer.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 645120 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\4d0dfe6d2f6f1d7aaf9e2ed09ba62831\EventViewer.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 368640 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\b2ae3bbc46f1352799b35d8674a9f993\ehExtHost.ni.exe + 2012-06-19 01:58 . 2012-06-19 01:58 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\aa5e63f9c732b05733b2cb2aa4e83386\WindowsLiveLocal.WriterPlugin.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\3e3ab29bc0761479ef39a97af5f03561\WindowsLiveLocal.WriterPlugin.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 780288 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ffde86c0f488ef20e82b0c3db30c419e\WindowsLive.Writer.Controls.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ed3784a7ede6e168abbfc861fbf68806\WindowsLive.Writer.Mshtml.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e79d622243b83ece52d35c7aced7c7c3\WindowsLive.Writer.Api.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 871936 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cb8dcf1f13c4095b0b463b82d045c8cc\WindowsLive.Writer.BlogClient.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c3a85d4f40d79b79ed72223638ea2160\WindowsLive.Writer.FileDestinations.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 890880 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a9f9027f449f88c5f0e017767163bd4a\WindowsLive.Writer.HtmlEditor.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 871936 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a6b42ce7030de80a65e2ac91462e98b0\WindowsLive.Writer.BlogClient.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a5a7a1dd27ba5273bd44b49134b0d852\WindowsLive.Writer.BrowserControl.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a164fee0fcf9ba15cdfcdf4f21a70bdc\WindowsLive.Writer.FileDestinations.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 325632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\91c4f001398c3bd021abb103b770125f\WindowsLive.Writer.SpellChecker.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 325632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7fee5e7631cacbce71b678c4e5893d0c\WindowsLive.Writer.SpellChecker.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 780288 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\75881943e0fef5a9bedf1e06294713f9\WindowsLive.Writer.Controls.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\750c6ecda5434194a4d1b3d41a6c5e85\WindowsLive.Writer.Interop.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\71d29973fb4d81317db97f5093ef0cf1\WindowsLive.Writer.BrowserControl.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 121856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5f19f88368ab74ccdcc919464796a430\WindowsLive.Writer.Extensibility.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4686f9b2396247e982e625e588dce278\WindowsLive.Writer.Interop.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 121856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3df41e6923af5d715d121502679f97bc\WindowsLive.Writer.Extensibility.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3b710d4ca7a6d86c2b4661a2524aecf5\WindowsLive.Writer.Mshtml.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1d396bbc21d19028075f357422ac7010\WindowsLive.Writer.Api.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 890880 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\13af19741fbb213c21708c4d3742a46f\WindowsLive.Writer.HtmlEditor.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 223232 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\c8a0c5cb485d7a0bdd16b73901ab5c5d\WindowsLive.Client.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 223232 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\72623de290846c8b5ef16b0d845d2646\WindowsLive.Client.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\9104e78d8897df008eed3a2af3bda6a2\WindowsFormsIntegration.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\38785077f9a360a95eb1fa07feed55bf\WindowsFormsIntegration.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 235520 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\dff98b9115ba5b0f796550c3604f3ac2\TaskScheduler.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 235520 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\c52d4da15cc5d404f4d24e9376cc1a35\TaskScheduler.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\aa796aeab295b29e0b377e2230ac3c90\System.Web.Routing.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4d73bbe950309d7589e392c07e767981\System.Web.Routing.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c73a1e201cf0c7eb72f31ce9a65e7950\System.Web.Extensions.Design.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c1a4d33fc32145339a8d6ecce8814a82\System.Web.Extensions.Design.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\f8313d1191728d85c9a2c28995421886\System.Web.Entity.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\c332e16f64df41792d0cc94eff9a40cc\System.Web.Entity.Design.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\12516f41aa04efa76ca8462e648af096\System.Web.Entity.Design.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\62424ca77c07b7f69fca203232a95e36\System.Web.DynamicData.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3acd7d1f09834f8ad2b6f7c97f12d275\System.Web.DynamicData.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6308ea7dcc6abd9aea29b448a03f0af3\System.Web.Abstractions.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\2b7f728157a94c56aaeb7f5a5412366c\System.Web.Abstractions.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70e0ec15e6548c58e84b9a5e37988adf\System.ServiceProcess.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\8ad39a1c48ba36b5210abe02ef03bc2a\System.Messaging.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\15a9539184cc7e075473ae41871e692f\System.Messaging.ni.dll + 2012-06-19 23:08 . 2012-06-19 23:08 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\86d95330e670761c503f6f2e8cbe66b9\System.Drawing.Design.ni.dll + 2012-06-19 01:48 . 2012-06-19 01:48 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\231109965e6e50dca439e7c9199ecb66\System.Drawing.Design.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\559eb472944e19bca4d034eda4bdfcb7\System.Configuration.Install.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 724992 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\983237d573ce7f6e3cde5e787fb27d18\napsnap.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 724992 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\2840f96c0590375ed722b20354bcd554\napsnap.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 110080 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\e1de44dda528f5126f251f146f30487a\napinit.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 110080 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\8b8104fa355233a2da02d6b76eebe92e\napinit.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\abad73384220ae89181e96ac43642187\MMCFxCommon.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\9621076f8f44240e769dd03177d0c47f\MMCFxCommon.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\f22e7365e7527cd3c3f707218d8e3a10\Microsoft.MediaCenter.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 558592 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\ef6a66d52d531be206ac416483aed2b8\Microsoft.ManagementConsole.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 558592 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\6afc6c8789571a4cb0a464811f84540f\Microsoft.ManagementConsole.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 543744 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\388c7bf64c93109096741a046659c5e3\EventViewer.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 543744 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\11804905535690869865532b52f0454a\EventViewer.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 243200 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\dd7fe12b0ee02626a53b9053f8669141\ehExtHost32.ni.exe + 2012-06-17 23:55 . 2012-04-23 11:01 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2012-04-12 01:08 . 2012-01-26 11:00 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-06-19 01:54 . 2012-05-17 22:35 1129472 c:\windows\SysWOW64\wininet.dll + 2012-06-19 01:54 . 2012-05-17 22:36 1103872 c:\windows\SysWOW64\urlmon.dll + 2012-06-19 01:54 . 2012-05-17 22:45 1800192 c:\windows\SysWOW64\jscript9.dll + 2012-06-19 01:54 . 2012-05-17 22:27 1793024 c:\windows\SysWOW64\iertutil.dll + 2012-06-19 01:54 . 2012-05-17 22:48 9737728 c:\windows\SysWOW64\ieframe.dll + 2012-06-19 01:54 . 2012-05-18 01:59 1392128 c:\windows\system32\wininet.dll + 2012-06-19 01:54 . 2012-05-18 01:59 1346048 c:\windows\system32\urlmon.dll + 2012-06-19 01:54 . 2012-05-18 02:06 2311680 c:\windows\system32\jscript9.dll + 2012-06-19 01:54 . 2012-05-18 01:54 2144768 c:\windows\system32\iertutil.dll + 2010-10-28 02:26 . 2012-06-24 22:49 1869720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2010-10-28 02:26 . 2012-05-31 01:47 1869720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2011-07-16 22:41 . 2012-05-31 01:47 2091920 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-839219865-2642079739-2401695854-1000-8192.dat + 2011-07-16 22:41 . 2012-06-24 22:49 2091920 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-839219865-2642079739-2401695854-1000-8192.dat + 2011-08-20 17:53 . 2012-06-02 15:46 1025840 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-839219865-2642079739-2401695854-1000-12288.dat + 2012-03-15 18:17 . 2012-03-15 18:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll - 2012-05-10 01:29 . 2012-01-03 10:57 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll + 2012-06-17 23:55 . 2012-03-22 11:02 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll + 2012-06-17 23:55 . 2012-03-22 11:02 5062656 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll - 2009-09-18 00:54 . 2009-03-30 04:39 5062656 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll + 2012-03-15 18:17 . 2012-03-15 18:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll + 2012-06-17 23:55 . 2012-03-22 11:02 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll - 2012-05-10 01:29 . 2012-01-03 10:58 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2012-06-17 23:55 . 2012-03-22 11:02 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll - 2009-09-18 00:54 . 2009-03-30 04:42 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2012-06-19 01:53 . 2012-06-19 01:53 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll - 2012-05-11 01:14 . 2012-05-11 01:14 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2012-06-19 01:53 . 2012-06-19 01:53 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll - 2012-05-11 01:14 . 2012-05-11 01:14 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll - 2012-05-11 01:14 . 2012-05-11 01:14 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll + 2012-06-19 01:53 . 2012-06-19 01:53 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll + 2012-06-19 01:53 . 2012-06-19 01:53 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2012-05-11 01:14 . 2012-05-11 01:14 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll + 2012-06-19 01:53 . 2012-06-19 01:53 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll + 2012-06-19 01:53 . 2012-06-19 01:53 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll - 2012-05-11 01:14 . 2012-05-11 01:14 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2012-06-19 01:53 . 2012-06-19 01:53 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll - 2012-05-11 01:14 . 2012-05-11 01:14 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll + 2012-06-19 01:53 . 2012-06-19 01:53 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll - 2012-05-11 01:14 . 2012-05-11 01:14 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll + 2012-06-19 01:53 . 2012-06-19 01:53 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll - 2012-05-11 01:14 . 2012-05-11 01:14 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll + 2012-06-19 01:53 . 2012-06-19 01:53 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll - 2012-05-11 01:14 . 2012-05-11 01:14 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll - 2012-05-11 01:14 . 2012-05-11 01:14 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll + 2012-06-19 01:53 . 2012-06-19 01:53 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll - 2012-05-11 01:14 . 2012-05-11 01:14 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2012-06-19 01:53 . 2012-06-19 01:53 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2012-06-19 01:53 . 2012-06-19 01:53 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - 2012-05-11 01:14 . 2012-05-11 01:14 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - 2012-05-11 01:14 . 2012-05-11 01:14 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2012-06-19 01:53 . 2012-06-19 01:53 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2012-05-11 01:14 . 2012-05-11 01:14 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-06-19 01:53 . 2012-06-19 01:53 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-06-19 01:53 . 2012-06-19 01:53 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll - 2012-05-11 01:14 . 2012-05-11 01:14 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll + 2012-06-19 01:52 . 2012-06-19 01:52 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - 2012-05-11 01:13 . 2012-05-11 01:13 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - 2012-05-11 01:13 . 2012-05-11 01:13 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2012-06-19 01:52 . 2012-06-19 01:52 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2012-06-19 01:52 . 2012-06-19 01:52 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll - 2012-05-11 01:13 . 2012-05-11 01:13 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-06-19 01:52 . 2012-06-19 01:52 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll - 2012-05-11 01:13 . 2012-05-11 01:13 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll + 2012-04-23 03:46 . 2012-04-23 03:46 1187328 c:\windows\Installer\70d19.msp + 2012-03-15 19:26 . 2012-03-15 19:26 4212736 c:\windows\Installer\70d11.msp + 2012-06-19 01:55 . 2012-06-19 01:55 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll + 2012-06-19 01:57 . 2012-06-19 01:57 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll + 2012-06-19 01:57 . 2012-06-19 01:57 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll + 2012-06-19 01:56 . 2012-06-19 01:56 2305024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll + 2012-06-19 01:56 . 2012-06-19 01:56 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll + 2012-06-19 01:57 . 2012-06-19 01:57 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll + 2012-06-19 01:57 . 2012-06-19 01:57 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll + 2012-06-19 01:56 . 2012-06-19 01:56 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll + 2012-06-19 01:52 . 2012-06-19 01:52 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\f866554cae3c9bf97ef2fa2e90f4ebda\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-06-19 01:55 . 2012-06-19 01:55 1843712 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\e4d308f69077903e24de92fe4fc06d29\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-06-19 01:55 . 2012-06-19 01:55 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll + 2012-06-19 01:52 . 2012-06-19 01:52 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\44f8907ea08f9c7ff390b17a925a98fd\Microsoft.VisualBasic.ni.dll + 2012-06-19 01:53 . 2012-06-19 01:53 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\7f0476e4df01ca2219f7db531408e91c\System.Windows.Forms.DataVisualization.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f87f8bc0bc9563096150f23f6c220e7b\System.Printing.ni.dll + 2012-06-19 01:53 . 2012-06-19 01:53 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e899cda47704280f54949c69b78c55cc\System.Deployment.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\36299fad6b7b591cfb6bd9e50dbd33df\System.Activities.Presentation.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\442af6f7c8b447bdec3ad8d23da89c5a\ReachFramework.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\cf455da9b8fedf66767c1a7ab3eea9c9\PresentationUI.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 1139712 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2ed0173a2e75b1a3943bd2d96649a50c\Microsoft.VisualBasic.Compatibility.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 1754112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\e8d16e0da135ebf65b5be7b48556ce2e\System.WorkflowServices.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 1754112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\5ef2b0292d6ef8f7a0b885a593aca44b\System.WorkflowServices.ni.dll + 2012-06-19 23:07 . 2012-06-19 23:07 2702848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\4b016f3679666af12f1ce0179765f22e\System.Workflow.Runtime.ni.dll + 2012-06-19 23:07 . 2012-06-19 23:07 5956096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\fe1ea6e5fd659ba3677c06282b0d636d\System.Workflow.ComponentModel.ni.dll + 2012-06-19 01:44 . 2012-06-19 01:44 5956096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\5d04339e6e9c3509a43400eabac9b1ec\System.Workflow.ComponentModel.ni.dll + 2012-06-19 01:44 . 2012-06-19 01:44 3893248 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\b5b17aa58a38b7c4e8b1f6a5d585ff58\System.Workflow.Activities.ni.dll + 2012-06-19 23:07 . 2012-06-19 23:07 3893248 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\5416c21395744eef4c834dc561775b3c\System.Workflow.Activities.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 2291712 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\19c7bfd896bfd1b6e732d650da6e91b4\System.Web.Services.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 3335680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\78b713edbe4ea0d93a1894f85a716fdf\System.Web.Mobile.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 3335680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\3b1523f87594c367b5020cf5913c078d\System.Web.Mobile.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 1154560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\c175d1ec8877250db87759686218afbf\System.Web.Extensions.Design.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 1154560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\902cb1388076b343bf8c9940fbd648c7\System.Web.Extensions.Design.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 3046912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\5409d4a63b335ff02d51d50095e62288\System.Web.Extensions.ni.dll + 2012-06-19 01:51 . 2012-06-19 01:51 3046912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\360edfd02353a0df00ace5c12018b3db\System.Web.Extensions.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 1453056 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\6039d7884009694683589bc23a7ee995\System.Printing.ni.dll + 2012-06-19 01:43 . 2012-06-19 01:43 2319872 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\9efc0ccf635c1ce30d2981108e17b00f\System.Drawing.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 2433024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\f79607fce169ac91cbe1a52e03df9933\System.Deployment.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 2433024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\4a6752662cb45753081058a4e848dc4b\System.Deployment.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 3101184 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\aedc7938e0a1ef8854e378f1224dfa7d\ReachFramework.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 2109440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\f6c852c8f7fea1e8df4b33e8d0fcc1ae\PresentationUI.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 2109440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\50abd377da62b8a687f7b41499a9db75\PresentationUI.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 3482112 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\c2f138d6fe09a7a865698e2070350263\Narrator.ni.exe + 2012-06-19 01:50 . 2012-06-19 01:50 3482112 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\2717ec9a97cc1f636c01243f8cfd754c\Narrator.ni.exe + 2012-06-19 01:50 . 2012-06-19 01:50 2314240 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\8fe4ad0eb64d45b5d291adf215666e22\MMCEx.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 2314240 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\5151cc16597c8f407d97883a8cfa4a50\MMCEx.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 7836672 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\b03b526fba0766ed6ada91d393e7a6fa\MIGUIControls.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 7836672 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\503f4e11fc338b7960d67e82f5371383\MIGUIControls.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 2173952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\dce1c91304c3c14cb874dbfeb5a41abb\Microsoft.VisualBasic.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 2173952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\96b6285fda67be4d456d2f6a4d75ab52\Microsoft.VisualBasic.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 5346816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\cdc5230f1a47ff0aa945f267fb2bac71\Microsoft.PowerShell.Editor.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 2101248 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\af22d8142f2dad659d4647792f9a5197\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 5346816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\a78ef9e1338af61bd003574bc3ae575f\Microsoft.PowerShell.Editor.ni.dll + 2012-06-19 23:23 . 2012-06-19 23:23 2104832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\97cd884f6f751cdd2d9e32d5b123744a\Microsoft.PowerShell.GPowerShell.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 7721472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\20a7e859ee7ee6b6037466a0d8a8be2f\Microsoft.MediaCenter.UI.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 2357248 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\d565b0fb0bb312d5ca28046e25876645\Microsoft.Ink.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 2357248 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\9393721e8605d95f4a4483c80dfd0880\Microsoft.Ink.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 2575872 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\85a4473926ef1f94380ee9be95832772\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 2575872 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\430b0cec2b9bbd9ab4a4a97078319831\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 2217984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\1b9d195833c5a57fab2ed4060df8e82f\Microsoft.Build.Tasks.ni.dll + 2012-06-19 01:50 . 2012-06-19 01:50 2217984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\0b374589dc0cbfa9ef0f5897e1d9f513\Microsoft.Build.Tasks.ni.dll + 2012-06-19 01:57 . 2012-06-19 01:57 7025152 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\da6784d1e322609bfb0a5f0027219f62\WindowsLive.Writer.PostEditor.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 1285120 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c314240ce595e4bd823886fd8accee2e\WindowsLive.Writer.ApplicationFramework.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ae687525317e00f9b37ef706f91f1313\WindowsLive.Writer.Localization.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aaa6f0ba0bbf67d0030f487481b59116\WindowsLive.Writer.CoreServices.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1285120 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a9dc30e23be650dce3e6f5c48ffba2e8\WindowsLive.Writer.ApplicationFramework.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\647abe5987e215f789b439896c6c89dc\WindowsLive.Writer.CoreServices.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\20c2765f4575b68b053606f55714c55b\WindowsLive.Writer.Localization.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 7025152 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0d71c0ccb8879a819feae724f7ceac3b\WindowsLive.Writer.PostEditor.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 1316864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\b0c68df1300f0542e7284d2bbcd63258\System.WorkflowServices.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 1316864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\5b8cc08ae3924eafbc964490cfa0e2eb\System.WorkflowServices.ni.dll + 2012-06-19 23:08 . 2012-06-19 23:08 1911296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\e5b517ac742be27954c3093cfe6d1dd6\System.Workflow.Runtime.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9966409266de9acebb723cea218b1063\System.Workflow.ComponentModel.ni.dll + 2012-06-19 23:08 . 2012-06-19 23:08 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\865be11ce86f1882176810a3f909511b\System.Workflow.ComponentModel.ni.dll + 2012-06-19 23:08 . 2012-06-19 23:08 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\57a2f3b78edc0f5f088b210fabfe3bdc\System.Workflow.Activities.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\3fe6ba906dc53e723c69c8f956ff9216\System.Workflow.Activities.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\663112d3002034cf5126be253efff60d\System.Web.Services.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\8bc0b9783e75a1e3f2f2c20a81c29e98\System.Web.Mobile.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0b90f82645cbd8de45ef8f5e467af156\System.Web.Mobile.ni.dll + 2012-06-19 01:59 . 2012-06-19 01:59 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e835bb4759bc746c5da12d100dbd4d37\System.Web.Extensions.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\89d6ce3139daecdd517135b90e93498b\System.Web.Extensions.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\36fbb8064216ef11bd87afae6ee774dd\System.Printing.ni.dll + 2012-06-19 01:48 . 2012-06-19 01:48 1592320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll + 2012-06-19 01:57 . 2012-06-19 01:57 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\1c6c83c0a93426f9dbd51487a4e6cd34\System.Deployment.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\18050fc0ebf2c4835d05ffd337aa1616\System.Deployment.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 2146816 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3b1507e086784fb78e3d5e671aab1b0d\ReachFramework.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\f44ee699d8151d94b6f92a5ebfbb125e\PresentationUI.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\f42d14201dfb29938d5c07468ae91df6\PresentationUI.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 2538496 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\c5368a71f78970627b1d48d0df7fcc6a\Narrator.ni.exe + 2012-06-19 23:25 . 2012-06-19 23:25 2538496 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\ab99814c8ea65f32eb9be47c99323a5e\Narrator.ni.exe + 2012-06-19 23:25 . 2012-06-19 23:25 1536512 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\cb2db8c862e11358d3bb1b92f85d86bd\MMCEx.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1536512 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\28fc5d6921a1ddf58964060932110d1a\MMCEx.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 6340096 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\82a54c1a86466437495ab3dd91c58b63\MIGUIControls.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 6340096 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\4233310f8c3f74c580fa4a51d1847f7e\MIGUIControls.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1711616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\485b85f35013fa96d9ef25a5596a129c\Microsoft.VisualBasic.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 1711616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\2467a133aee73396c830b9b0a9c7ec0d\Microsoft.VisualBasic.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1609728 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\cf16c88f8fbb1020031774cf9134c045\Microsoft.PowerShell.Commands.Utility.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6cd406e769a24da8926874a594d599b2\Microsoft.PowerShell.Editor.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 1704448 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\16dc159df194ef2fbb4ae593623dea73\Microsoft.PowerShell.GPowerShell.ni.dll + 2012-06-19 23:25 . 2012-06-19 23:25 3722752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\09d3142890c6ef56f7c742be21421fc2\Microsoft.PowerShell.Editor.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 5486080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\cf100c0c1510f5c7bb1e17f2f359883c\Microsoft.MediaCenter.UI.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\c420edef488501ffe0a8bd56d9756955\Microsoft.Ink.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\502f3920c387050ef7c535280dc3c450\Microsoft.Ink.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 1873408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\db447c03dfb2f740c7eff1137b76341e\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1873408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9c9cbb25b52afc8b293fe07eb2da6b27\Microsoft.Build.Tasks.v3.5.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\765364922a0bd3d43434b22a007ecc77\Microsoft.Build.Tasks.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\304acbf276a1820a1c11f6f923d52745\Microsoft.Build.Tasks.ni.dll - 2012-05-10 01:29 . 2012-01-03 10:58 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-06-17 23:55 . 2012-03-22 11:02 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-06-17 23:55 . 2012-03-22 11:02 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2009-09-18 00:54 . 2009-03-30 04:42 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-06-19 01:54 . 2012-05-17 23:11 12314624 c:\windows\SysWOW64\mshtml.dll + 2006-11-02 12:33 . 2012-06-24 15:57 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat - 2006-11-02 12:33 . 2012-05-11 01:34 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat + 2012-06-19 01:54 . 2012-05-18 02:47 17807360 c:\windows\system32\mshtml.dll + 2006-11-02 12:35 . 2012-06-19 01:49 58957832 c:\windows\system32\mrt.exe + 2012-06-19 01:54 . 2012-05-18 02:16 10924032 c:\windows\system32\ieframe.dll + 2011-07-23 18:27 . 2012-06-24 22:49 23089366 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-839219865-2642079739-2401695854-1000-4096.dat + 2012-06-19 01:57 . 2012-06-19 01:57 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll + 2012-06-19 01:56 . 2012-06-19 01:56 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll + 2012-06-19 01:55 . 2012-06-19 01:55 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll + 2012-06-19 01:53 . 2012-06-19 01:53 13198336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll + 2012-06-19 01:54 . 2012-06-19 01:54 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll + 2012-06-19 01:53 . 2012-06-19 01:53 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll + 2012-06-19 23:07 . 2012-06-19 23:07 17380352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\9e0a0b099890de9edadbf6d021aa7576\System.Windows.Forms.ni.dll + 2012-06-19 01:43 . 2012-06-19 01:44 17377792 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\0b336aa7125c56e4cd21c716e0f9d2f3\System.Windows.Forms.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 15245824 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\e8edde233435289b5e5e6aa7c370904c\System.Web.ni.dll + 2012-06-19 23:22 . 2012-06-19 23:22 15245824 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\5ded60c9ec9be6b40e91234e7af20647\System.Web.ni.dll + 2012-06-19 23:06 . 2012-06-19 23:06 13718528 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\efa17c5d88fbdaddabd553ec285cf7d9\System.Design.ni.dll + 2012-06-19 01:43 . 2012-06-19 01:43 13718016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\54d039c0b426868dfbf516b163453fc8\System.Design.ni.dll + 2012-06-19 01:43 . 2012-06-19 01:43 19179520 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\55afb0f9be76fd75182e8db465ecfc2b\PresentationFramework.ni.dll + 2012-06-19 01:42 . 2012-06-19 01:42 16516608 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\254dd327ade27917470bcdd76d0999d5\PresentationCore.ni.dll + 2012-06-19 01:49 . 2012-06-19 01:49 15825920 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\9d036f354de56bea373e1f122ba4d389\ehshell.ni.dll + 2012-06-19 23:08 . 2012-06-19 23:08 12433920 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll + 2012-06-19 01:48 . 2012-06-19 01:48 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\641881db9b8657a9d498c1bc39143856\System.Windows.Forms.ni.dll + 2012-06-19 01:58 . 2012-06-19 01:58 11820032 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\c6f7cd5fa8b8e908410c7d3bb6967543\System.Web.ni.dll + 2012-06-19 23:24 . 2012-06-19 23:24 11820032 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll + 2012-06-19 01:48 . 2012-06-19 01:48 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\487363503cf774d6e5a82544703115a2\System.Design.ni.dll + 2012-06-19 23:08 . 2012-06-19 23:08 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\02ccd8236a942b3f89411fab5d2b594a\System.Design.ni.dll + 2012-06-19 01:48 . 2012-06-19 01:48 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll + 2012-06-19 01:48 . 2012-06-19 01:48 12219392 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968] "HPAdvisor"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-10-17 972080] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "UpdatePSTShortCut"="c:\program files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2008-09-11 210216] "UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216] "TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-10-18 1152296] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160] "KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-09 54840] "HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008] "DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-12-01 1148200] "CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-10-18 189736] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-11-13 421736] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2008-9-8 430080] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . --- Other Services/Drivers In Memory --- . *Deregistered* - mfeavfk01 . Contents of the 'Scheduled Tasks' folder . 2011-10-16 c:\windows\Tasks\PCDRScheduledMaintenance.job - c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10 16:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"="c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [bU] "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-10-06 182808] . ------- Supplementary Scan ------- . uStart Page = about:blank uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\CK\AppData\Roaming\Mozilla\Firefox\Profiles\na8w1juv.default\ FF - prefs.js: browser.search.selectedEngine - Blekko FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: network.proxy.type - 0 . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCD5SRVC{8AAF211B-043E02A9-05040000}] "ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC_x64.pkms" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe . ************************************************************************** . Completion time: 2012-06-24 17:57:20 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-24 22:57 ComboFix2.txt 2012-06-02 15:54 . Pre-Run: 783,752,605,696 bytes free Post-Run: 783,549,272,064 bytes free . - - End Of File - - 81C0E2E7C7453A8074B013303C2CFF9F

checkup.txt Results of screen317's Security Check version 0.99.41 Windows Vista Service Pack 2 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 Java 6 Update 26 Java version out of date! Adobe Flash Player 10 Flash Player out of date! Adobe Flash Player 10.3.181.34 Flash Player out of Date! Adobe Reader 9 Adobe Reader out of date! Mozilla Firefox 11.0 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` McAfee VirusScan mcods.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0 % ````````````````````End of Log`````````````````````` ComboFix 12-06-24.03 - CK 06/24/2012 17:39:26.3.4 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8190.5731 [GMT -5:00] Running from: c:\users\CK\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-05-24 to 2012-06-24 ))))))))))))))))))))))))))))))) . . 2012-06-24 22:48 . 2012-06-24 22:48 -------- d-----w- c:\users\web\AppData\Local\temp 2012-06-24 22:48 . 2012-06-24 22:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-23 19:53 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-23 19:53 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-23 19:53 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-23 19:53 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-23 19:52 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-23 19:52 . 2012-06-02 22:19 35864 ----a-w- c:\windows\SysWow64\wups.dll 2012-06-23 19:52 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-23 19:52 . 2012-06-02 22:19 577048 ----a-w- c:\windows\SysWow64\wuapi.dll 2012-06-23 19:52 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-23 19:52 . 2012-06-02 22:12 88576 ----a-w- c:\windows\SysWow64\wudriver.dll 2012-06-23 19:52 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-23 19:52 . 2012-06-02 20:19 171904 ----a-w- c:\windows\SysWow64\wuwebv.dll 2012-06-23 19:52 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-23 19:52 . 2012-06-02 20:12 33792 ----a-w- c:\windows\SysWow64\wuapp.exe 2012-06-23 00:05 . 2012-05-25 22:09 29312 ----a-w- c:\program files (x86)\Mozilla Firefox\ScriptFF.dll 2012-06-17 23:55 . 2012-05-01 14:29 209920 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-17 23:55 . 2012-05-15 20:15 2767360 ----a-w- c:\windows\system32\win32k.sys 2012-06-17 23:55 . 2012-04-23 16:25 1267200 ----a-w- c:\windows\system32\crypt32.dll 2012-06-17 23:55 . 2012-04-23 16:25 174592 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-17 23:55 . 2012-04-23 16:25 132096 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-17 23:55 . 2012-04-23 16:00 984064 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-17 23:55 . 2012-04-23 16:00 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-06-17 23:55 . 2012-04-23 16:00 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-05-31 01:26 . 2012-05-31 01:26 -------- d-----w- c:\users\CK\AppData\Local\Google 2012-05-31 01:26 . 2012-05-31 01:29 -------- d-----w- c:\program files (x86)\Free Download Manager 2012-05-31 01:26 . 2012-05-31 02:11 -------- d-----w- c:\programdata\blekko toolbars . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-25 00:51 . 2012-02-05 18:57 16200 ----a-w- c:\windows\stinger.sys 2012-04-04 20:56 . 2011-07-23 19:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-03 08:22 . 2012-05-10 01:27 4699520 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-30 12:45 . 2012-05-10 01:29 1423744 ----a-w- c:\windows\system32\drivers\tcpip.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-05-31_01.49.53 )))))))))))))))))))))))))))))))))))))))))

Still getting blocked connections: TDSSKiller.2.7.41.0_24.06.2012_17.25.24_log 17:25:24.0426 4852 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32 17:25:25.0642 4852 ============================================================ 17:25:25.0642 4852 Current date / time: 2012/06/24 17:25:25.0642 17:25:25.0642 4852 SystemInfo: 17:25:25.0642 4852 17:25:25.0642 4852 OS Version: 6.0.6002 ServicePack: 2.0 17:25:25.0642 4852 Product type: Workstation 17:25:25.0642 4852 ComputerName: CK-PC 17:25:25.0642 4852 UserName: CK 17:25:25.0642 4852 Windows directory: C:\Windows 17:25:25.0642 4852 System windows directory: C:\Windows 17:25:25.0642 4852 Running under WOW64 17:25:25.0642 4852 Processor architecture: Intel x64 17:25:25.0642 4852 Number of processors: 4 17:25:25.0642 4852 Page size: 0x1000 17:25:25.0642 4852 Boot type: Normal boot 17:25:25.0642 4852 ============================================================ 17:25:30.0086 4852 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:25:30.0105 4852 ============================================================ 17:25:30.0105 4852 \Device\Harddisk0\DR0: 17:25:30.0106 4852 MBR partitions: 17:25:30.0106 4852 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x72C35E2C 17:25:30.0106 4852 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x72C35E6B, BlocksNum 0x1ACFB56 17:25:30.0106 4852 ============================================================ 17:25:30.0187 4852 C: <-> \Device\Harddisk0\DR0\Partition0 17:25:32.0538 4852 D: <-> \Device\Harddisk0\DR0\Partition1 17:25:32.0538 4852 ============================================================ 17:25:32.0538 4852 Initialize success 17:25:32.0538 4852 ============================================================ 17:25:36.0494 6028 ============================================================ 17:25:36.0494 6028 Scan started 17:25:36.0494 6028 Mode: Manual; 17:25:36.0494 6028 ============================================================ 17:25:41.0344 6028 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 17:25:41.0418 6028 ACPI - ok 17:25:42.0082 6028 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys 17:25:42.0085 6028 adp94xx - ok 17:25:42.0432 6028 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys 17:25:42.0434 6028 adpahci - ok 17:25:42.0502 6028 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys 17:25:42.0505 6028 adpu160m - ok 17:25:42.0605 6028 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys 17:25:42.0607 6028 adpu320 - ok 17:25:42.0811 6028 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll 17:25:42.0813 6028 AeLookupSvc - ok 17:25:43.0441 6028 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys 17:25:43.0594 6028 AFD - ok 17:25:43.0627 6028 AGNFILT - ok 17:25:43.0683 6028 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys 17:25:43.0685 6028 agp440 - ok 17:25:43.0884 6028 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 17:25:43.0885 6028 aic78xx - ok 17:25:44.0003 6028 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe 17:25:44.0006 6028 ALG - ok 17:25:44.0046 6028 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys 17:25:44.0047 6028 aliide - ok 17:25:44.0367 6028 AMD External Events Utility (0de7bf2a2e64a841f9abf9558870d9c4) C:\Windows\system32\atiesrxx.exe 17:25:44.0413 6028 AMD External Events Utility - ok 17:25:44.0466 6028 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 17:25:44.0468 6028 amdide - ok 17:25:44.0641 6028 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys 17:25:44.0658 6028 AmdK8 - ok 17:25:47.0152 6028 amdkmdag (f284da3156166b45d02acc3c228ade1e) C:\Windows\system32\DRIVERS\atipmdag.sys 17:25:47.0520 6028 amdkmdag - ok 17:25:48.0282 6028 amdkmdap (91e1daf0193bd2ab90b1b35c987237fe) C:\Windows\system32\DRIVERS\atikmpag.sys 17:25:48.0283 6028 amdkmdap - ok 17:25:48.0652 6028 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll 17:25:48.0653 6028 Appinfo - ok 17:25:49.0335 6028 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:25:49.0392 6028 Apple Mobile Device - ok 17:25:50.0080 6028 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys 17:25:50.0104 6028 arc - ok 17:25:50.0196 6028 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys 17:25:50.0198 6028 arcsas - ok 17:25:50.0330 6028 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 17:25:50.0331 6028 AsyncMac - ok 17:25:50.0481 6028 atapi (1898fae8e07d97f2f6c2d5326c633fac) C:\Windows\system32\drivers\atapi.sys 17:25:50.0483 6028 atapi - ok 17:25:50.0885 6028 athr (390bc9b68e1ef2a299731bc775d43004) C:\Windows\system32\DRIVERS\athrx.sys 17:25:50.0892 6028 athr - ok 17:25:54.0499 6028 atikmdag (f284da3156166b45d02acc3c228ade1e) C:\Windows\system32\DRIVERS\atikmdag.sys 17:25:55.0264 6028 atikmdag - ok 17:25:56.0053 6028 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 17:25:56.0177 6028 AudioEndpointBuilder - ok 17:25:56.0182 6028 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 17:25:56.0184 6028 AudioSrv - ok 17:25:56.0321 6028 avpnnic (9ac8e84eb4b3b56ea705968a9c2b4c3f) C:\Windows\system32\DRIVERS\avpnnic.sys 17:25:56.0322 6028 avpnnic - ok 17:25:56.0443 6028 Beep - ok 17:25:56.0803 6028 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll 17:25:57.0006 6028 BFE - ok 17:25:57.0608 6028 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\system32\qmgr.dll 17:25:57.0762 6028 BITS - ok 17:25:57.0991 6028 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys 17:25:57.0993 6028 blbdrive - ok 17:25:58.0471 6028 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 17:25:58.0474 6028 Bonjour Service - ok 17:25:58.0540 6028 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys 17:25:58.0541 6028 bowser - ok 17:25:58.0630 6028 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 17:25:58.0631 6028 BrFiltLo - ok 17:25:58.0643 6028 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 17:25:58.0645 6028 BrFiltUp - ok 17:25:58.0739 6028 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll 17:25:58.0744 6028 Browser - ok 17:25:58.0789 6028 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 17:25:58.0790 6028 Brserid - ok 17:25:58.0836 6028 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 17:25:58.0838 6028 BrSerWdm - ok 17:25:58.0897 6028 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 17:25:58.0898 6028 BrUsbMdm - ok 17:25:59.0129 6028 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 17:25:59.0131 6028 BrUsbSer - ok 17:25:59.0224 6028 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 17:25:59.0241 6028 BTHMODEM - ok 17:25:59.0260 6028 catchme - ok 17:25:59.0306 6028 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 17:25:59.0307 6028 cdfs - ok 17:25:59.0512 6028 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 17:25:59.0514 6028 cdrom - ok 17:25:59.0619 6028 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 17:25:59.0621 6028 CertPropSvc - ok 17:25:59.0734 6028 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys 17:25:59.0736 6028 cfwids - ok 17:25:59.0768 6028 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys 17:25:59.0770 6028 circlass - ok 17:26:00.0000 6028 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 17:26:00.0270 6028 CLFS - ok 17:26:00.0539 6028 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:26:00.0543 6028 clr_optimization_v2.0.50727_32 - ok 17:26:00.0714 6028 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 17:26:00.0715 6028 clr_optimization_v2.0.50727_64 - ok 17:26:00.0906 6028 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:26:00.0907 6028 clr_optimization_v4.0.30319_32 - ok 17:26:01.0039 6028 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 17:26:01.0041 6028 clr_optimization_v4.0.30319_64 - ok 17:26:01.0079 6028 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 17:26:01.0081 6028 cmdide - ok 17:26:01.0097 6028 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys 17:26:01.0099 6028 Compbatt - ok 17:26:01.0102 6028 COMSysApp - ok 17:26:01.0156 6028 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys 17:26:01.0157 6028 crcdisk - ok 17:26:01.0262 6028 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll 17:26:01.0269 6028 CryptSvc - ok 17:26:01.0636 6028 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 17:26:02.0049 6028 DcomLaunch - ok 17:26:02.0241 6028 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys 17:26:02.0243 6028 DfsC - ok 17:26:04.0070 6028 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe 17:26:04.0090 6028 DFSR - ok 17:26:04.0882 6028 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll 17:26:05.0019 6028 Dhcp - ok 17:26:05.0398 6028 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 17:26:05.0449 6028 disk - ok 17:26:05.0715 6028 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll 17:26:05.0825 6028 Dnscache - ok 17:26:06.0077 6028 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll 17:26:06.0135 6028 dot3svc - ok 17:26:06.0619 6028 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll 17:26:06.0686 6028 DPS - ok 17:26:06.0772 6028 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 17:26:06.0774 6028 drmkaud - ok 17:26:07.0091 6028 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 17:26:07.0212 6028 DXGKrnl - ok 17:26:07.0573 6028 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys 17:26:07.0574 6028 E1G60 - ok 17:26:07.0636 6028 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll 17:26:07.0640 6028 EapHost - ok 17:26:07.0805 6028 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 17:26:07.0807 6028 Ecache - ok 17:26:08.0484 6028 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe 17:26:08.0537 6028 ehRecvr - ok 17:26:08.0615 6028 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe 17:26:08.0618 6028 ehSched - ok 17:26:08.0663 6028 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll 17:26:08.0664 6028 ehstart - ok 17:26:08.0766 6028 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys 17:26:08.0769 6028 elxstor - ok 17:26:09.0007 6028 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll 17:26:09.0116 6028 EMDMgmt - ok 17:26:09.0133 6028 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys 17:26:09.0144 6028 ErrDev - ok 17:26:09.0312 6028 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll 17:26:09.0319 6028 EventSystem - ok 17:26:09.0486 6028 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 17:26:09.0488 6028 exfat - ok 17:26:09.0760 6028 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 17:26:09.0762 6028 fastfat - ok 17:26:09.0832 6028 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys 17:26:09.0834 6028 fdc - ok 17:26:09.0846 6028 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll 17:26:09.0848 6028 fdPHost - ok 17:26:09.0865 6028 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll 17:26:09.0867 6028 FDResPub - ok 17:26:09.0897 6028 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 17:26:09.0901 6028 FileInfo - ok 17:26:09.0953 6028 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 17:26:09.0955 6028 Filetrace - ok 17:26:09.0987 6028 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 17:26:09.0988 6028 flpydisk - ok 17:26:10.0201 6028 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 17:26:10.0203 6028 FltMgr - ok 17:26:11.0065 6028 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll 17:26:11.0170 6028 FontCache - ok 17:26:11.0390 6028 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:26:11.0391 6028 FontCache3.0.0.0 - ok 17:26:11.0585 6028 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 17:26:11.0610 6028 fssfltr - ok 17:26:12.0439 6028 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 17:26:12.0448 6028 fsssvc - ok 17:26:12.0854 6028 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys 17:26:12.0900 6028 Fs_Rec - ok 17:26:13.0037 6028 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys 17:26:13.0040 6028 gagp30kx - ok 17:26:13.0539 6028 GameConsoleService (6754117aa31114bdc7abd2bd01339559) C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe 17:26:13.0541 6028 GameConsoleService - ok 17:26:13.0744 6028 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 17:26:13.0773 6028 GEARAspiWDM - ok 17:26:14.0046 6028 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll 17:26:14.0217 6028 gpsvc - ok 17:26:14.0405 6028 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys 17:26:14.0407 6028 HdAudAddService - ok 17:26:14.0707 6028 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 17:26:15.0078 6028 HDAudBus - ok 17:26:15.0150 6028 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 17:26:15.0152 6028 HidBth - ok 17:26:15.0245 6028 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys 17:26:15.0358 6028 HidIr - ok 17:26:15.0415 6028 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll 17:26:15.0417 6028 hidserv - ok 17:26:15.0518 6028 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys 17:26:15.0519 6028 HidUsb - ok 17:26:15.0568 6028 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll 17:26:15.0571 6028 hkmsvc - ok 17:26:15.0927 6028 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe 17:26:15.0929 6028 HP Health Check Service - ok 17:26:16.0328 6028 HPBtnSrv (deab3bf5aefbdc3f9ac0e020926ec81d) C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe 17:26:16.0330 6028 HPBtnSrv - ok 17:26:16.0372 6028 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys 17:26:16.0383 6028 HpCISSs - ok 17:26:16.0663 6028 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 17:26:16.0672 6028 HTTP - ok 17:26:16.0729 6028 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys 17:26:16.0731 6028 i2omp - ok 17:26:16.0810 6028 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 17:26:16.0814 6028 i8042prt - ok 17:26:17.0178 6028 IAANTMON (eef0c78d403f213289067f3861c3af4f) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe 17:26:17.0181 6028 IAANTMON - ok 17:26:17.0319 6028 iaStor (8eacf469269fb1509561961a3188f670) C:\Windows\system32\drivers\iastor.sys 17:26:17.0322 6028 iaStor - ok 17:26:18.0022 6028 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys 17:26:18.0024 6028 iaStorV - ok 17:26:18.0784 6028 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 17:26:18.0789 6028 idsvc - ok 17:26:18.0849 6028 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 17:26:18.0851 6028 iirsp - ok 17:26:19.0027 6028 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll 17:26:19.0152 6028 IKEEXT - ok 17:26:19.0786 6028 IntcAzAudAddService (1edab7f9b9de4424beccdef950ce2ff0) C:\Windows\system32\drivers\RTKVHD64.sys 17:26:19.0979 6028 IntcAzAudAddService - ok 17:26:20.0373 6028 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys 17:26:20.0374 6028 intelide - ok 17:26:20.0555 6028 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 17:26:20.0574 6028 intelppm - ok 17:26:20.0638 6028 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll 17:26:20.0639 6028 IPBusEnum - ok 17:26:20.0815 6028 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:26:20.0817 6028 IpFilterDriver - ok 17:26:21.0201 6028 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll 17:26:21.0393 6028 iphlpsvc - ok 17:26:21.0396 6028 IpInIp - ok 17:26:21.0440 6028 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys 17:26:21.0443 6028 IPMIDRV - ok 17:26:21.0664 6028 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 17:26:21.0665 6028 IPNAT - ok 17:26:22.0253 6028 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe 17:26:22.0259 6028 iPod Service - ok 17:26:22.0286 6028 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 17:26:22.0288 6028 IRENUM - ok 17:26:22.0411 6028 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys 17:26:22.0413 6028 isapnp - ok 17:26:22.0684 6028 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 17:26:22.0844 6028 iScsiPrt - ok 17:26:22.0883 6028 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 17:26:22.0885 6028 iteatapi - ok 17:26:23.0264 6028 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 17:26:23.0266 6028 iteraid - ok 17:26:23.0354 6028 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 17:26:23.0356 6028 kbdclass - ok 17:26:23.0393 6028 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys 17:26:23.0395 6028 kbdhid - ok 17:26:23.0405 6028 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 17:26:23.0406 6028 KeyIso - ok 17:26:23.0649 6028 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys 17:26:23.0652 6028 KSecDD - ok 17:26:23.0709 6028 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 17:26:23.0721 6028 ksthunk - ok 17:26:24.0018 6028 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll 17:26:24.0227 6028 KtmRm - ok 17:26:24.0394 6028 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll 17:26:24.0461 6028 LanmanServer - ok 17:26:24.0846 6028 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll 17:26:24.0883 6028 LanmanWorkstation - ok 17:26:25.0294 6028 LightScribeService (e75adcfafdef3f4c3af3332928d59926) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 17:26:25.0295 6028 LightScribeService - ok 17:26:25.0321 6028 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 17:26:25.0323 6028 lltdio - ok 17:26:25.0663 6028 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll 17:26:25.0860 6028 lltdsvc - ok 17:26:25.0894 6028 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll 17:26:25.0897 6028 lmhosts - ok 17:26:26.0023 6028 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys 17:26:26.0025 6028 LSI_FC - ok 17:26:26.0154 6028 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys 17:26:26.0157 6028 LSI_SAS - ok 17:26:26.0308 6028 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys 17:26:26.0309 6028 LSI_SCSI - ok 17:26:26.0396 6028 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 17:26:26.0399 6028 luafv - ok 17:26:26.0854 6028 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 17:26:26.0856 6028 McMPFSvc - ok 17:26:26.0861 6028 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 17:26:26.0863 6028 mcmscsvc - ok 17:26:26.0965 6028 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 17:26:26.0966 6028 McNaiAnn - ok 17:26:27.0266 6028 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 17:26:27.0268 6028 McNASvc - ok 17:26:27.0649 6028 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe 17:26:27.0654 6028 McODS - ok 17:26:27.0775 6028 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 17:26:27.0778 6028 McProxy - ok 17:26:28.0187 6028 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 17:26:28.0188 6028 McShield - ok 17:26:28.0369 6028 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll 17:26:28.0375 6028 Mcx2Svc - ok 17:26:28.0533 6028 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys 17:26:28.0535 6028 megasas - ok 17:26:28.0774 6028 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys 17:26:28.0777 6028 MegaSR - ok 17:26:28.0900 6028 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys 17:26:28.0902 6028 mfeapfk - ok 17:26:29.0053 6028 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys 17:26:29.0055 6028 mfeavfk - ok 17:26:29.0131 6028 mfeavfk01 - ok 17:26:29.0224 6028 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 17:26:29.0226 6028 mfefire - ok 17:26:29.0474 6028 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys 17:26:29.0477 6028 mfefirek - ok 17:26:29.0748 6028 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys 17:26:29.0753 6028 mfehidk - ok 17:26:29.0911 6028 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys 17:26:29.0913 6028 mfenlfk - ok 17:26:30.0006 6028 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys 17:26:30.0010 6028 mferkdet - ok 17:26:30.0459 6028 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe 17:26:30.0461 6028 mfevtp - ok 17:26:30.0573 6028 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys 17:26:30.0575 6028 mfewfpk - ok 17:26:30.0649 6028 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 17:26:30.0659 6028 MMCSS - ok 17:26:30.0740 6028 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 17:26:30.0741 6028 Modem - ok 17:26:31.0003 6028 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 17:26:31.0004 6028 monitor - ok 17:26:31.0042 6028 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 17:26:31.0053 6028 mouclass - ok 17:26:31.0162 6028 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys 17:26:31.0164 6028 mouhid - ok 17:26:31.0183 6028 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 17:26:31.0187 6028 MountMgr - ok 17:26:31.0357 6028 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys 17:26:31.0419 6028 mpio - ok 17:26:31.0455 6028 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 17:26:31.0456 6028 mpsdrv - ok 17:26:31.0753 6028 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll 17:26:31.0943 6028 MpsSvc - ok 17:26:31.0985 6028 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 17:26:31.0987 6028 Mraid35x - ok 17:26:32.0043 6028 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 17:26:32.0045 6028 MRxDAV - ok 17:26:32.0149 6028 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys 17:26:32.0150 6028 mrxsmb - ok 17:26:32.0441 6028 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:26:32.0443 6028 mrxsmb10 - ok 17:26:32.0566 6028 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:26:32.0567 6028 mrxsmb20 - ok 17:26:32.0591 6028 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys 17:26:32.0592 6028 msahci - ok 17:26:32.0685 6028 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys 17:26:32.0884 6028 msdsm - ok 17:26:33.0050 6028 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe 17:26:33.0054 6028 MSDTC - ok 17:26:33.0111 6028 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 17:26:33.0112 6028 Msfs - ok 17:26:33.0134 6028 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 17:26:33.0136 6028 msisadrv - ok 17:26:33.0555 6028 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll 17:26:33.0596 6028 MSiSCSI - ok 17:26:33.0628 6028 msiserver - ok 17:26:33.0988 6028 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 17:26:33.0990 6028 MSK80Service - ok 17:26:34.0075 6028 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 17:26:34.0077 6028 MSKSSRV - ok 17:26:34.0100 6028 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 17:26:34.0109 6028 MSPCLOCK - ok 17:26:34.0195 6028 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 17:26:34.0196 6028 MSPQM - ok 17:26:34.0538 6028 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 17:26:34.0541 6028 MsRPC - ok 17:26:34.0625 6028 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 17:26:34.0626 6028 mssmbios - ok 17:26:34.0630 6028 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 17:26:34.0632 6028 MSTEE - ok 17:26:34.0745 6028 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 17:26:34.0747 6028 Mup - ok 17:26:35.0192 6028 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll 17:26:35.0309 6028 napagent - ok 17:26:35.0483 6028 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 17:26:35.0485 6028 NativeWifiP - ok 17:26:35.0588 6028 NAVENG - ok 17:26:35.0592 6028 NAVEX15 - ok 17:26:35.0922 6028 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 17:26:36.0231 6028 NDIS - ok 17:26:36.0301 6028 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 17:26:36.0302 6028 NdisTapi - ok 17:26:36.0330 6028 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 17:26:36.0332 6028 Ndisuio - ok 17:26:36.0397 6028 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 17:26:36.0398 6028 NdisWan - ok 17:26:36.0562 6028 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 17:26:36.0563 6028 NDProxy - ok 17:26:36.0662 6028 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 17:26:36.0664 6028 NetBIOS - ok 17:26:36.0785 6028 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 17:26:36.0787 6028 netbt - ok 17:26:36.0835 6028 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 17:26:36.0836 6028 Netlogon - ok 17:26:37.0354 6028 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll 17:26:37.0452 6028 Netman - ok 17:26:37.0663 6028 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll 17:26:37.0732 6028 netprofm - ok 17:26:37.0997 6028 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 17:26:38.0002 6028 NetTcpPortSharing - ok 17:26:38.0071 6028 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 17:26:38.0073 6028 nfrd960 - ok 17:26:38.0463 6028 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll 17:26:38.0564 6028 NlaSvc - ok 17:26:38.0602 6028 Norton Internet Security - ok 17:26:38.0709 6028 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 17:26:38.0711 6028 Npfs - ok 17:26:38.0740 6028 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll 17:26:38.0742 6028 nsi - ok 17:26:38.0768 6028 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 17:26:38.0770 6028 nsiproxy - ok 17:26:39.0356 6028 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 17:26:39.0365 6028 Ntfs - ok 17:26:39.0992 6028 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 17:26:39.0995 6028 Null - ok 17:26:40.0071 6028 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys 17:26:40.0077 6028 nvraid - ok 17:26:40.0095 6028 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys 17:26:40.0097 6028 nvstor - ok 17:26:40.0236 6028 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys 17:26:40.0239 6028 nv_agp - ok 17:26:40.0242 6028 NwlnkFlt - ok 17:26:40.0247 6028 NwlnkFwd - ok 17:26:40.0695 6028 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 17:26:40.0699 6028 odserv - ok 17:26:40.0886 6028 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys 17:26:40.0891 6028 ohci1394 - ok 17:26:41.0118 6028 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:26:41.0119 6028 ose - ok 17:26:41.0553 6028 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 17:26:41.0559 6028 p2pimsvc - ok 17:26:41.0567 6028 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 17:26:41.0573 6028 p2psvc - ok 17:26:41.0676 6028 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys 17:26:41.0677 6028 Parport - ok 17:26:41.0844 6028 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys 17:26:41.0847 6028 partmgr - ok 17:26:41.0968 6028 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll 17:26:41.0981 6028 PcaSvc - ok 17:26:42.0619 6028 PCD5SRVC{8AAF211B-043E02A9-05040000} (7204f835a4355d1ab2853e57c9ff177c) C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms 17:26:42.0621 6028 PCD5SRVC{8AAF211B-043E02A9-05040000} - ok 17:26:42.0670 6028 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 17:26:42.0681 6028 pci - ok 17:26:42.0840 6028 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys 17:26:42.0842 6028 pciide - ok 17:26:43.0003 6028 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 17:26:43.0005 6028 pcmcia - ok 17:26:43.0305 6028 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 17:26:43.0310 6028 PEAUTH - ok 17:26:43.0642 6028 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe 17:26:43.0644 6028 PerfHost - ok 17:26:44.0201 6028 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll 17:26:44.0534 6028 pla - ok 17:26:44.0772 6028 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll 17:26:44.0901 6028 PlugPlay - ok 17:26:45.0140 6028 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 17:26:45.0146 6028 PNRPAutoReg - ok 17:26:45.0154 6028 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 17:26:45.0160 6028 PNRPsvc - ok 17:26:45.0395 6028 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll 17:26:45.0498 6028 PolicyAgent - ok 17:26:45.0703 6028 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 17:26:45.0704 6028 PptpMiniport - ok 17:26:45.0940 6028 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys 17:26:45.0942 6028 Processor - ok 17:26:46.0253 6028 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll 17:26:46.0276 6028 ProfSvc - ok 17:26:46.0343 6028 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 17:26:46.0344 6028 ProtectedStorage - ok 17:26:46.0586 6028 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys 17:26:46.0587 6028 Ps2 - ok 17:26:46.0723 6028 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 17:26:46.0748 6028 PSched - ok 17:26:47.0167 6028 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys 17:26:47.0175 6028 ql2300 - ok 17:26:47.0245 6028 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 17:26:47.0267 6028 ql40xx - ok 17:26:47.0506 6028 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll 17:26:47.0566 6028 QWAVE - ok 17:26:47.0701 6028 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 17:26:47.0702 6028 QWAVEdrv - ok 17:26:47.0750 6028 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 17:26:47.0751 6028 RasAcd - ok 17:26:47.0877 6028 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll 17:26:48.0132 6028 RasAuto - ok 17:26:48.0335 6028 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 17:26:48.0336 6028 Rasl2tp - ok 17:26:48.0591 6028 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll 17:26:48.0642 6028 RasMan - ok 17:26:48.0693 6028 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 17:26:48.0697 6028 RasPppoe - ok 17:26:48.0733 6028 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 17:26:48.0734 6028 RasSstp - ok 17:26:49.0015 6028 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 17:26:49.0018 6028 rdbss - ok 17:26:49.0072 6028 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 17:26:49.0075 6028 RDPCDD - ok 17:26:49.0281 6028 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys 17:26:49.0283 6028 rdpdr - ok 17:26:49.0289 6028 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 17:26:49.0299 6028 RDPENCDD - ok 17:26:49.0553 6028 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys 17:26:49.0555 6028 RDPWD - ok 17:26:49.0660 6028 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll 17:26:49.0663 6028 RemoteAccess - ok 17:26:49.0752 6028 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll 17:26:49.0769 6028 RemoteRegistry - ok 17:26:49.0810 6028 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe 17:26:49.0812 6028 RpcLocator - ok 17:26:50.0110 6028 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 17:26:50.0116 6028 RpcSs - ok 17:26:50.0144 6028 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 17:26:50.0145 6028 rspndr - ok 17:26:50.0272 6028 RTL8169 (d53c84ec99ab4d78a90001e5ce5386ec) C:\Windows\system32\DRIVERS\Rtlh64.sys 17:26:50.0290 6028 RTL8169 - ok 17:26:50.0420 6028 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 17:26:50.0422 6028 SamSs - ok 17:26:50.0485 6028 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 17:26:50.0490 6028 sbp2port - ok 17:26:50.0634 6028 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll 17:26:50.0826 6028 SCardSvr - ok 17:26:51.0152 6028 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll 17:26:51.0272 6028 Schedule - ok 17:26:51.0367 6028 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 17:26:51.0368 6028 SCPolicySvc - ok 17:26:51.0463 6028 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll 17:26:51.0468 6028 SDRSVC - ok 17:26:51.0584 6028 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 17:26:51.0596 6028 secdrv - ok 17:26:51.0632 6028 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll 17:26:51.0634 6028 seclogon - ok 17:26:51.0741 6028 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll 17:26:51.0744 6028 SENS - ok 17:26:51.0787 6028 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys 17:26:51.0788 6028 Serenum - ok 17:26:51.0837 6028 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys 17:26:51.0916 6028 Serial - ok 17:26:52.0024 6028 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 17:26:52.0043 6028 sermouse - ok 17:26:52.0232 6028 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll 17:26:52.0261 6028 SessionEnv - ok 17:26:52.0282 6028 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys 17:26:52.0284 6028 sffdisk - ok 17:26:52.0400 6028 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys 17:26:52.0410 6028 sffp_mmc - ok 17:26:52.0469 6028 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys 17:26:52.0471 6028 sffp_sd - ok 17:26:52.0502 6028 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 17:26:52.0504 6028 sfloppy - ok 17:26:52.0649 6028 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll 17:26:52.0896 6028 SharedAccess - ok 17:26:53.0111 6028 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll 17:26:53.0206 6028 ShellHWDetection - ok 17:26:53.0237 6028 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys 17:26:53.0239 6028 SiSRaid2 - ok 17:26:53.0374 6028 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys 17:26:53.0403 6028 SiSRaid4 - ok 17:26:54.0499 6028 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe 17:26:54.0516 6028 slsvc - ok 17:26:55.0205 6028 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll 17:26:55.0208 6028 SLUINotify - ok 17:26:55.0366 6028 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 17:26:55.0367 6028 Smb - ok 17:26:55.0445 6028 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe 17:26:55.0448 6028 SNMPTRAP - ok 17:26:55.0513 6028 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 17:26:55.0517 6028 spldr - ok 17:26:55.0768 6028 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe 17:26:55.0771 6028 Spooler - ok 17:26:55.0775 6028 SRTSP - ok 17:26:55.0780 6028 SRTSPX - ok 17:26:56.0140 6028 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys 17:26:56.0144 6028 srv - ok 17:26:56.0351 6028 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys 17:26:56.0353 6028 srv2 - ok 17:26:56.0447 6028 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys 17:26:56.0448 6028 srvnet - ok 17:26:56.0512 6028 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll 17:26:56.0517 6028 SSDPSRV - ok 17:26:56.0682 6028 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll 17:26:56.0848 6028 SstpSvc - ok 17:26:57.0048 6028 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll 17:26:57.0120 6028 stisvc - ok 17:26:57.0183 6028 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 17:26:57.0185 6028 swenum - ok 17:26:57.0428 6028 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll 17:26:57.0826 6028 swprv - ok 17:26:57.0868 6028 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 17:26:57.0880 6028 Symc8xx - ok 17:26:57.0926 6028 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 17:26:57.0947 6028 Sym_hi - ok 17:26:57.0995 6028 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 17:26:57.0997 6028 Sym_u3 - ok 17:26:59.0057 6028 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll 17:26:59.0206 6028 SysMain - ok 17:27:00.0009 6028 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll 17:27:00.0043 6028 TabletInputService - ok 17:27:00.0166 6028 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll 17:27:00.0183 6028 TapiSrv - ok 17:27:00.0215 6028 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll 17:27:00.0220 6028 TBS - ok 17:27:00.0739 6028 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys 17:27:00.0748 6028 Tcpip - ok 17:27:00.0762 6028 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys 17:27:00.0771 6028 Tcpip6 - ok 17:27:00.0984 6028 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys 17:27:00.0988 6028 tcpipreg - ok 17:27:01.0083 6028 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 17:27:01.0093 6028 TDPIPE - ok 17:27:01.0186 6028 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 17:27:01.0211 6028 TDTCP - ok 17:27:01.0651 6028 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 17:27:01.0652 6028 tdx - ok 17:27:01.0710 6028 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 17:27:01.0713 6028 TermDD - ok 17:27:02.0072 6028 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll 17:27:02.0084 6028 TermService - ok 17:27:02.0377 6028 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll 17:27:02.0380 6028 Themes - ok 17:27:02.0568 6028 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 17:27:02.0569 6028 THREADORDER - ok 17:27:02.0937 6028 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll 17:27:02.0942 6028 TrkWks - ok 17:27:03.0024 6028 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe 17:27:03.0043 6028 TrustedInstaller - ok 17:27:03.0121 6028 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 17:27:03.0124 6028 tssecsrv - ok 17:27:03.0149 6028 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 17:27:03.0151 6028 tunmp - ok 17:27:03.0257 6028 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 17:27:03.0258 6028 tunnel - ok 17:27:03.0323 6028 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys 17:27:03.0387 6028 uagp35 - ok 17:27:03.0578 6028 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 17:27:03.0580 6028 udfs - ok 17:27:03.0695 6028 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe 17:27:03.0697 6028 UI0Detect - ok 17:27:03.0871 6028 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys 17:27:03.0874 6028 uliagpkx - ok 17:27:04.0181 6028 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys 17:27:04.0183 6028 uliahci - ok 17:27:04.0349 6028 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 17:27:04.0351 6028 UlSata - ok 17:27:04.0425 6028 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 17:27:04.0427 6028 ulsata2 - ok 17:27:04.0610 6028 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 17:27:04.0618 6028 umbus - ok 17:27:05.0160 6028 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll 17:27:05.0647 6028 upnphost - ok 17:27:05.0903 6028 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 17:27:05.0905 6028 USBAAPL64 - ok 17:27:05.0965 6028 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 17:27:05.0966 6028 usbccgp - ok 17:27:06.0010 6028 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 17:27:06.0011 6028 usbcir - ok 17:27:06.0342 6028 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 17:27:06.0344 6028 usbehci - ok 17:27:06.0746 6028 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 17:27:06.0748 6028 usbhub - ok 17:27:06.0893 6028 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys 17:27:06.0894 6028 usbohci - ok 17:27:06.0975 6028 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys 17:27:07.0005 6028 usbprint - ok 17:27:07.0032 6028 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:27:07.0033 6028 USBSTOR - ok 17:27:07.0054 6028 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 17:27:07.0056 6028 usbuhci - ok 17:27:07.0478 6028 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll 17:27:07.0521 6028 UxSms - ok 17:27:07.0925 6028 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe 17:27:08.0229 6028 vds - ok 17:27:08.0314 6028 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys 17:27:08.0315 6028 vga - ok 17:27:08.0337 6028 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 17:27:08.0339 6028 VgaSave - ok 17:27:08.0503 6028 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 17:27:08.0513 6028 viaide - ok 17:27:08.0600 6028 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 17:27:08.0602 6028 volmgr - ok 17:27:08.0943 6028 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 17:27:08.0946 6028 volmgrx - ok 17:27:09.0074 6028 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 17:27:09.0076 6028 volsnap - ok 17:27:09.0361 6028 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys 17:27:09.0363 6028 vsmraid - ok 17:27:09.0900 6028 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe 17:27:09.0909 6028 VSS - ok 17:27:10.0208 6028 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll 17:27:10.0256 6028 W32Time - ok 17:27:10.0653 6028 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 17:27:10.0656 6028 WacomPen - ok 17:27:10.0981 6028 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 17:27:10.0983 6028 Wanarp - ok 17:27:10.0986 6028 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 17:27:10.0987 6028 Wanarpv6 - ok 17:27:11.0741 6028 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll 17:27:11.0944 6028 wcncsvc - ok 17:27:12.0024 6028 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll 17:27:12.0027 6028 WcsPlugInService - ok 17:27:12.0050 6028 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys 17:27:12.0061 6028 Wd - ok 17:27:12.0434 6028 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys 17:27:12.0439 6028 Wdf01000 - ok 17:27:12.0747 6028 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 17:27:12.0751 6028 WdiServiceHost - ok 17:27:12.0756 6028 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 17:27:12.0758 6028 WdiSystemHost - ok 17:27:12.0851 6028 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll 17:27:12.0971 6028 WebClient - ok 17:27:13.0295 6028 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll 17:27:13.0323 6028 Wecsvc - ok 17:27:13.0378 6028 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll 17:27:13.0381 6028 wercplsupport - ok 17:27:13.0602 6028 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll 17:27:13.0630 6028 WerSvc - ok 17:27:13.0770 6028 WinDefend - ok 17:27:13.0777 6028 WinHttpAutoProxySvc - ok 17:27:14.0262 6028 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll 17:27:14.0294 6028 Winmgmt - ok 17:27:15.0420 6028 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll 17:27:15.0746 6028 WinRM - ok 17:27:16.0408 6028 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll 17:27:16.0600 6028 Wlansvc - ok 17:27:16.0787 6028 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 17:27:16.0791 6028 wlcrasvc - ok 17:27:17.0614 6028 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 17:27:17.0775 6028 wlidsvc - ok 17:27:18.0326 6028 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys 17:27:18.0327 6028 WmiAcpi - ok 17:27:18.0717 6028 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe 17:27:19.0007 6028 wmiApSrv - ok 17:27:19.0071 6028 WMPNetworkSvc - ok 17:27:19.0375 6028 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll 17:27:19.0584 6028 WPCSvc - ok 17:27:19.0663 6028 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll 17:27:19.0780 6028 WPDBusEnum - ok 17:27:19.0963 6028 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 17:27:19.0964 6028 WpdUsb - ok 17:27:21.0126 6028 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 17:27:21.0245 6028 WPFFontCache_v0400 - ok 17:27:21.0434 6028 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 17:27:21.0436 6028 ws2ifsl - ok 17:27:21.0514 6028 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll 17:27:21.0520 6028 wscsvc - ok 17:27:21.0523 6028 WSearch - ok 17:27:22.0252 6028 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 17:27:22.0268 6028 wuauserv - ok 17:27:22.0943 6028 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 17:27:22.0944 6028 WUDFRd - ok 17:27:23.0092 6028 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll 17:27:23.0150 6028 wudfsvc - ok 17:27:23.0654 6028 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl 17:27:23.0670 6028 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok 17:27:23.0823 6028 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0 17:27:26.0002 6028 \Device\Harddisk0\DR0 - ok 17:27:26.0063 6028 Boot (0x1200) (2b7568687fd54b4e5dc51bff2ac1ba66) \Device\Harddisk0\DR0\Partition0 17:27:26.0147 6028 \Device\Harddisk0\DR0\Partition0 - ok 17:27:26.0150 6028 Boot (0x1200) (cb6d0358209d37d5b4296b3b0b20ab63) \Device\Harddisk0\DR0\Partition1 17:27:26.0290 6028 \Device\Harddisk0\DR0\Partition1 - ok 17:27:26.0290 6028 ============================================================ 17:27:26.0290 6028 Scan finished 17:27:26.0290 6028 ============================================================ 17:27:26.0698 5048 Detected object count: 0 17:27:26.0698 5048 Actual detected object count: 0 17:28:04.0219 0468 Deinitialize success

A couple months ago I started seeing McAfee Net Guard pop up saying its blocking risky connections. I have been on pretty safe sites like yahoo sports and gotten this pop up. I have run McAfee and MalwareBytes (both up to date) and they have not found anything. Some of the recent IP addresses listed: 72.21.194.32 8.5.1.49 66.114.51.61 All attempted by IE (version 9.0.8112.16421) hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 5:13:09 PM, on 6/24/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\hp\support\hpsysdrv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe C:\Program Files (x86)\Windows Live\Companion\companionuser.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\CK\Desktop\maleware\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622190534.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll O4 - HKLM\..\Run: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN O4 - Global Startup: PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Easy Backup Button Service (HPBtnSrv) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12029 bytes DDS: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by CK at 17:13:27 on 2012-06-24 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8190.5768 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\hp\support\hpsysdrv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe C:\Program Files (x86)\Windows Live\Companion\companionuser.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\Common Files\McAfee\Core\mchost.exe C:\Program Files\McAfee\VirusScan\mcods.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622190534.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN mRun: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" mRun: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" mRun: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{03D62279-1CA1-4C3D-932F-8CD2B1C2EEEA} : DhcpNameServer = 192.168.2.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll BHO-X64: McAfee Phishing Filter - No File BHO-X64: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622190534.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll mRun-x64: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" mRun-x64: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" mRun-x64: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe mRun-x64: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\CK\AppData\Roaming\Mozilla\Firefox\Profiles\na8w1juv.default\ FF - prefs.js: browser.search.selectedEngine - Blekko FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/04/05 21:35:00];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-10-21 146928] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 HPBtnSrv;HP Easy Backup Button Service;C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-11-21 192512] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-4-25 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-4-25 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-4-25 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-4-25 199272] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-4-25 210584] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-4-25 162192] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Norton Internet Security;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?] S3 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [2008-9-9 25888] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-17 89920] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-06-23 19:53:13 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-23 19:52:53 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-23 19:52:53 88576 ----a-w- C:\Windows\SysWow64\wudriver.dll 2012-06-23 19:52:46 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-23 19:52:46 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe 2012-06-23 19:52:46 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-23 19:52:46 171904 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2012-06-23 00:05:27 29312 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll 2012-06-17 23:55:39 209920 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-06-17 23:55:38 2767360 ----a-w- C:\Windows\System32\win32k.sys 2012-06-17 23:55:28 1267200 ----a-w- C:\Windows\System32\crypt32.dll 2012-06-17 23:55:27 984064 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-06-17 23:55:27 174592 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-06-17 23:55:27 132096 ----a-w- C:\Windows\System32\cryptnet.dll 2012-06-17 23:55:26 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-06-17 23:55:26 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-06-02 15:48:52 -------- d-sh--w- C:\$RECYCLE.BIN 2012-05-31 01:31:13 98816 ----a-w- C:\Windows\sed.exe 2012-05-31 01:31:13 518144 ----a-w- C:\Windows\SWREG.exe 2012-05-31 01:31:13 256000 ----a-w- C:\Windows\PEV.exe 2012-05-31 01:31:13 208896 ----a-w- C:\Windows\MBR.exe 2012-05-31 01:26:49 -------- d-----w- C:\Users\CK\AppData\Local\Google 2012-05-31 01:26:46 -------- d-----w- C:\Program Files (x86)\Free Download Manager 2012-05-31 01:26:41 -------- d-----w- C:\ProgramData\blekko toolbars . ==================== Find3M ==================== . 2012-05-25 00:51:43 16200 ----a-w- C:\Windows\stinger.sys 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-04-03 08:22:15 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-30 12:45:03 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 17:14:16.92 =============== Attached Attach.txt Attach.txt

A couple months ago I started seeing McAfee Net Guard pop up saying its blocking risky connections. I have been on pretty safe sites like yahoo sports and gotten this pop up. I have run McAfee and MalwareBytes (both up to date) and they have not found anything. Some of the recent IP addresses listed: 72.21.194.32 8.5.1.49 66.114.51.61 All attempted by IE (version 9.0.8112.16421) Attached hijackthis.log. Any help would be greatly appreciated. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by CK at 12:23:30 on 2012-05-26 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8190.6453 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\hp\support\hpsysdrv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\hp\support\hpsysdrv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe C:\Program Files\Common Files\McAfee\Core\mchost.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120429111636.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN mRun: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" mRun: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" mRun: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{03D62279-1CA1-4C3D-932F-8CD2B1C2EEEA} : DhcpNameServer = 192.168.2.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll BHO-X64: McAfee Phishing Filter - No File BHO-X64: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120429111636.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File mRun-x64: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" mRun-x64: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" mRun-x64: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe mRun-x64: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\CK\AppData\Roaming\Mozilla\Firefox\Profiles\na8w1juv.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/04/05 21:35:00];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-10-21 146928] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 HPBtnSrv;HP Easy Backup Button Service;C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-11-21 192512] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-4-25 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-4-25 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-4-25 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-4-25 199272] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-4-25 210584] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-4-25 162192] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Norton Internet Security;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?] S3 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [2008-9-9 25888] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-17 89920] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-05-10 01:29:31 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-05-10 01:27:52 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-10 01:27:51 2766848 ----a-w- C:\Windows\System32\win32k.sys 2012-04-29 16:16:28 29272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll . ==================== Find3M ==================== . 2012-05-25 00:51:43 16200 ----a-w- C:\Windows\stinger.sys 2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-20 23:34:30 72576 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-03-01 15:39:45 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll 2012-03-01 15:39:45 196096 ----a-w- C:\Windows\System32\d3d10_1.dll 2012-03-01 14:46:01 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2012-03-01 14:46:01 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2012-02-29 15:37:41 5632 ----a-w- C:\Windows\System32\wmi.dll 2012-02-29 15:37:38 219136 ----a-w- C:\Windows\System32\wintrust.dll 2012-02-29 15:35:44 78848 ----a-w- C:\Windows\System32\imagehlp.dll 2012-02-29 15:11:45 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-02-29 15:11:42 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-02-29 15:09:53 157696 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-02-29 14:40:31 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll 2012-02-29 14:09:35 834048 ----a-w- C:\Windows\System32\d2d1.dll 2012-02-29 14:08:47 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2012-02-29 14:06:08 1556480 ----a-w- C:\Windows\System32\DWrite.dll 2012-02-29 13:52:46 16384 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-02-29 13:44:50 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-02-29 13:41:40 1069056 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 12:24:18.51 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/13/2009 2:32:56 PM System Uptime: 5/26/2012 7:35:34 AM (5 hours ago) . Motherboard: PEGATRON CORPORATION | | Benicia Processor: Intel® Core2 Quad CPU Q9300 @ 2.50GHz | CPU 1 | 2500/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 918 GiB total, 728.332 GiB free. D: is FIXED (NTFS) - 13 GiB total, 1.837 GiB free. E: is CDROM (CDFS) F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft ISATAP Adapter Device ID: ROOT\*ISATAP\0011 Manufacturer: Microsoft Name: Microsoft ISATAP Adapter #2 PNP Device ID: ROOT\*ISATAP\0011 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft ISATAP Adapter Device ID: ROOT\*ISATAP\0292 Manufacturer: Microsoft Name: Microsoft ISATAP Adapter #6 PNP Device ID: ROOT\*ISATAP\0292 Service: tunnel . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Tun Miniport Adapter Device ID: ROOT\*TUNMP\0001 Manufacturer: Microsoft Name: Microsoft Tun Miniport Adapter #2 PNP Device ID: ROOT\*TUNMP\0001 Service: tunmp . ==== System Restore Points =================== . RP761: 3/17/2012 1:51:09 PM - Scheduled Checkpoint RP762: 3/17/2012 1:51:09 PM - Scheduled Checkpoint RP763: 3/18/2012 12:52:49 PM - Scheduled Checkpoint RP764: 3/20/2012 8:44:03 PM - Scheduled Checkpoint RP765: 3/21/2012 9:29:16 PM - Windows Update RP766: 3/22/2012 8:58:16 PM - Scheduled Checkpoint RP767: 3/23/2012 10:08:33 PM - Scheduled Checkpoint RP768: 3/25/2012 11:37:02 AM - Scheduled Checkpoint RP769: 3/26/2012 8:58:32 PM - Scheduled Checkpoint RP770: 3/29/2012 8:30:38 PM - Scheduled Checkpoint RP771: 3/30/2012 8:10:29 PM - Scheduled Checkpoint RP772: 3/31/2012 9:28:33 AM - Scheduled Checkpoint RP773: 4/1/2012 11:53:53 AM - Scheduled Checkpoint RP774: 4/1/2012 11:53:53 AM - Scheduled Checkpoint RP775: 4/3/2012 7:45:43 PM - Scheduled Checkpoint RP776: 4/6/2012 8:34:27 PM - Scheduled Checkpoint RP777: 4/8/2012 11:45:28 AM - Scheduled Checkpoint RP778: 4/11/2012 8:56:49 PM - Scheduled Checkpoint RP779: 4/12/2012 7:20:22 PM - Windows Update RP780: 4/14/2012 9:50:09 AM - Scheduled Checkpoint RP781: 4/14/2012 9:50:09 AM - Scheduled Checkpoint RP782: 4/15/2012 1:10:09 PM - Scheduled Checkpoint RP783: 4/16/2012 8:43:40 PM - Scheduled Checkpoint RP784: 4/18/2012 9:45:48 PM - Scheduled Checkpoint RP784: 4/18/2012 9:45:48 PM - Scheduled Checkpoint RP785: 4/19/2012 8:57:04 PM - Scheduled Checkpoint RP786: 4/20/2012 8:47:15 PM - Scheduled Checkpoint RP787: 4/21/2012 10:50:43 AM - Scheduled Checkpoint RP788: 4/22/2012 1:18:04 AM - Scheduled Checkpoint RP789: 4/23/2012 12:35:52 AM - Scheduled Checkpoint RP790: 4/23/2012 9:36:21 PM - Scheduled Checkpoint RP791: 4/25/2012 8:12:50 PM - Scheduled Checkpoint RP792: 4/29/2012 12:42:25 PM - Scheduled Checkpoint RP793: 5/3/2012 8:33:46 PM - Scheduled Checkpoint RP794: 5/4/2012 8:14:01 PM - Scheduled Checkpoint RP795: 5/5/2012 11:04:14 AM - Scheduled Checkpoint RP796: 5/6/2012 3:46:44 PM - Scheduled Checkpoint RP797: 5/9/2012 9:02:00 PM - Scheduled Checkpoint RP798: 5/10/2012 7:59:04 PM - Windows Update RP799: 5/12/2012 10:02:34 AM - Scheduled Checkpoint RP800: 5/13/2012 9:38:31 AM - Windows Update RP801: 5/14/2012 9:18:04 PM - Scheduled Checkpoint RP802: 5/14/2012 9:18:04 PM - Scheduled Checkpoint RP803: 5/16/2012 9:24:54 PM - Scheduled Checkpoint RP804: 5/18/2012 9:19:41 PM - Scheduled Checkpoint RP805: 5/19/2012 9:31:00 PM - Scheduled Checkpoint RP806: 5/20/2012 11:38:59 AM - Scheduled Checkpoint RP807: 5/21/2012 8:58:17 PM - Scheduled Checkpoint RP808: 5/23/2012 8:56:51 PM - Scheduled Checkpoint RP809: 5/25/2012 6:29:41 PM - Scheduled Checkpoint RP810: 5/26/2012 10:37:52 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Acrobat.com ActiveCheck component for HP Active Support Library Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.4.5 Apple Application Support Apple Software Update Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Czech Catalyst Control Center Localization Danish Catalyst Control Center Localization Dutch Catalyst Control Center Localization Finnish Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Greek Catalyst Control Center Localization Hungarian Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Norwegian Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Russian Catalyst Control Center Localization Spanish Catalyst Control Center Localization Swedish Catalyst Control Center Localization Thai Catalyst Control Center Localization Turkish ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Compatibility Pack for the 2007 Office system CyberLink DVD Suite Deluxe D3DX10 Enhanced Multimedia Keyboard Solution EPSON Scan Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Active Support Library HP Customer Experience Enhancements HP Demo HP Easy Backup HP MediaSmart DVD HP MediaSmart Music/Photo/Video HP Picasso Media Center Add-In HP Recovery Manager RSS HP Total Care Advisor HP Total Care Setup HP Update HPAsset component for HP Active Support Library Java Auto Updater Java 6 Update 26 Junk Mail filter update Juno Preloader LabelPrint LightScribe System Software 1.14.25.1 LightScribe Template Labeler Malwarebytes Anti-Malware version 1.61.0.1400 McAfee Internet Security Mesh Runtime Messenger Companion Microsoft Live Search Toolbar Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mozilla Firefox 11.0 (x86 en-US) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) muvee Reveal My HP Games NetZero Preloader PictureMover Power2Go PowerDirector Python 2.5.2 Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Segoe UI Skins sp41099 sp41121 Spelling Dictionaries Support For Adobe Reader 9 SPORE Creature Creator Trial Edition Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Warcraft III Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 5/26/2012 9:48:31 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 5/26/2012 7:37:35 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SRTSP SRTSPX 5/26/2012 7:37:35 AM, Error: Service Control Manager [7000] - The Norton Internet Security service failed to start due to the following error: The system cannot find the path specified. 5/24/2012 7:51:44 PM, Error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s). 5/21/2012 8:21:10 PM, Error: Schannel [36874] - An SSL connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. . ==== End Of File =========================== hijackthis.log