Google redirects

Snake207 · July 13, 2012

Reports, as instructed.

Thank you in advance!

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by KSandlin at 12:35:34 on 2012-07-13

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.554 [GMT -5:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

.

============== Running Processes ===============

.

C:\WINDOWS\System32\svchost.exe -k Cognizance

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

c:\Program Files\Windows Defender\MsMpEng.exe

C:\Program Files\DisplayLink Software\DisplayLinkService.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\ifxspmgt.exe

C:\WINDOWS\system32\ifxtcs.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\IfxPsdSv.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\GFI Software\GFIAgent\SBAMSvc.exe

C:\Program Files\GFI Software\GFIAgent\SBPIMSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\RealVNC\VNC4\WinVNC4.exe

C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe

C:\WINDOWS\system32\CCM\CcmExec.exe

C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe

C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe

C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\DisplayLink Software\DisplayLinkManager.exe

C:\Program Files\DisplayLink Software\DisplayLinkUI.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files\GFI Software\GFIAgent\SBAMTray.exe

C:\Program Files\RightFax\Client\faxctrl.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\ksandlin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe

C:\Program Files\AMS Services\TransactNOW\OALaunch.exe

C:\Documents and Settings\ksandlin\Application Data\Dropbox\bin\Dropbox.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Express ClickYes\ClickYes.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Documents and Settings\ksandlin\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe

C:\Documents and Settings\ksandlin\Local Settings\Application Data\AMS Services, Inc\AMS 360\WorkstationCoordinator.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\system32\MsiExec.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *;<local>;192.168.*.*

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: Credential Manager for HP ProtectTools: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\hewlett-packard\iam\bin\ItIEAddIn.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Facebook Update] "c:\documents and settings\ksandlin\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver

uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Google Update] "c:\documents and settings\ksandlin\local settings\application data\google\update\GoogleUpdate.exe" /c

mRun: [CognizanceTS] rundll32.exe c:\progra~1\hewlet~1\iam\bin\ASTSVCC.dll,RegisterModule

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe

mRun: [sBAMTray] "c:\program files\gfi software\gfiagent\SBAMTray.exe"

mRun: [RightFAX Print-to-Fax Driver] c:\program files\rightfax\client\faxctrl.exe

mRun: [mecoal] rundll32.exe "c:\documents and settings\ksandlin\application data\mecoal.dll",DrawPixels

mRun: [secsme] "c:\windows\system32\rundll32.exe" "c:\documents and settings\ksandlin\application data\secsme.dll",FillTexture

dRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32

StartupFolder: c:\docume~1\ksandlin\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\ksandlin\application data\dropbox\bin\Dropbox.exe

StartupFolder: c:\docume~1\ksandlin\startm~1\programs\startup\launch~1.lnk - c:\program files\express clickyes\ClickYes.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\imagem~1.lnk - c:\program files\pixela\imagemixer3\HDDCameraMonitor.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\rightf~1.lnk - c:\windows\installer\{4babdcf6-9faa-4b6e-a9de-d15a7ea800d3}\FaxCtrl_English_4BABDCF69FAA4B6EA9DED15A7EA800D3.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\transa~1.lnk - c:\program files\ams services\transactnow\OALaunch.exe

uPolicies-explorer: DisallowRun = 1 (0x1)

uPolicies-explorer: NoWelcomeScreen = 1 (0x1)

uPolicies-explorer: DisableThumbnails = 0 (0x0)

uPolicies-disallowrun: 1 = musrmgr.exe

uPolicies-disallowrun: 2 = user manager.exe

uPolicies-disallowrun: 3 = usrmgr.exe

uPolicies-disallowrun: 4 = USRMGR.exe

uPolicies-disallowrun: 5 = yahoomessenger.exe

uPolicies-disallowrun: 6 = yahoowidgets.exe

mPolicies-explorer: NoWelcomeScreen = 1 (0x1)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

Trusted Zone: ams-benefits.com

Trusted Zone: ams-services.com

Trusted Zone: ams-support.com

Trusted Zone: ams360.com

Trusted Zone: amsservices.com

Trusted Zone: caccini

Trusted Zone: google.com\www

Trusted Zone: prevailnetwork.com

Trusted Zone: vertafore.com

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://cinfincs.gradepoint.com/courses/authorware_installer/awswaxf-7.0.0.70.cab

DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxp://picasaweb.google.com/s/v/56.44/uploader2.cab

DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/53.10/uploader2.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1306998647781

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1191365276812

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {7A162288-DE78-473C-A6BA-23FF17F768E9} - hxxp://aig.interwise.com/rmis/application/EventEntry/AxWebInstaller.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {ACF93F61-9F60-4C1E-A015-E3B3812BD58C} - hxxp://www.strategicwc.com/DTS/PV/Webserver/CABS/PVDMDocView400.cab

DPF: {C2AD5B59-154E-4090-91F5-19FC1410E8EE} - hxxp://www.koreatimes.co.kr/www/TTS/App/Downloader.cab

DPF: {CA9DABAF-EE22-4B29-9C60-91F85E81A894} - hxxps://webfnol.firemansfund.com:446/AICS.WebFNOL/WebFNOL/WebFNOL/CheckFileSize.CAB

DPF: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 10.45.34.32 10.45.34.35 10.45.34.38

TCP: Interfaces\{85370FFA-C8D6-4BD0-B957-8AB44A47032E} : DhcpNameServer = 10.45.34.32 10.45.34.35 10.45.34.38

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll

Notify: igfxcui - igfxdev.dll

Notify: OneCard - c:\program files\hewlett-packard\iam\bin\ASWLNPkg.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

.

============= SERVICES / DRIVERS ===============

.

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-7-14 65584]

R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2007-1-23 39080]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-11-23 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-11-23 67656]

R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2012-4-12 21496]

R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-8-30 101624]

R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2012-4-2 212568]

R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-4-14 14336]

R2 DisplayLinkService;DisplayLink Service;c:\program files\displaylink software\DisplayLinkService.exe [2007-11-6 417792]

R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-4-26 223088]

R2 SBAMSvc;VIPRE Business;c:\program files\gfi software\gfiagent\SBAMSvc.exe [2011-10-12 2804312]

R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-4-12 74104]

R2 SBPIMSvc;SB Recovery Service;c:\program files\gfi software\gfiagent\SBPIMSvc.exe [2011-10-12 181616]

R2 SWIHPWMI;SWIHPWMI;c:\program files\hpq\shared\sierra wireless\win32\unicode\SWIHPWMI.exe [2006-12-4 292384]

R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-10-5 13592]

R3 DisplayLinkGA;DisplayLinkGA;c:\windows\system32\drivers\DisplayLinkGAport.sys [2007-3-9 25704]

R3 DisplayLinkmirror;DisplayLinkmirror;c:\windows\system32\drivers\DisplayLinkmirrorport.sys [2007-3-9 23400]

R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\drivers\DisplayLinkUsbPort.sys [2008-8-14 26600]

R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-10-2 36608]

S1 ATMDLC;Attachmate DLC Protocol;c:\windows\system32\drivers\atmdlc.sys --> c:\windows\system32\drivers\atmdlc.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-22 135664]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-9 250056]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-22 135664]

S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [2007-10-2 33024]

S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-11-23 12872]

S4 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-4-14 14336]

S4 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]

.

=============== Created Last 30 ================

.

2012-07-06 20:50:04 432640 ----a-w- c:\documents and settings\ksandlin\application data\secsme.dll

2012-06-13 20:21:07 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

.

==================== Find3M ====================

.

2012-07-12 17:16:28 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-12 17:16:28 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 20:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 20:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 20:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 20:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 20:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-24 13:23:41 637848 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-24 13:23:41 567696 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-24 13:23:41 141312 ----a-w- c:\windows\system32\javacpl.cpl

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec

2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

============= FINISH: 12:43:38.77 ===============

+

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 5/31/2011 10:20:25 PM

System Uptime: 7/13/2012 7:18:08 AM (5 hours ago)

.

Motherboard: Hewlett-Packard | | 30C0

Processor: Intel Pentium III Xeon processor | U10 | 2094/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 70.055 GiB free.

D: is CDROM ()

G: is NetworkDisk (NTFS) - 126 GiB total, 19.521 GiB free.

H: is Removable

I: is NetworkDisk (NTFS) - 126 GiB total, 19.521 GiB free.

S: is NetworkDisk (NTFS) - 126 GiB total, 19.521 GiB free.

W: is NetworkDisk (NTFS) - 126 GiB total, 19.521 GiB free.

Y: is NetworkDisk (NTFS) - 126 GiB total, 19.521 GiB free.

Z: is NetworkDisk (NTFS) - 10 GiB total, 3.901 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Intel® PRO/Wireless 3945ABG Network Connection

Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_135B103C&REV_02\4&29E2C51B&0&00E1

Manufacturer: Intel Corporation

Name: Intel® PRO/Wireless 3945ABG Network Connection

PNP Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_135B103C&REV_02\4&29E2C51B&0&00E1

Service: NETw5x32

.

==== System Restore Points ===================

.

RP215: 4/16/2012 2:10:42 PM - System Checkpoint

RP216: 4/17/2012 8:55:35 PM - System Checkpoint

RP217: 4/19/2012 11:55:43 AM - System Checkpoint

RP218: 4/22/2012 10:13:14 PM - System Checkpoint

RP219: 4/24/2012 10:33:42 AM - System Checkpoint

RP220: 4/25/2012 11:59:25 AM - System Checkpoint

RP221: 4/26/2012 8:24:13 PM - System Checkpoint

RP222: 4/30/2012 9:52:09 AM - System Checkpoint

RP223: 5/1/2012 11:18:36 AM - System Checkpoint

RP224: 5/2/2012 11:46:39 AM - System Checkpoint

RP225: 5/3/2012 11:48:58 AM - System Checkpoint

RP226: 5/5/2012 9:40:56 PM - System Checkpoint

RP227: 5/7/2012 11:48:38 AM - System Checkpoint

RP228: 5/8/2012 9:59:19 PM - System Checkpoint

RP229: 5/9/2012 4:29:26 PM - Software Distribution Service 3.0

RP230: 5/11/2012 11:29:19 AM - System Checkpoint

RP231: 5/13/2012 6:13:19 PM - System Checkpoint

RP232: 5/14/2012 10:32:30 PM - System Checkpoint

RP233: 5/16/2012 10:00:24 AM - System Checkpoint

RP234: 5/17/2012 12:09:15 PM - System Checkpoint

RP235: 5/18/2012 1:10:58 PM - System Checkpoint

RP236: 5/19/2012 7:35:05 PM - System Checkpoint

RP237: 5/21/2012 8:42:58 AM - System Checkpoint

RP238: 5/22/2012 12:06:20 PM - System Checkpoint

RP239: 5/23/2012 12:47:59 PM - System Checkpoint

RP240: 5/24/2012 1:03:38 PM - System Checkpoint

RP241: 5/25/2012 9:36:53 PM - System Checkpoint

RP242: 5/27/2012 6:25:35 PM - System Checkpoint

RP243: 5/28/2012 6:46:41 PM - System Checkpoint

RP244: 5/30/2012 8:51:36 AM - System Checkpoint

RP245: 5/31/2012 11:10:40 AM - System Checkpoint

RP246: 6/4/2012 11:58:37 AM - System Checkpoint

RP247: 6/4/2012 4:28:58 PM - Software Distribution Service 3.0

RP248: 6/6/2012 7:49:54 AM - System Checkpoint

RP249: 6/7/2012 11:57:40 AM - System Checkpoint

RP250: 6/9/2012 3:46:29 PM - System Checkpoint

RP251: 6/10/2012 4:03:11 PM - System Checkpoint

RP252: 6/13/2012 8:37:43 AM - System Checkpoint

RP253: 6/13/2012 10:57:09 PM - Software Distribution Service 3.0

RP254: 6/15/2012 11:32:24 AM - System Checkpoint

RP255: 6/18/2012 8:41:29 PM - System Checkpoint

RP256: 6/20/2012 8:40:26 PM - System Checkpoint

RP257: 6/21/2012 10:46:55 PM - System Checkpoint

RP258: 6/24/2012 3:00:15 PM - System Checkpoint

RP259: 6/26/2012 11:49:22 AM - System Checkpoint

RP260: 6/28/2012 11:34:02 AM - System Checkpoint

RP261: 6/29/2012 2:42:14 PM - System Checkpoint

RP262: 6/30/2012 8:07:46 PM - System Checkpoint

RP263: 7/2/2012 12:00:33 PM - System Checkpoint

RP264: 7/5/2012 9:08:20 AM - System Checkpoint

RP265: 7/6/2012 11:09:29 AM - System Checkpoint

RP266: 7/9/2012 12:26:22 PM - System Checkpoint

RP267: 7/11/2012 11:18:12 AM - System Checkpoint

RP268: 7/12/2012 10:26:11 PM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

2007 Microsoft Office Suite Service Pack 1 (SP1)

32 Bit HP CIO Components Installer

ACD32DB

Adobe Flash Player 11 ActiveX

Adobe Reader 8.1.3

Agere Systems HDA Modem

AIO_Scan

AMS 360 Client Rev 2

AMS TransactNOW Client

Apple Application Support

Apple Software Update

BlackBerry Desktop Software 6.1

Broadcom NetXtreme Ethernet Controller

BufferChm

C4200

c4200_Help

CDBurnerXP

Citrix online plug-in - web

Citrix online plug-in (DV)

Citrix online plug-in (HDX)

Citrix online plug-in (USB)

Citrix online plug-in (Web)

Copy

Coupon Printer for Windows

Credential Manager for HP ProtectTools

CustomerResearchQFolder

Destinations

DeviceManagementQFolder

DisplayLink Software

DocProc

DocProcQFolder

Dropbox

Embedded Security for HP ProtectTools

eSupportQFolder

Express ClickYes 1.2

Facebook Video Calling 1.2.0.159

fax@vantage

fax@vantage Printer Driver

GFI Business Agent

Google Earth

Google Talk Plugin

Google Toolbar for Firefox

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

GoZone iSync

HdcylindHti

Hotfix for Microsoft .NET Framework 3.0 (KB932471)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB961118)

HP 3D DriveGuard

HP BIOS Configuration for ProtectTools

HP Broadband Wireless Modules

HP Customer Participation Program 8.0

HP Imaging Device Functions 8.0

HP Integrated Module with Bluetooth wireless technology

HP OCR Software 8.0

HP PCMCIA Smart Card Reader

HP Photosmart All-In-One Software 8.0

HP Photosmart Essential

HP ProtectTools Security Manager

HP Quick Launch Buttons 6.20 D3

HP Solution Center 8.0

HP Update

HPProductAssistant

HPSSupply

ImageMixer3

Intel® Graphics Media Accelerator Driver

Interwise Participant

Java 2 Runtime Environment, SE v1.4.2_15

Java Auto Updater

Java 6 Update 31

Java 6 Update 7

Java 7 Update 3

LightScribe System Software 1.14.19.1

LightScribeTemplateLabeler

Malwarebytes Anti-Malware version 1.61.0.1400

MarketResearch

MetaFrame Presentation Server Web Client for Win32

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office Excel MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Edition 2003

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Standard 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Windows XP Video Decoder Checkup Utility

Microsoft Word Viewer 97

MotoHelper 2.0.51 Driver 5.2.0

MotoHelper MergeModules

Motorola Mobile Drivers Installation 5.2.0

Mozilla Thunderbird 13.0.1 (x86 en-US)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser (KB933579)

Octoshape add-in for Adobe Flash Player

PaperVision Document Viewer Controls

Picasa 3

PS_AIO_ProductContext

PS_AIO_Software

PS_AIO_Software_min

QuickTime

RightFax Product Suite - Client

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator Tools

Scan

Security Update for 2007 Microsoft Office System (KB2277947)

Security Update for 2007 Microsoft Office System (KB951550)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for 2007 Microsoft Office System (KB982312)

Security Update for 2007 Microsoft Office System (KB982331)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Office Excel 2007 (KB982308)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office Outlook 2007 (KB980376)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2251419)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982665)

Smilebox

SMS Advanced Client

SolutionCenter

Sonic Activation Module

SoundMAX

StarTech.com USB2DVI

Status

SUPERAntiSpyware Free Edition

Synaptics Pointing Device Driver

The Print Shop 2.0 Deluxe

Toolbox

TrayApp

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition

Update for Windows XP (KB2345886)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VNC Free Edition 4.1.1

WebFldrs XP

WebReg

Windows Defender

Windows Essentials Media Codec Pack 2.3d

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Format Runtime

Windows Media Player 11

Windows Presentation Foundation

XML Paper Specification Shared Components Pack 1.0

.

==== Event Viewer Messages From Past Week ========

.

7/8/2012 9:42:28 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the SBAMSvc service.

7/8/2012 7:39:07 PM, error: NETLOGON [5719] - No Domain Controller is available for domain EBSCO due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

7/7/2012 11:21:14 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ATMDLC

7/11/2012 11:03:11 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ATMDLC iaStor

7/11/2012 11:03:06 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

.

==== End Of File ===========================

Maniac · July 13, 2012

Hello Snake207 ... again ! I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 2

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

In your next reply, post the following log files:

Malwarebytes' Anti-Malware log
aswMBR log

Snake207 · July 14, 2012

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.11.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

XXXXXXXXXXXX-53B1264A3 [administrator]

7/14/2012 9:28:23 AM

mbam-log-2012-07-14 (09-28-23).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 355080

Time elapsed: 4 hour(s), 31 minute(s), 23 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Run date: 2012-07-14 14:01:40

-----------------------------

14:01:40.406 OS Version: Windows 5.1.2600 Service Pack 3

14:01:40.406 Number of processors: 2 586 0x1706

14:01:40.406 ComputerName: EBSCO-53B1264A3 UserName: KSandlin

14:01:42.140 Initialize success

14:02:07.343 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

14:02:07.343 Disk 0 Vendor: ST9120817AS 3.AHC Size: 114473MB BusType: 3

14:02:07.375 Disk 0 MBR read successfully

14:02:07.375 Disk 0 MBR scan

14:02:07.375 Disk 0 Windows XP default MBR code

14:02:07.375 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 114470 MB offset 63

14:02:07.406 Disk 0 scanning sectors +234436545

14:02:07.484 Disk 0 scanning C:\WINDOWS\system32\drivers

14:02:22.328 Service scanning

14:02:43.859 Modules scanning

14:02:54.812 Disk 0 trace - called modules:

14:02:54.843 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ACPI.sys atapi.sys pciide.sys PCIIDEX.SYS

14:02:54.843 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a500ab8]

14:02:54.843 3 CLASSPNP.SYS[f74e7fd7] -> nt!IofCallDriver -> [0x8a57bc58]

14:02:55.359 5 hpdskflt.sys[f77185ae] -> nt!IofCallDriver -> \Device\000000a0[0x8a54a9c8]

14:02:55.359 7 ACPI.sys[f743e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a57cd98]

14:02:55.359 Scan finished successfully

14:04:03.015 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\ksandlin\Desktop\MBR.dat"

14:04:03.031 The log file has been saved successfully to "C:\Documents and Settings\ksandlin\Desktop\aswMBR.txt"

Maniac · July 14, 2012

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Snake207 · July 16, 2012

ComboFix 12-07-14.01 - KSandlin 07/15/2012 13:27:18.5.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1410 [GMT -5:00]

Running from: c:\documents and settings\ksandlin\Desktop\ComboFix.exe

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\ksandlin\Application Data\4baa18c1

c:\documents and settings\ksandlin\Application Data\846011875.log

c:\documents and settings\ksandlin\Application Data\ab77e73e

c:\documents and settings\ksandlin\Application Data\bcd26f3b

c:\documents and settings\ksandlin\Application Data\secsme.dll

c:\documents and settings\ksandlin\Local Settings\Application Data\assembly\tmp

c:\documents and settings\ksandlin\Local Settings\Temporary Internet Files\HPPDEVX.DLL.log

c:\documents and settings\ksandlin\Start Menu\Internet Explorer.lnk

C:\install.exe

.

((((((((((((((((((((((((( Files Created from 2012-06-15 to 2012-07-15 )))))))))))))))))))))))))))))))

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-12 17:16 . 2012-06-10 04:52 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-12 17:16 . 2011-06-02 17:46 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-13 13:19 . 2008-04-14 06:00 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50 . 2011-06-01 03:17 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-05 15:50 . 2008-04-14 10:42 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-04 04:32 . 2008-04-14 10:42 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 20:19 . 2007-07-31 00:18 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 20:19 . 2007-10-03 01:29 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 20:19 . 2007-10-03 01:29 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 20:19 . 2007-10-03 01:29 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 20:19 . 2007-07-31 00:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 20:19 . 2011-06-02 07:11 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 20:19 . 2009-11-20 20:14 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 20:19 . 2008-04-14 10:41 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 20:19 . 2007-10-03 01:29 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 20:19 . 2007-10-03 01:29 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 20:19 . 2007-07-31 00:18 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 20:19 . 2007-10-03 01:29 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 20:19 . 2007-10-03 01:29 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-05-31 13:22 . 2008-04-14 10:41 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-24 13:23 . 2012-05-24 13:24 637848 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-24 13:23 . 2012-02-29 04:36 567696 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-24 13:23 . 2008-10-20 12:59 141312 ----a-w- c:\windows\system32\javacpl.cpl

2012-05-16 15:08 . 2010-06-11 19:31 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42 . 2010-06-11 19:31 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42 . 2010-06-11 19:31 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38 . 2010-06-11 19:31 385024 ----a-w- c:\windows\system32\html.iec

2012-05-04 13:16 . 2008-04-14 05:54 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46 . 2007-10-03 01:27 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2010-06-11 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

.

((((((((((((((((((((((((((((( SnapShot@2012-02-18_03.31.58 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-07-14 14:10 . 2012-07-14 14:10 16384 c:\windows\Temp\Perflib_Perfdata_764.dat

+ 2010-03-18 14:15 . 2010-03-18 14:15 51024 c:\windows\system32\vcomp100.dll

+ 2011-11-29 20:12 . 2011-11-29 20:12 16896 c:\windows\system32\spool\prtprocs\w32x86\rfprint.dll

+ 2012-05-09 21:33 . 2007-04-09 19:23 46472 c:\windows\system32\spool\drivers\w32x86\mdiui.dll

+ 2012-06-26 12:12 . 2012-06-02 20:19 45080 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll

+ 2012-06-26 12:12 . 2012-06-02 20:19 35864 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll

+ 2011-10-12 17:29 . 2011-10-12 17:29 42864 c:\windows\system32\sbbd.exe

+ 2012-03-14 04:07 . 2011-07-20 20:13 35328 c:\windows\system32\ReinstallBackups\0042\DriverFiles\RimSerial.sys

+ 2006-02-28 12:00 . 2012-06-14 04:08 88732 c:\windows\system32\perfc009.dat

+ 2010-06-11 19:31 . 2012-05-11 14:42 67072 c:\windows\system32\mshtmled.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 55296 c:\windows\system32\msfeedsbs.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 80720 c:\windows\system32\mfcm100u.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 80208 c:\windows\system32\mfcm100.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 60752 c:\windows\system32\mfc100rus.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 43344 c:\windows\system32\mfc100kor.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 43856 c:\windows\system32\mfc100jpn.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 62288 c:\windows\system32\mfc100ita.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 64336 c:\windows\system32\mfc100fra.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 63824 c:\windows\system32\mfc100esn.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 55120 c:\windows\system32\mfc100enu.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 64336 c:\windows\system32\mfc100deu.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 36176 c:\windows\system32\mfc100cht.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 36176 c:\windows\system32\mfc100chs.dll

+ 2003-05-20 13:47 . 2003-05-20 13:47 36864 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW70\dvd.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 25600 c:\windows\system32\jsproxy.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll

+ 2012-04-12 12:17 . 2011-08-30 11:56 74104 c:\windows\system32\drivers\sbapifs.sys

+ 2012-04-12 12:17 . 2011-08-30 11:56 21496 c:\windows\system32\drivers\sbaphd.sys

+ 2011-07-25 22:53 . 2011-07-25 22:53 64512 c:\windows\system32\drivers\RimUsb.sys

+ 2008-08-14 19:13 . 2011-07-20 20:13 35328 c:\windows\system32\drivers\RimSerial.sys

+ 2012-02-19 14:57 . 2012-04-04 20:56 22344 c:\windows\system32\drivers\mbam.sys

+ 2011-06-02 08:26 . 2012-05-11 14:42 12800 c:\windows\system32\dllcache\xpshims.dll

- 2011-06-02 08:26 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2007-10-03 01:29 . 2012-06-02 20:19 35864 c:\windows\system32\dllcache\wups.dll

+ 2007-10-03 01:29 . 2012-06-02 20:19 53784 c:\windows\system32\dllcache\wuauclt.exe

+ 2010-06-11 19:31 . 2012-05-11 14:42 67072 c:\windows\system32\dllcache\mshtmled.dll

- 2011-02-17 19:00 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2011-02-17 19:00 . 2012-05-11 14:42 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 43520 c:\windows\system32\dllcache\licmgr10.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 25600 c:\windows\system32\dllcache\jsproxy.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2008-04-14 10:41 . 2012-06-02 20:19 97304 c:\windows\system32\dllcache\cdm.dll

- 2007-10-03 01:38 . 2012-02-15 16:23 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

+ 2007-10-03 01:38 . 2012-05-15 15:23 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

+ 2012-02-25 04:05 . 2012-05-15 15:23 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2012-07-12 13:13 . 2012-07-12 13:13 22016 c:\windows\Installer\3c4141.msi

+ 2012-03-14 04:06 . 2012-03-14 04:06 69632 c:\windows\Installer\{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}\NewShortcut4_838BDC75346D4F49BD1D5328F986CD86.exe

+ 2012-04-24 15:25 . 2012-04-24 15:25 53248 c:\windows\Installer\{9D544611-F437-4153-913E-91CE036583CC}\ARPPRODUCTICON.exe

- 2010-01-20 21:38 . 2010-01-20 21:38 53248 c:\windows\Installer\{9D544611-F437-4153-913E-91CE036583CC}\ARPPRODUCTICON.exe

+ 2008-08-12 17:48 . 2012-07-13 03:29 35088 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\oisicon.exe

- 2008-08-12 17:48 . 2012-01-12 01:13 35088 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\oisicon.exe

- 2008-08-12 17:48 . 2012-01-12 01:13 18704 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\mspicons.exe

+ 2008-08-12 17:48 . 2012-07-13 03:29 18704 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\mspicons.exe

+ 2008-08-12 17:48 . 2012-07-13 03:29 20240 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\cagicon.exe

- 2008-08-12 17:48 . 2012-01-12 01:13 20240 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\cagicon.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe

+ 2010-08-25 18:19 . 2012-05-09 21:32 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

- 2010-08-25 18:19 . 2011-10-12 20:53 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

+ 2011-05-04 17:41 . 2011-05-04 17:41 16896 c:\windows\Installer\$PatchCache$\Managed\25E36102622935844A5E7936915A4121\10.0.0\rfprint.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 12800 c:\windows\ie8updates\KB2699988-IE8\xpshims.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 66560 c:\windows\ie8updates\KB2699988-IE8\mshtmled.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 55296 c:\windows\ie8updates\KB2699988-IE8\msfeedsbs.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 43520 c:\windows\ie8updates\KB2699988-IE8\licmgr10.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 25600 c:\windows\ie8updates\KB2699988-IE8\jsproxy.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 12800 c:\windows\ie8updates\KB2647516-IE8\xpshims.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 66560 c:\windows\ie8updates\KB2647516-IE8\mshtmled.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 55296 c:\windows\ie8updates\KB2647516-IE8\msfeedsbs.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 43520 c:\windows\ie8updates\KB2647516-IE8\licmgr10.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 25600 c:\windows\ie8updates\KB2647516-IE8\jsproxy.dll

+ 2012-04-12 16:19 . 2012-04-12 16:19 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f2daa994\System.Drawing.Design.dll

+ 2012-06-14 04:04 . 2012-06-14 04:04 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_d8dbb1ee\System.Drawing.Design.dll

+ 2012-05-10 01:00 . 2012-05-10 01:00 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3b34fc2c8c94ffe21f75168980b69dfe\System.Web.DynamicData.Design.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll

+ 2012-05-10 00:56 . 2012-05-10 00:56 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe

+ 2012-05-10 01:00 . 2012-05-10 01:00 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll

+ 2012-05-10 00:59 . 2012-05-10 00:59 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f00a18225430e7531135589688d650a1\Microsoft.VisualC.ni.dll

+ 2012-05-10 01:00 . 2012-05-10 01:00 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe

+ 2012-05-10 00:58 . 2012-05-10 00:58 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2011-09-01 21:28 . 2012-01-03 13:46 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2011-09-01 21:28 . 2012-01-03 13:46 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2011-09-01 21:28 . 2012-01-03 13:46 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2012-06-04 21:30 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2718704\update\spcustom.dll

+ 2012-06-04 21:30 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2718704\spmsg.dll

+ 2012-06-14 03:59 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2709162\update\spcustom.dll

+ 2012-06-14 03:59 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2709162\spmsg.dll

+ 2012-06-14 04:09 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2707511\update\spcustom.dll

+ 2012-06-13 20:21 . 2012-05-05 03:16 16896 c:\windows\$hf_mig$\KB2707511\update\mpsyschk.dll

+ 2012-06-14 04:09 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2707511\spmsg.dll

+ 2012-06-14 04:06 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2699988-IE8\update\spcustom.dll

+ 2012-06-14 04:06 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2699988-IE8\spmsg.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 12800 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\xpshims.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 67072 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtmled.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 55296 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\msfeedsbs.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 43520 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\licmgr10.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 25600 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\jsproxy.dll

+ 2012-05-09 21:34 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2695962\update\spcustom.dll

+ 2012-05-09 21:34 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2695962\spmsg.dll

+ 2012-05-09 21:35 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2686509\update\spcustom.dll

+ 2012-05-09 21:35 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2686509\spmsg.dll

+ 2012-06-14 04:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2685939\update\spcustom.dll

+ 2012-06-14 04:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2685939\spmsg.dll

+ 2012-05-09 21:31 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2676562\update\spcustom.dll

+ 2012-05-09 20:23 . 2012-04-11 13:53 16896 c:\windows\$hf_mig$\KB2676562\update\mpsyschk.dll

+ 2012-05-09 21:31 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2676562\spmsg.dll

+ 2012-04-12 16:20 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2675157-IE8\update\spcustom.dll

+ 2012-04-12 16:20 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2675157-IE8\spmsg.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 12800 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\xpshims.dll

+ 2012-04-11 19:21 . 2012-03-01 10:58 66560 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtmled.dll

+ 2012-04-11 19:21 . 2012-03-01 10:58 55296 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeedsbs.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 43520 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\licmgr10.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 25600 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\jsproxy.dll

+ 2012-02-20 13:41 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2661637\update\spcustom.dll

+ 2012-02-20 13:41 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2661637\spmsg.dll

+ 2012-02-20 13:44 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2660465\update\spcustom.dll

+ 2012-02-20 13:44 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2660465\spmsg.dll

+ 2012-04-12 16:16 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2653956\update\spcustom.dll

+ 2012-04-12 16:16 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2653956\spmsg.dll

+ 2012-03-14 21:28 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2647518\update\spcustom.dll

+ 2012-03-14 21:28 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2647518\spmsg.dll

+ 2012-02-20 13:44 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2647516-IE8\update\spcustom.dll

+ 2012-02-20 13:44 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2647516-IE8\spmsg.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 12800 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\xpshims.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 66560 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtmled.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 55296 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\msfeedsbs.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 43520 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\licmgr10.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 25600 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\jsproxy.dll

+ 2012-03-14 21:29 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641653\update\spcustom.dll

+ 2012-03-14 21:29 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641653\spmsg.dll

+ 2012-03-14 21:29 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2621440\update\spcustom.dll

+ 2012-03-14 21:29 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2621440\spmsg.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2012-02-15 20:54 . 2012-01-11 19:06 3072 c:\windows\system32\iacenc.dll

+ 2012-02-15 20:54 . 2012-01-11 19:06 3072 c:\windows\system32\dllcache\iacenc.dll

+ 2008-04-01 18:16 . 2012-07-13 03:26 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2012-06-14 04:08 . 2012-06-14 04:08 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

- 2011-09-01 21:28 . 2012-01-03 13:46 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2012-05-09 20:21 . 2012-04-19 11:26 8192 c:\windows\$hf_mig$\KB2686509\update\kblChecker.dll

+ 2012-02-15 20:54 . 2012-01-11 19:05 3072 c:\windows\$hf_mig$\KB2661637\SP3QFE\iacenc.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

- 2007-11-07 08:19 . 2007-11-07 08:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll

+ 2007-11-07 06:19 . 2007-11-07 06:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll

+ 2007-11-07 06:19 . 2007-11-07 06:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll

- 2007-11-07 08:19 . 2007-11-07 08:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll

+ 2007-11-07 01:23 . 2007-11-07 01:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll

- 2007-11-07 03:23 . 2007-11-07 03:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll

+ 2012-04-06 04:13 . 2012-04-06 04:13 299080 c:\windows\system32\XPSViewer\XPSViewer.exe

+ 2010-04-08 15:53 . 2010-04-08 15:53 634560 c:\windows\system32\XceedZip.dll

+ 2008-04-14 10:42 . 2012-02-29 14:10 177664 c:\windows\system32\wintrust.dll

- 2008-04-14 10:42 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 105984 c:\windows\system32\url.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 105984 c:\windows\system32\url.dll

+ 2012-05-09 21:33 . 2007-04-09 19:24 758664 c:\windows\system32\spool\drivers\w32x86\mdigraph.dll

+ 2006-02-28 12:00 . 2012-06-14 04:08 481850 c:\windows\system32\perfh009.dat

- 2010-06-11 19:31 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 206848 c:\windows\system32\occache.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 770384 c:\windows\system32\msvcr100.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 421200 c:\windows\system32\msvcp100.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 611840 c:\windows\system32\mstime.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 629760 c:\windows\system32\msfeeds.dll

+ 2012-07-12 17:16 . 2012-07-12 17:16 686280 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe

+ 2012-07-12 17:16 . 2012-07-12 17:16 465096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.dll

+ 2012-06-10 04:52 . 2012-07-12 17:16 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

+ 2003-01-15 11:32 . 2003-01-15 11:32 941048 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\runa3w32.exe

+ 1998-08-05 13:48 . 1998-08-05 13:48 270336 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW70\VCT32161.dll

+ 1999-05-22 05:37 . 1999-05-22 05:37 280576 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW70\msvcrt.dll

+ 2003-04-21 21:43 . 2003-04-21 21:43 385536 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW70\js32.dll

+ 1999-09-11 19:24 . 1999-09-11 19:24 276480 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW70\AWIML32.DLL

+ 1998-08-05 13:48 . 1998-08-05 13:48 270336 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW65\VCT32161.dll

+ 1999-05-22 05:37 . 1999-05-22 05:37 280576 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW65\msvcrt.dll

+ 1999-09-11 19:24 . 1999-09-11 19:24 276480 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW65\Awiml32.dll

+ 1998-08-05 14:48 . 1998-08-05 14:48 270336 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW60\VCT32161.dll

+ 1999-05-22 06:37 . 1999-05-22 06:37 280576 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW60\msvcrt.dll

+ 1999-09-11 20:24 . 1999-09-11 20:24 276480 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW60\Awiml32.dll

+ 1998-08-05 13:48 . 1998-08-05 13:48 270336 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW50\VCT32161.dll

+ 1999-05-22 06:37 . 1999-05-22 06:37 280576 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW50\msvcrt.dll

+ 1999-09-11 20:24 . 1999-09-11 20:24 276480 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW50\Awiml32.dll

+ 2003-06-08 01:20 . 2003-06-08 01:20 170496 c:\windows\system32\Macromed\AUTHORWA\np32asw.dll

+ 2012-05-24 13:24 . 2012-05-24 13:23 224136 c:\windows\system32\javaws.exe

+ 2012-05-24 13:24 . 2012-05-24 13:23 173960 c:\windows\system32\javaw.exe

+ 2012-05-24 13:24 . 2012-05-24 13:23 173960 c:\windows\system32\java.exe

+ 2008-04-14 10:41 . 2012-02-29 14:10 148480 c:\windows\system32\imagehlp.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 184320 c:\windows\system32\iepeers.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 387584 c:\windows\system32\iedkcs32.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll

- 2010-06-11 19:31 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe

+ 2010-06-11 19:31 . 2012-05-11 11:38 174080 c:\windows\system32\ie4uinit.exe

+ 2012-04-09 20:12 . 2012-04-09 20:12 246520 c:\windows\system32\GDIPFONTCACHEV1.DAT

+ 2007-10-02 20:23 . 2012-07-13 12:18 928480 c:\windows\system32\FNTCACHE.DAT

+ 2012-04-02 20:31 . 2011-09-09 19:46 212568 c:\windows\system32\drivers\sbtis.sys

+ 2011-08-30 11:56 . 2011-08-30 11:56 101624 c:\windows\system32\drivers\SBREDrv.sys

+ 2007-10-03 01:29 . 2012-06-02 20:19 210968 c:\windows\system32\dllcache\wuweb.dll

+ 2007-10-03 01:29 . 2012-06-02 20:19 329240 c:\windows\system32\dllcache\wucltui.dll

+ 2007-10-03 01:29 . 2012-06-02 20:19 577048 c:\windows\system32\dllcache\wuapi.dll

+ 2008-04-14 10:42 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll

- 2008-04-14 10:42 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll

+ 2010-06-11 19:31 . 2012-05-16 15:08 916992 c:\windows\system32\dllcache\wininet.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 105984 c:\windows\system32\dllcache\url.dll

+ 2008-04-14 10:42 . 2012-06-04 04:32 152576 c:\windows\system32\dllcache\schannel.dll

+ 2007-10-03 01:27 . 2012-05-02 13:46 139656 c:\windows\system32\dllcache\rdpwd.sys

- 2007-10-03 01:27 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys

+ 2010-06-11 19:31 . 2012-05-11 14:42 206848 c:\windows\system32\dllcache\occache.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 611840 c:\windows\system32\dllcache\mstime.dll

+ 2011-02-17 19:00 . 2012-05-11 14:42 629760 c:\windows\system32\dllcache\msfeeds.dll

- 2007-10-03 01:28 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll

+ 2007-10-03 01:28 . 2012-05-28 18:16 536576 c:\windows\system32\dllcache\msado15.dll

+ 2012-06-13 20:21 . 2012-05-11 14:42 521728 c:\windows\system32\dllcache\jsdbgui.dll

+ 2008-04-14 10:41 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll

- 2011-06-02 08:26 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll

+ 2011-06-02 08:26 . 2012-05-11 14:42 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2011-06-02 08:26 . 2012-05-11 14:42 743424 c:\windows\system32\dllcache\iedvtool.dll

- 2011-06-02 08:26 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2010-06-11 19:31 . 2012-05-11 11:38 174080 c:\windows\system32\dllcache\ie4uinit.exe

- 2010-06-11 19:31 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe

+ 2008-04-14 10:41 . 2012-05-31 13:22 599040 c:\windows\system32\dllcache\crypt32.dll

- 2008-04-14 10:41 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll

+ 2007-10-03 01:38 . 2012-05-15 15:23 278528 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

- 2007-10-03 01:38 . 2012-02-15 16:23 278528 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2011-11-03 20:37 . 2011-11-03 20:37 507904 c:\windows\system32\btwapi.dll

- 2009-10-24 05:34 . 2009-10-24 05:34 507904 c:\windows\system32\btwapi.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 138056 c:\windows\system32\atl100.dll

+ 2012-04-06 04:52 . 2012-04-06 04:52 131168 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll

+ 2012-04-21 12:15 . 2012-04-21 12:15 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

+ 2011-12-25 08:50 . 2011-12-25 08:50 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll

+ 2011-12-25 08:50 . 2011-12-25 08:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

+ 2011-12-25 08:50 . 2011-12-25 08:50 989968 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2012-04-25 22:45 . 2012-04-25 22:45 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll

+ 2012-02-03 04:56 . 2012-02-03 04:56 963584 c:\windows\Installer\dc2929.msp

+ 2012-04-22 02:55 . 2012-04-22 02:55 980480 c:\windows\Installer\c5039f.msp

+ 2012-05-24 13:23 . 2012-05-24 13:23 938496 c:\windows\Installer\a630.msi

+ 2012-02-29 04:36 . 2012-02-29 04:36 203776 c:\windows\Installer\9246eb.msi

+ 2012-02-29 04:36 . 2012-02-29 04:36 901120 c:\windows\Installer\9246e6.msi

+ 2012-06-24 21:00 . 2012-06-24 21:00 348160 c:\windows\Installer\7e9a0c.msi

+ 2011-12-22 21:50 . 2011-12-22 21:50 256000 c:\windows\Installer\1ed0109.msp

+ 2012-04-09 20:13 . 2012-04-09 20:13 151552 c:\windows\Installer\1afc56a.msi

+ 2012-03-21 19:18 . 2012-03-21 19:18 112640 c:\windows\Installer\169ae4c.msi

+ 2012-03-14 04:06 . 2012-03-14 04:06 413696 c:\windows\Installer\{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}\NewShortcut2_5B2EDCAA303A43629DACC3FFFABD0901.exe

+ 2012-03-14 04:06 . 2012-03-14 04:06 413696 c:\windows\Installer\{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}\NewShortcut1_9F9ABBA94B874F449DBFBD7EB1332F16.exe

+ 2012-03-14 04:06 . 2012-03-14 04:06 413696 c:\windows\Installer\{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}\ARPPRODUCTICON.exe

+ 2008-08-12 17:48 . 2012-07-13 03:29 888080 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\wordicon.exe

- 2008-08-12 17:48 . 2012-01-12 01:13 888080 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\wordicon.exe

+ 2008-08-12 17:48 . 2012-07-13 03:29 922384 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\pptico.exe

- 2008-08-12 17:48 . 2012-01-12 01:13 922384 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\pptico.exe

+ 2008-08-12 17:48 . 2012-07-13 03:29 845584 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\outicon.exe

- 2008-08-12 17:48 . 2012-01-12 01:13 845584 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\outicon.exe

- 2008-08-12 17:48 . 2012-01-12 01:13 217864 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\misc.exe

+ 2008-08-12 17:48 . 2012-07-13 03:29 217864 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\misc.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe

+ 2008-04-01 18:16 . 2012-07-13 03:26 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe

- 2008-04-01 18:16 . 2012-01-12 01:14 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe

+ 2012-06-08 16:31 . 2012-06-08 16:31 128000 c:\windows\Installer\{20163E52-9226-4853-A4E5-976319A51412}\faxctrlShortcut.exe

+ 2012-06-08 16:31 . 2012-06-08 16:31 620544 c:\windows\Installer\{20163E52-9226-4853-A4E5-976319A51412}\efmShortcut.exe

+ 2012-06-08 16:31 . 2012-06-08 16:31 400384 c:\windows\Installer\{20163E52-9226-4853-A4E5-976319A51412}\ARWizardShortcut.exe

+ 2012-06-08 16:31 . 2012-06-08 16:31 107008 c:\windows\Installer\{20163E52-9226-4853-A4E5-976319A51412}\ARConfigShortcut.exe

+ 2012-06-14 04:05 . 2012-03-01 11:01 916992 c:\windows\ie8updates\KB2699988-IE8\wininet.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 105984 c:\windows\ie8updates\KB2699988-IE8\url.dll

+ 2012-06-14 04:06 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2699988-IE8\spuninst\updspapi.dll

+ 2012-06-14 04:06 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2699988-IE8\spuninst\spuninst.exe

+ 2012-06-14 04:05 . 2012-03-01 11:01 206848 c:\windows\ie8updates\KB2699988-IE8\occache.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 611840 c:\windows\ie8updates\KB2699988-IE8\mstime.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 602112 c:\windows\ie8updates\KB2699988-IE8\msfeeds.dll

+ 2012-06-14 04:05 . 2009-03-08 09:35 521216 c:\windows\ie8updates\KB2699988-IE8\jsdbgui.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 247808 c:\windows\ie8updates\KB2699988-IE8\ieproxy.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 184320 c:\windows\ie8updates\KB2699988-IE8\iepeers.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 743424 c:\windows\ie8updates\KB2699988-IE8\iedvtool.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 387584 c:\windows\ie8updates\KB2699988-IE8\iedkcs32.dll

+ 2012-06-14 04:05 . 2012-02-29 12:17 174080 c:\windows\ie8updates\KB2699988-IE8\ie4uinit.exe

+ 2012-04-12 16:20 . 2011-12-17 19:46 916992 c:\windows\ie8updates\KB2675157-IE8\wininet.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll

+ 2012-04-12 16:20 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll

+ 2012-04-12 16:20 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe

+ 2012-04-12 16:20 . 2011-12-17 19:46 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll

+ 2012-04-12 16:20 . 2011-12-16 12:23 174080 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe

+ 2012-02-20 13:43 . 2011-11-04 19:20 916992 c:\windows\ie8updates\KB2647516-IE8\wininet.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll

+ 2012-02-20 13:44 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll

+ 2012-02-20 13:44 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe

+ 2012-02-20 13:43 . 2011-11-04 19:20 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll

+ 2012-02-20 13:43 . 2011-11-04 11:24 174080 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe

+ 2012-04-12 16:19 . 2012-04-12 16:19 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_a16c1fca\System.Drawing.dll

+ 2012-06-14 04:05 . 2012-06-14 04:05 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_0b1076cc\System.Drawing.dll

+ 2012-06-14 04:05 . 2012-06-14 04:05 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_d7dbf97a\System.Drawing.Design.dll

+ 2012-04-12 16:19 . 2012-04-12 16:19 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_ae7a4ef1\System.Drawing.Design.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe

+ 2012-06-14 12:41 . 2012-06-14 12:41 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\86e11a59f02b2dda27ec2e7cba351744\WindowsFormsIntegration.ni.dll

+ 2012-05-10 01:00 . 2012-05-10 01:00 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll

+ 2012-05-10 01:03 . 2012-05-10 01:03 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll

+ 2012-05-10 16:16 . 2012-05-10 16:16 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\698c2093d7ac57af935b399d1c0b1790\System.Web.Routing.ni.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\75248baf640115daeb0e580f1c5ff98b\System.Web.Extensions.Design.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\40c3b61ac38613e2b4b0f196e86185eb\System.Web.Entity.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\39cc9a830f7f08fd9f397be452fd78b0\System.Web.Entity.Design.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\88b1fd4792e7b698b788594d8e5e3c09\System.Web.DynamicData.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6333d22a2ea347432d46c40d93194c68\System.Web.Abstractions.ni.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll

+ 2012-05-10 00:57 . 2012-05-10 00:57 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll

+ 2012-05-10 00:57 . 2012-05-10 00:57 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\79205fe0b7319e64d6ba53f98d49a63c\System.Messaging.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll

+ 2012-05-10 16:13 . 2012-05-10 16:13 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll

+ 2012-05-10 16:13 . 2012-05-10 16:13 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cd9c60a35d4958e94d2e3dd2f778e2e9\System.IdentityModel.Selectors.ni.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.Wrapper.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll

+ 2012-06-14 12:40 . 2012-06-14 12:40 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\96a3fc1f74a00b618b70bd1701600408\System.Drawing.Design.ni.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ca484772955bc4db03b5dcb611c09423\System.DirectoryServices.Protocols.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ba5e68dddfd3279a8469d39eded48f3\System.DirectoryServices.AccountManagement.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a0109fce606a3110a5e7f9a4773f517e\System.Data.Services.Design.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3a68d0441f509ffa6f8f0fb9cfcc5780\System.Data.Services.Client.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04440b3dd5d822da4973a525ee04b05d\System.Data.Entity.Design.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\7bbb5d9e3b161b4d4b968e590442d3ae\System.Data.DataSetExtensions.ni.dll

+ 2012-05-10 00:56 . 2012-05-10 00:56 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll

+ 2012-06-14 04:03 . 2012-06-14 04:03 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\badd66e1d2b8416e9bb868ad059203c6\System.Configuration.Install.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\931a2bece4668863db4f852401c828cf\System.AddIn.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\e132b7190847dd66cbe65f6593c345a8\sysglobl.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6762f1ee780fa9c0b4ef66b285c64844\SMSvcHost.ni.exe

+ 2012-05-10 16:14 . 2012-05-10 16:14 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\47ed5bc9f42ea0054ce9acfde5e640b8\ServiceModelReg.ni.exe

+ 2012-05-10 01:03 . 2012-05-10 01:03 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a4706b850df9a3483f2fc439b6abe616\PresentationFramework.Royale.ni.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7416fe825e6e49a87fa8ff60c8971813\PresentationFramework.Classic.ni.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5a121969a115d11b6256eb960c145686\MSBuild.ni.exe

+ 2012-05-10 16:14 . 2012-05-10 16:14 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\97c613d3899b320a6765793bdf490272\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\dec22fb7d6b8929a41380e5359741a07\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2012-05-10 01:00 . 2012-05-10 01:00 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\1009b31c86a1b798fffa9e0127cec29c\Microsoft.Build.Utilities.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\21d88631ef629715d3eecdd08e62e0b8\Microsoft.Build.Engine.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a0f38c6478cca8297fb160291346c1c9\Microsoft.Build.Conversion.v3.5.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\9869c02d18825fdd32e64135a3e7246b\ComSvcConfig.ni.exe

+ 2012-06-14 13:21 . 2012-06-14 13:21 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\c0045c1c7c29c7e7cc7bd60001b729a7\AspNetMMCExt.ni.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

- 2011-09-01 21:27 . 2012-01-03 13:46 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2011-09-01 21:27 . 2012-01-03 13:46 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2012-05-09 21:38 . 2012-05-09 21:38 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll

- 2009-11-19 22:02 . 2009-11-19 22:02 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2012-05-09 21:33 . 2012-05-09 21:33 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2009-11-19 22:00 . 2009-11-19 22:00 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-05-09 21:33 . 2012-05-09 21:33 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2012-06-14 04:04 . 2012-06-14 04:04 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll

Snake207 · July 16, 2012

+ 2012-06-04 21:30 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2718704$\spuninst\updspapi.dll

+ 2012-06-04 21:30 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2718704$\spuninst\spuninst.exe

+ 2012-06-04 21:30 . 2011-09-28 07:06 599040 c:\windows\$NtUninstallKB2718704$\crypt32.dll

+ 2012-06-14 03:59 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2709162$\spuninst\updspapi.dll

+ 2012-06-14 03:59 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2709162$\spuninst\spuninst.exe

+ 2012-06-14 04:09 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2707511$\spuninst\updspapi.dll

+ 2012-06-14 04:09 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2707511$\spuninst\spuninst.exe

+ 2012-05-09 21:34 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2695962$\spuninst\updspapi.dll

+ 2012-05-09 21:34 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2695962$\spuninst\spuninst.exe

+ 2012-05-09 21:35 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2686509$\spuninst\updspapi.dll

+ 2012-05-09 21:35 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2686509$\spuninst\spuninst.exe

+ 2012-06-14 04:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2685939$\spuninst\updspapi.dll

+ 2012-06-14 04:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2685939$\spuninst\spuninst.exe

+ 2012-06-14 04:04 . 2012-01-09 16:20 139784 c:\windows\$NtUninstallKB2685939$\rdpwd.sys

+ 2012-05-09 21:31 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2676562$\spuninst\updspapi.dll

+ 2012-05-09 21:31 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2676562$\spuninst\spuninst.exe

+ 2012-02-20 13:41 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2661637$\spuninst\updspapi.dll

+ 2012-02-20 13:41 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2661637$\spuninst\spuninst.exe

+ 2012-02-20 13:44 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2660465$\spuninst\updspapi.dll

+ 2012-02-20 13:44 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2660465$\spuninst\spuninst.exe

+ 2012-05-09 21:38 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2659262$\spuninst\updspapi.dll

+ 2012-05-09 21:38 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2659262$\spuninst\spuninst.exe

+ 2012-04-12 16:16 . 2009-12-24 06:59 177664 c:\windows\$NtUninstallKB2653956$\wintrust.dll

+ 2012-04-12 16:16 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2653956$\spuninst\updspapi.dll

+ 2012-04-12 16:16 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2653956$\spuninst\spuninst.exe

+ 2012-04-12 16:16 . 2008-04-14 10:41 144384 c:\windows\$NtUninstallKB2653956$\imagehlp.dll

+ 2012-03-14 21:28 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2647518$\spuninst\updspapi.dll

+ 2012-03-14 21:28 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2647518$\spuninst\spuninst.exe

+ 2012-03-14 21:29 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2641653$\spuninst\updspapi.dll

+ 2012-03-14 21:29 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2641653$\spuninst\spuninst.exe

+ 2012-03-14 21:28 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2621440$\spuninst\updspapi.dll

+ 2012-03-14 21:28 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2621440$\spuninst\spuninst.exe

+ 2012-03-14 21:28 . 2011-06-24 14:10 139656 c:\windows\$NtUninstallKB2621440$\rdpwd.sys

+ 2012-06-04 21:30 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2718704\update\updspapi.dll

+ 2012-06-04 21:30 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2718704\update\update.exe

+ 2012-06-04 21:30 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2718704\spuninst.exe

+ 2012-05-31 13:19 . 2012-05-31 13:19 599552 c:\windows\$hf_mig$\KB2718704\SP3QFE\crypt32.dll

+ 2012-06-14 03:59 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2709162\update\updspapi.dll

+ 2012-06-14 03:59 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2709162\update\update.exe

+ 2012-06-14 03:59 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2709162\spuninst.exe

+ 2012-06-14 04:09 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2707511\update\updspapi.dll

+ 2012-06-14 04:09 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2707511\update\update.exe

+ 2012-06-14 04:09 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2707511\spuninst.exe

+ 2012-06-14 04:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2699988-IE8\update\updspapi.dll

+ 2012-06-14 04:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2699988-IE8\update\update.exe

+ 2012-06-14 04:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2699988-IE8\spuninst.exe

+ 2012-06-13 20:21 . 2012-05-16 15:06 920064 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 105984 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\url.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 206848 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\occache.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 611840 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mstime.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 630272 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\msfeeds.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 522240 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\jsdbgui.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 247808 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\ieproxy.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 184320 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\iepeers.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 743424 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\iedvtool.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 387584 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\iedkcs32.dll

+ 2012-06-13 20:21 . 2012-05-11 12:13 174080 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\ie4uinit.exe

+ 2012-05-09 21:34 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2695962\update\updspapi.dll

+ 2012-05-09 21:34 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2695962\update\update.exe

+ 2012-05-09 21:34 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2695962\spuninst.exe

+ 2012-05-09 21:35 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2686509\update\updspapi.dll

+ 2012-05-09 21:35 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2686509\update\update.exe

+ 2012-05-09 21:35 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2686509\spuninst.exe

+ 2012-06-14 04:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2685939\update\updspapi.dll

+ 2012-06-14 04:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2685939\update\update.exe

+ 2012-06-14 04:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2685939\spuninst.exe

+ 2012-06-13 20:20 . 2012-05-02 13:45 139656 c:\windows\$hf_mig$\KB2685939\SP3QFE\rdpwd.sys

+ 2012-05-09 21:31 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2676562\update\updspapi.dll

+ 2012-05-09 21:31 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2676562\update\update.exe

+ 2012-05-09 21:31 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2676562\spuninst.exe

+ 2012-04-12 16:20 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2675157-IE8\update\updspapi.dll

+ 2012-04-12 16:20 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2675157-IE8\update\update.exe

+ 2012-04-12 16:20 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2675157-IE8\spuninst.exe

+ 2012-04-11 19:20 . 2012-03-01 10:58 919552 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll

+ 2012-04-11 19:21 . 2012-03-01 10:58 105984 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\url.dll

+ 2012-04-11 19:21 . 2012-03-01 10:58 206848 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\occache.dll

+ 2012-04-11 19:21 . 2012-03-01 10:58 611840 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mstime.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 602112 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeeds.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 247808 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieproxy.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 184320 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iepeers.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 743424 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedvtool.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 387584 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedkcs32.dll

+ 2012-04-11 19:20 . 2012-02-29 12:30 174080 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ie4uinit.exe

+ 2012-02-20 13:41 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2661637\update\updspapi.dll

+ 2012-02-20 13:41 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2661637\update\update.exe

+ 2012-02-20 13:41 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2661637\spuninst.exe

+ 2012-02-20 13:44 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2660465\update\updspapi.dll

+ 2012-02-20 13:44 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2660465\update\update.exe

+ 2012-02-20 13:44 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2660465\spuninst.exe

+ 2012-04-12 16:16 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2653956\update\updspapi.dll

+ 2012-04-12 16:16 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2653956\update\update.exe

+ 2012-04-12 16:16 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2653956\spuninst.exe

+ 2012-02-29 14:08 . 2012-02-29 14:08 178176 c:\windows\$hf_mig$\KB2653956\SP3QFE\wintrust.dll

+ 2012-02-29 14:08 . 2012-02-29 14:08 148480 c:\windows\$hf_mig$\KB2653956\SP3QFE\imagehlp.dll

+ 2012-03-14 21:28 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2647518\update\updspapi.dll

+ 2012-03-14 21:28 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2647518\update\update.exe

+ 2012-03-14 21:28 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2647518\spuninst.exe

+ 2012-02-20 13:44 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2647516-IE8\update\updspapi.dll

+ 2012-02-20 13:44 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2647516-IE8\update\update.exe

+ 2012-02-20 13:44 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2647516-IE8\spuninst.exe

+ 2012-02-15 20:56 . 2011-12-17 19:45 919552 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 105984 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\url.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 206848 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\occache.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 611840 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mstime.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 602112 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\msfeeds.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 247808 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ieproxy.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 184320 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iepeers.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 743424 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iedvtool.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 387584 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iedkcs32.dll

+ 2012-02-15 20:56 . 2011-12-16 12:33 174080 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ie4uinit.exe

+ 2012-03-14 21:29 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641653\update\updspapi.dll

+ 2012-03-14 21:29 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641653\update\update.exe

+ 2012-03-14 21:29 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641653\spuninst.exe

+ 2012-03-14 21:29 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2621440\update\updspapi.dll

+ 2012-03-14 21:29 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2621440\update\update.exe

+ 2012-03-14 21:29 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2621440\spuninst.exe

+ 2012-03-14 19:42 . 2012-01-09 16:19 139784 c:\windows\$hf_mig$\KB2621440\SP3QFE\rdpwd.sys

+ 2012-05-09 20:23 . 2012-02-09 15:43 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll

+ 2011-07-20 22:23 . 2011-07-20 22:23 1112288 c:\windows\system32\WdfCoInstaller01007.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 1212416 c:\windows\system32\urlmon.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll

+ 2008-04-14 10:42 . 2012-06-08 14:26 8462848 c:\windows\system32\shell32.dll

+ 2012-03-14 04:07 . 2011-07-20 22:23 1112288 c:\windows\system32\ReinstallBackups\0042\DriverFiles\WdfCoInstaller01007.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 6007808 c:\windows\system32\mshtml.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 4368720 c:\windows\system32\mfc100u.dll

+ 2010-03-18 14:15 . 2010-03-18 14:15 4342088 c:\windows\system32\mfc100.dll

+ 2003-06-08 05:03 . 2003-06-08 05:03 1756160 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW70\runa7w32.exe

+ 2002-09-12 19:46 . 2002-09-12 19:46 1789440 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW65\runa6w32.exe

+ 2001-08-22 06:56 . 2001-08-22 06:56 1528832 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW60\runa6w32.exe

+ 2000-10-15 11:20 . 2000-10-15 11:20 1476096 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW50\runa5w32.exe

+ 1998-05-08 09:35 . 1998-05-08 09:35 1367552 c:\windows\system32\Macromed\AUTHORWA\NP32ASW\AW40\runa4w32.exe

+ 2010-06-11 19:31 . 2012-05-11 14:42 2000384 c:\windows\system32\iertutil.dll

- 2010-06-11 19:31 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll

+ 2007-10-03 01:29 . 2012-06-02 20:19 1933848 c:\windows\system32\dllcache\wuaueng.dll

+ 2008-04-14 06:00 . 2012-06-13 13:19 1866112 c:\windows\system32\dllcache\win32k.sys

- 2010-06-11 19:31 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 1212416 c:\windows\system32\dllcache\urlmon.dll

+ 2008-04-14 10:42 . 2012-06-08 14:26 8462848 c:\windows\system32\dllcache\shell32.dll

+ 2011-06-02 07:14 . 2012-05-04 13:12 2192640 c:\windows\system32\dllcache\ntoskrnl.exe

+ 2011-06-02 07:14 . 2012-05-04 12:32 2026496 c:\windows\system32\dllcache\ntkrpamp.exe

+ 2009-02-08 00:02 . 2012-05-04 12:32 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe

+ 2011-06-02 07:14 . 2012-05-04 13:16 2148352 c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2008-04-14 10:42 . 2012-06-05 15:50 1372672 c:\windows\system32\dllcache\msxml6.dll

- 2008-04-14 10:42 . 2009-07-31 15:05 1372672 c:\windows\system32\dllcache\msxml6.dll

+ 2008-04-14 10:42 . 2012-06-05 15:50 1172480 c:\windows\system32\dllcache\msxml3.dll

- 2008-04-14 10:42 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll

+ 2010-06-11 19:31 . 2012-05-11 14:42 6007808 c:\windows\system32\dllcache\mshtml.dll

- 2011-02-17 19:00 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll

+ 2011-02-17 19:00 . 2012-05-11 14:42 2000384 c:\windows\system32\dllcache\iertutil.dll

+ 2012-03-20 10:23 . 2012-03-20 10:23 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll

- 2011-03-25 11:15 . 2011-03-25 11:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll

+ 2011-12-25 08:50 . 2011-12-25 08:50 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll

+ 2012-03-20 10:23 . 2012-03-20 10:23 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll

- 2008-07-25 17:17 . 2008-07-25 17:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll

+ 2011-12-25 08:50 . 2011-12-25 08:50 5913360 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

- 2011-07-07 10:18 . 2011-07-07 10:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2011-12-25 08:50 . 2011-12-25 08:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2012-04-26 07:32 . 2012-04-26 07:32 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp

+ 2012-03-27 05:28 . 2012-03-27 05:28 5009920 c:\windows\Installer\dc2941.msp

+ 2012-01-31 01:46 . 2012-01-31 01:46 7069184 c:\windows\Installer\dc2931.msp

+ 2012-03-22 18:09 . 2012-03-22 18:09 5521920 c:\windows\Installer\dc2922.msp

+ 2012-06-08 16:31 . 2012-06-08 16:31 2670592 c:\windows\Installer\d125ed.msi

+ 2012-05-30 12:17 . 2012-05-30 12:17 5010432 c:\windows\Installer\c503da.msp

+ 2012-04-26 00:32 . 2012-04-26 00:32 7069184 c:\windows\Installer\c50399.msp

+ 2012-03-21 04:57 . 2012-03-21 04:57 6188544 c:\windows\Installer\c50390.msp

+ 2012-04-24 15:25 . 2012-04-24 15:25 3556352 c:\windows\Installer\94029f.msi

+ 2012-06-19 17:54 . 2012-06-19 17:54 5009920 c:\windows\Installer\67d553.msp

+ 2012-06-29 19:33 . 2012-06-29 19:33 6063616 c:\windows\Installer\67d542.msp

+ 2011-10-31 04:54 . 2011-10-31 04:54 2748416 c:\windows\Installer\32fc1.msp

+ 2012-02-03 21:13 . 2012-02-03 21:13 4988928 c:\windows\Installer\32fb0.msp

+ 2012-01-25 20:55 . 2012-01-25 20:55 5520384 c:\windows\Installer\32fa0.msp

+ 2012-04-30 19:38 . 2012-04-30 19:38 5011456 c:\windows\Installer\1ed00f5.msp

+ 2012-04-09 21:50 . 2012-04-09 21:50 6829568 c:\windows\Installer\1ed00d8.msp

+ 2012-03-20 03:02 . 2012-03-20 03:02 6695936 c:\windows\Installer\1ed00c4.msp

+ 2012-04-27 20:09 . 2012-04-27 20:09 5521408 c:\windows\Installer\1ed00af.msp

+ 2012-04-17 17:11 . 2012-04-17 17:11 7681024 c:\windows\Installer\1ed0091.msp

+ 2012-03-06 02:34 . 2012-03-06 02:34 5519872 c:\windows\Installer\1db48dd.msp

+ 2012-03-01 04:45 . 2012-03-01 04:45 4989440 c:\windows\Installer\1db48c9.msp

- 2008-08-12 17:48 . 2012-01-12 01:13 1172240 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\xlicons.exe

+ 2008-08-12 17:48 . 2012-07-13 03:29 1172240 c:\windows\Installer\{90120000-0012-0000-0000-0000000FF1CE}\xlicons.exe

+ 2012-06-14 04:05 . 2012-03-01 11:01 1212416 c:\windows\ie8updates\KB2699988-IE8\urlmon.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 5978624 c:\windows\ie8updates\KB2699988-IE8\mshtml.dll

+ 2012-06-14 04:05 . 2012-03-01 11:01 2000384 c:\windows\ie8updates\KB2699988-IE8\iertutil.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 1212416 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 5979136 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll

+ 2012-04-12 16:20 . 2011-12-17 19:46 2000384 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 1212416 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 5978112 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 2000384 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll

+ 2011-06-02 07:14 . 2012-05-04 13:12 2192640 c:\windows\Driver Cache\i386\ntoskrnl.exe

+ 2011-06-02 07:14 . 2012-05-04 12:32 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2009-02-08 00:02 . 2012-05-04 12:32 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe

+ 2011-06-02 07:14 . 2012-05-04 13:16 2148352 c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2012-06-14 04:05 . 2012-06-14 04:05 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_8c6aebc2\System.Windows.Forms.dll

+ 2012-06-14 04:04 . 2012-06-14 04:04 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_72d4e3ee\System.Windows.Forms.dll

+ 2012-04-12 16:19 . 2012-04-12 16:19 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_67040e2b\System.Windows.Forms.dll

+ 2012-04-12 16:19 . 2012-04-12 16:19 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_64bd5378\System.Windows.Forms.dll

+ 2012-06-14 04:05 . 2012-06-14 04:05 2252800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_14dd9a8b\System.Drawing.dll

+ 2012-04-12 16:19 . 2012-04-12 16:19 2248704 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_0ce97b50\System.Drawing.dll

+ 2012-04-12 16:19 . 2012-04-12 16:19 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_ec2e69b1\System.Design.dll

+ 2012-06-14 04:05 . 2012-06-14 04:05 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_9a93bb2d\System.Design.dll

+ 2012-04-12 16:19 . 2012-04-12 16:19 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_985cb473\System.Design.dll

+ 2012-06-14 04:05 . 2012-06-14 04:05 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_58aec502\System.Design.dll

+ 2012-05-10 00:59 . 2012-05-10 00:59 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll

+ 2012-05-10 01:03 . 2012-05-10 01:03 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\41a81b97625c113b591ed082c95276e2\UIAutomationClientsideProviders.ni.dll

+ 2012-05-10 00:55 . 2012-05-10 00:55 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll

+ 2012-05-10 00:57 . 2012-05-10 00:57 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bd5bd406670d483b82bd51249eee59e3\System.WorkflowServices.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\77361ebe9ad8ff77cc9a8d7f8363eb05\System.Workflow.Runtime.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1c12dfa7826b331b243b7b45daf9904d\System.Workflow.ComponentModel.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\514bf0e69e2c9fc8509cd23236057356\System.Workflow.Activities.ni.dll

+ 2012-06-14 04:05 . 2012-06-14 04:05 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\77f8cde07b131839f1841be702837e8e\System.Web.Mobile.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\242b168aaca18197eca371ec269e23ac\System.Web.Extensions.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll

+ 2012-05-10 16:13 . 2012-05-10 16:13 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll

+ 2012-06-14 12:39 . 2012-06-14 12:39 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d380f1813e27c2a086e62f0218669d67\System.Printing.ni.dll

+ 2012-05-10 16:13 . 2012-05-10 16:13 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e09496ddb2bf6f3b69707924f2e6b5ff\System.IdentityModel.ni.dll

+ 2012-06-14 04:09 . 2012-06-14 04:09 1592320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll

+ 2012-05-10 01:01 . 2012-05-10 01:01 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b55887436d2cfbe1fb32dd18d554185b\System.DirectoryServices.ni.dll

+ 2012-06-14 04:09 . 2012-06-14 04:09 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\7a53d68ad544f8e9edfdbd5a90a48fd3\System.Deployment.ni.dll

+ 2012-05-10 01:01 . 2012-05-10 01:01 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll

+ 2012-05-10 00:57 . 2012-05-10 00:57 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\982b508698278c6ffb3d143bbe1e8bb8\System.Data.SqlXml.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de7666b1cd0a1bc363726c9553dc39c\System.Data.Services.ni.dll

+ 2012-05-10 01:02 . 2012-05-10 01:02 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\7afb1abdbb8ba32cf578ff8ea4e45d99\System.Data.OracleClient.ni.dll

+ 2012-05-10 01:03 . 2012-05-10 01:03 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\44a5fc9e7c71b1fe1e2c79b03ecc3bc7\System.Data.Linq.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\772c94f595cd87b7fa187d592ef46fcf\System.Data.Entity.ni.dll

+ 2012-05-10 01:03 . 2012-05-10 01:03 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll

+ 2012-06-14 12:39 . 2012-06-14 12:39 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\443dd7f0b84c3de54b1a72be655e307c\ReachFramework.ni.dll

+ 2012-06-14 12:39 . 2012-06-14 12:39 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\48ddcafff1a5603fb3289e90330275c0\PresentationUI.ni.dll

+ 2012-05-10 01:00 . 2012-05-10 01:00 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\8c509044eea2ab22689ea43926b30108\PresentationBuildTasks.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll

+ 2012-05-10 16:15 . 2012-05-10 16:15 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\4e463dcf2a03c71913a61b44c32e2389\Microsoft.Build.Tasks.ni.dll

+ 2012-06-14 13:22 . 2012-06-14 13:22 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\395b4a85c7941ac4dd9d1c6f5eb444c7\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll

+ 2012-05-09 21:33 . 2012-05-09 21:33 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll

- 2010-08-30 12:52 . 2010-08-30 12:52 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

- 2011-09-01 21:28 . 2012-01-03 13:46 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2011-09-01 21:27 . 2012-01-03 13:46 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2012-01-03 13:46 . 2012-01-03 13:46 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2012-05-09 21:33 . 2012-05-09 21:33 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll

- 2011-09-01 21:27 . 2012-01-03 13:45 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

- 2011-09-01 21:28 . 2012-01-03 13:46 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2012-05-09 21:33 . 2012-05-09 21:33 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2012-06-14 04:08 . 2012-06-14 04:08 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

- 2011-09-01 21:28 . 2012-01-03 13:46 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2012-06-14 03:59 . 2012-04-11 13:12 1862272 c:\windows\$NtUninstallKB2709162$\win32k.sys

+ 2012-06-14 04:09 . 2012-04-11 13:14 2148352 c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe

+ 2012-06-14 04:09 . 2012-04-11 12:35 2026496 c:\windows\$NtUninstallKB2707511$\ntkrpamp.exe

+ 2012-06-14 04:09 . 2012-04-11 12:35 2026496 c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe

+ 2012-06-14 04:09 . 2012-04-11 13:14 2148352 c:\windows\$NtUninstallKB2707511$\ntkrnlmp.exe

+ 2012-05-09 21:31 . 2012-02-03 09:22 1860096 c:\windows\$NtUninstallKB2676562$\win32k.sys

+ 2012-05-09 21:31 . 2011-10-25 13:37 2148864 c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe

+ 2012-05-09 21:31 . 2011-10-25 12:52 2027008 c:\windows\$NtUninstallKB2676562$\ntkrpamp.exe

+ 2012-05-09 21:31 . 2011-10-25 12:52 2027008 c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe

+ 2012-05-09 21:31 . 2011-10-25 13:37 2148864 c:\windows\$NtUninstallKB2676562$\ntkrnlmp.exe

+ 2012-02-20 13:44 . 2011-11-23 13:25 1859584 c:\windows\$NtUninstallKB2660465$\win32k.sys

+ 2012-03-14 21:29 . 2012-01-12 16:53 1859968 c:\windows\$NtUninstallKB2641653$\win32k.sys

+ 2012-05-15 13:27 . 2012-05-15 13:27 1872128 c:\windows\$hf_mig$\KB2709162\SP3QFE\win32k.sys

+ 2012-05-04 13:20 . 2012-05-04 13:20 2192640 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe

+ 2012-05-04 12:41 . 2012-05-04 12:41 2026496 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrpamp.exe

+ 2012-05-04 12:41 . 2012-05-04 12:41 2069120 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe

+ 2012-05-04 13:24 . 2012-05-04 13:24 2148352 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlmp.exe

+ 2012-06-13 20:21 . 2012-05-11 14:41 1214464 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\urlmon.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 6009344 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 2001408 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\iertutil.dll

+ 2012-04-11 13:23 . 2012-04-11 13:23 1871360 c:\windows\$hf_mig$\KB2676562\SP3QFE\win32k.sys

+ 2012-04-11 13:22 . 2012-04-11 13:22 2192640 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe

+ 2012-04-11 12:42 . 2012-04-11 12:42 2026496 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrpamp.exe

+ 2012-04-11 12:42 . 2012-04-11 12:42 2069120 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe

+ 2012-04-11 13:26 . 2012-04-11 13:26 2148352 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlmp.exe

+ 2012-04-11 19:20 . 2012-03-01 10:58 1214464 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\urlmon.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 5980672 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 2001408 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iertutil.dll

+ 2012-01-12 16:54 . 2012-01-12 16:54 1869056 c:\windows\$hf_mig$\KB2660465\SP3QFE\win32k.sys

+ 2012-02-15 20:56 . 2011-12-17 19:45 1214464 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\urlmon.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 5980160 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 2001408 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\iertutil.dll

+ 2012-03-14 19:42 . 2012-02-03 09:26 1869184 c:\windows\$hf_mig$\KB2641653\SP3QFE\win32k.sys

+ 2010-06-11 19:31 . 2012-05-12 01:12 11111424 c:\windows\system32\ieframe.dll

+ 2011-02-17 19:00 . 2012-05-12 01:12 11111424 c:\windows\system32\dllcache\ieframe.dll

+ 2012-03-28 23:10 . 2012-03-28 23:10 12098048 c:\windows\Installer\dc290e.msp

+ 2012-03-14 04:06 . 2012-03-14 04:06 22176768 c:\windows\Installer\b73b9b.msi

+ 2012-02-20 13:42 . 2012-02-20 13:42 20333056 c:\windows\Installer\32fbb.msp

+ 2012-04-06 07:12 . 2012-04-06 07:12 15709696 c:\windows\Installer\1ed0110.msp

+ 2012-01-04 07:25 . 2012-01-04 07:25 17751552 c:\windows\Installer\1ed0102.msp

+ 2012-04-06 08:13 . 2012-04-06 08:13 16527872 c:\windows\Installer\1ed00e4.msp

+ 2012-05-09 21:31 . 2012-05-09 21:31 23771136 c:\windows\Installer\1ed009c.msp

+ 2012-06-14 04:05 . 2012-03-02 11:01 11082752 c:\windows\ie8updates\KB2699988-IE8\ieframe.dll

+ 2012-04-12 16:20 . 2011-12-18 20:46 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll

+ 2012-02-20 13:43 . 2011-11-04 19:20 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll

+ 2012-02-20 13:36 . 2012-02-20 13:36 19714560 c:\windows\Downloaded Installations\{4F648358-A440-4F0D-AD02-D98B9C329FE3}\AMS360ClientInstaller.msi

+ 2012-06-14 04:09 . 2012-06-14 04:09 12433920 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll

+ 2012-06-14 12:40 . 2012-06-14 12:40 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll

+ 2012-05-10 16:14 . 2012-05-10 16:14 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll

+ 2012-06-14 12:40 . 2012-06-14 12:40 10682368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f73a8455f384e90f6925309336fece24\System.Design.ni.dll

+ 2012-06-14 12:36 . 2012-06-14 12:36 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e4ecfaaf5417aceecb7fa8abddf06113\PresentationFramework.ni.dll

+ 2012-06-14 04:09 . 2012-06-14 04:09 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f33e2a4d9b385234406fa2d662f78875\PresentationCore.ni.dll

+ 2012-05-10 00:55 . 2012-05-10 00:55 11492352 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll

+ 2012-06-13 20:21 . 2012-05-11 14:41 11112960 c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\ieframe.dll

+ 2012-04-11 19:20 . 2012-03-01 10:58 11085312 c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieframe.dll

+ 2012-02-15 20:56 . 2011-12-17 19:45 11085312 c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\ieframe.dll

.

-- Snapshot reset to current date --

Snake207 · July 16, 2012

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\documents and settings\ksandlin\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\documents and settings\ksandlin\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\documents and settings\ksandlin\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\documents and settings\ksandlin\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-15 39408]

"Facebook Update"="c:\documents and settings\ksandlin\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]

"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-03-05 159744]

"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-10-12 304568]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-26 155648]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-09-01 90448]

"SBAMTray"="c:\program files\GFI Software\GFIAgent\SBAMTray.exe" [2011-10-12 1627504]

"RightFAX Print-to-Fax Driver"="c:\program files\RightFax\Client\faxctrl.exe" [2011-05-04 128000]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"_nltide_2"="shell32" [X]

.

c:\documents and settings\ksandlin\Start Menu\Programs\Startup\

Dropbox.lnk - c:\documents and settings\ksandlin\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

Launch ClickYes.lnk - c:\program files\Express ClickYes\ClickYes.exe [2005-7-27 32256]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]

ImageMixer HDD Camera Monitor.lnk - c:\program files\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2008-8-17 2117632]

RightFax system tray icon.lnk - c:\windows\Installer\{4BABDCF6-9FAA-4B6E-A9DE-D15A7EA800D3}\FaxCtrl_English_4BABDCF69FAA4B6EA9DED15A7EA800D3.exe [N/A]

TransactNOW Monitor.lnk - c:\program files\AMS Services\TransactNOW\OALaunch.exe [2010-4-26 156672]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoWelcomeScreen"= 1 (0x1)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoWelcomeScreen"= 1 (0x1)

"DisableThumbnails"= 0 (0x0)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 20:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]

2007-02-07 06:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Documents and Settings\\ksandlin\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=

"c:\\Documents and Settings\\ksandlin\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

"%windir%\explorer.exe"= %windir%\explorer.exe

"c:\\Program Files\\Research In Motion\\BlackBerry Desktop1\\Rim.Desktop.exe"=

"c:\\Documents and Settings\\ksandlin\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=

"c:\\Program Files\\GFI Software\\GFIAgent\\SBAMSvc.exe"=

"c:\\WINDOWS\\system32\\WUAUCLT.EXE"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5900:TCP"= 5900:TCP:192.168.87.0/255.255.255.0,192.168.201.0/255.255.255.0:Enabled:VNC

"5800:TCP"= 5800:TCP:192.168.87.0/255.255.255.0,192.168.201.0/255.255.255.0:Enabled:VNC1

"137:UDP"= 137:UDP:192.168.87.0/255.255.255.0,192.168.201.0/255.255.255.0:Enabled:File and Print Sharing

"138:UDP"= 138:UDP:192.168.87.0/255.255.255.0,192.168.201.0/255.255.255.0:Enabled:File and Print Sharing

"139:TCP"= 139:TCP:192.168.87.0/255.255.255.0,192.168.201.0/255.255.255.0:Enabled:File and Print Sharing

"445:TCP"= 445:TCP:192.168.87.0/255.255.255.0,192.168.201.0/255.255.255.0:Enabled:File and Print Sharing

"3389:TCP"= 3389:TCP:192.168.87.0/255.255.255.0,192.168.201.0/255.255.255.0:Enabled:Remote Desktop

"62515:UDP"= 62515:UDP:VPN

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings]

"Enabled"= 1 (0x1)

.

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [7/14/2010 1:51 PM 65584]

R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [1/23/2007 9:07 PM 39080]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [11/23/2009 9:43 AM 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [11/23/2009 9:43 AM 67656]

R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [4/12/2012 7:17 AM 21496]

R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [8/30/2011 6:56 AM 101624]

R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [4/2/2012 3:31 PM 212568]

R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4/14/2008 5:42 AM 14336]

R2 DisplayLinkService;DisplayLink Service;c:\program files\DisplayLink Software\DisplayLinkService.exe [11/6/2007 10:59 AM 417792]

R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [4/26/2011 3:23 PM 223088]

R2 SBAMSvc;VIPRE Business;c:\program files\GFI Software\GFIAgent\SBAMSvc.exe [10/12/2011 12:28 PM 2804312]

R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [4/12/2012 7:17 AM 74104]

R2 SBPIMSvc;SB Recovery Service;c:\program files\GFI Software\GFIAgent\SBPIMSvc.exe [10/12/2011 12:28 PM 181616]

R2 SWIHPWMI;SWIHPWMI;c:\program files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [12/4/2006 4:13 PM 292384]

R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [10/5/2006 10:11 PM 13592]

R3 DisplayLinkGA;DisplayLinkGA;c:\windows\system32\drivers\DisplayLinkGAport.sys [3/9/2007 12:09 PM 25704]

R3 DisplayLinkmirror;DisplayLinkmirror;c:\windows\system32\drivers\DisplayLinkmirrorport.sys [3/9/2007 12:16 PM 23400]

R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [10/2/2007 8:51 PM 36608]

S1 ATMDLC;Attachmate DLC Protocol;c:\windows\system32\DRIVERS\atmdlc.sys --> c:\windows\system32\DRIVERS\atmdlc.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/22/2009 10:58 AM 135664]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [6/9/2012 11:52 PM 250056]

S3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\drivers\DisplayLinkUsbPort.sys [8/14/2008 2:39 PM 26600]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/22/2009 10:58 AM 135664]

S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [10/2/2007 8:53 PM 33024]

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [11/23/2009 9:43 AM 12872]

S4 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [4/14/2008 5:42 AM 14336]

S4 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - ASWMBR

*Deregistered* - aswMBR

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Cognizance REG_MULTI_SZ ASBroker ASChannel

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-07-30 15:39 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-10 17:16]

.

2012-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1164127803-1809399719-1542849698-29222Core.job

- c:\documents and settings\ksandlin\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-08-24 00:32]

.

2012-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1164127803-1809399719-1542849698-29222UA.job

- c:\documents and settings\ksandlin\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-08-24 00:32]

.

2012-07-13 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-15 12:31]

.

2012-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-22 15:58]

.

2012-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-22 15:58]

.

2012-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1164127803-1809399719-1542849698-29222Core.job

- c:\documents and settings\ksandlin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-30 22:35]

.

2012-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1164127803-1809399719-1542849698-29222UA.job

- c:\documents and settings\ksandlin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-30 22:35]

.

2012-06-14 c:\windows\Tasks\MotoHelper MUM.job

- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26 20:23]

.

2012-07-13 c:\windows\Tasks\MotoHelper Routing.job

- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26 20:23]

.

2012-06-14 c:\windows\Tasks\MotoHelper Update.job

- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-04-26 20:23]

.

2012-07-15 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Windows Defender\MpCmdRun.exe [2006-10-06 03:11]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *;<local>;192.168.*.*

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

Trusted Zone: ams-benefits.com

Trusted Zone: ams-services.com

Trusted Zone: ams-support.com

Trusted Zone: ams360.com

Trusted Zone: amsservices.com

Trusted Zone: caccini

Trusted Zone: google.com\www

Trusted Zone: prevailnetwork.com

Trusted Zone: vertafore.com

TCP: DhcpNameServer = 192.168.11.1

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB

DPF: {7A162288-DE78-473C-A6BA-23FF17F768E9} - hxxp://aig.interwise.com/rmis/application/EventEntry/AxWebInstaller.cab

DPF: {ACF93F61-9F60-4C1E-A015-E3B3812BD58C} - hxxp://www.strategicwc.com/DTS/PV/Webserver/CABS/PVDMDocView400.cab

DPF: {C2AD5B59-154E-4090-91F5-19FC1410E8EE} - hxxp://www.koreatimes.co.kr/www/TTS/App/Downloader.cab

DPF: {CA9DABAF-EE22-4B29-9C60-91F85E81A894} - hxxps://webfnol.firemansfund.com:446/AICS.WebFNOL/WebFNOL/WebFNOL/CheckFileSize.CAB

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-mecoal - c:\documents and settings\ksandlin\Application Data\mecoal.dll

HKLM-Run-secsme - c:\documents and settings\ksandlin\Application Data\secsme.dll

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-07-15 13:50

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(740)

c:\program files\SUPERAntiSpyware\SASWINLO.dll

c:\windows\system32\WININET.dll

c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll

c:\windows\system32\igfxdev.dll

.

Completion time: 2012-07-15 13:53:35

ComboFix-quarantined-files.txt 2012-07-15 18:53

ComboFix2.txt 2012-02-18 23:12

ComboFix3.txt 2012-02-18 03:35

.

Pre-Run: 75,346,911,232 bytes free

Post-Run: 76,048,138,240 bytes free

.

- - End Of File - - FD64F7CEAE3CD6F5F312FC8F338C1F58

Maniac · July 16, 2012

Please go to www.virustotal.com and upload the following file:

c:\windows\system32\sfcfiles.dll

Wait, until scan finished and copy/paste the link in your next reply here.

Snake207 · July 17, 2012

SHA256: 8b9ef2f37266e7dcb4ebfc0e3f0065f6f5cc0d9555d7589ce8b5ca42cd158fc4 SHA1: c8c2d44f34115f27f10bc435dd986d4eff00fe3f MD5: 362bc5af8eaf712832c58cc13ae05750 File size: 1.5 MB ( 1614848 bytes ) File name: c:\windows\system32\sfcfiles.dll File type: Win32 DLL Detection ratio: 0 / 42 Analysis date: 2012-07-17 04:07:43 UTC ( 2 minutes ago )

Maniac · July 17, 2012

Good!

Please compress the following folder: C:\Qoobox\Quarantine and upload it somewhere, for example in www.rapidshare.com . Next, send me a download link via PM.

http://support.microsoft.com/kb/306531

Thanks in advance!

Snake207 · July 17, 2012

You've got mail.

Maniac · July 17, 2012

Thanks for everything!

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

Tick the box next to YES, I accept the Terms of Use
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked
Click Scan (This scan can take several hours, so please be patient)
Once the scan is completed, you may close the window
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic

Snake207 · July 17, 2012

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=1be85ce6ecebb541a616df99949d5c85

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-07-17 07:07:31

# local_time=2012-07-17 02:07:31 (-0600, Central Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=6143 16777215 0 0 0 0 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=99860

# found=2

# cleaned=2

# scan_time=3516

C:\Qoobox\Quarantine\C\Documents and Settings\ksandlin\Application Data\secsme.dll.vir a variant of Win32/Medfos.AJ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{4DB671DC-6F44-4148-81C6-17FCECE501B4}\RP269\A0081146.dll a variant of Win32/Medfos.AJ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Maniac · July 17, 2012

How is your system now?

Snake207 · July 18, 2012

No more redirects! Thank you!!!

Maniac · July 18, 2012

Glad I could help!

Please uninstall ComboFix:

www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

Next, uninstall ESET Online Scanner and manually delete DDS and aswMBR.

Some malware prevention tips:

http://forums.malwarebytes.org/index.php?showtopic=104379&pid=515983&st=0entry515983

Safe surfing!

LDTate · July 21, 2012

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Snake207 · July 24, 2012

Spoke too soon - redirects are back.

Maniac · July 24, 2012

Please generate a new fresh DDS log file.

Snake207 · July 24, 2012

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 5/31/2011 10:20:25 PM

System Uptime: 7/24/2012 7:30:56 AM (3 hours ago)

.

Motherboard: Hewlett-Packard | | 30C0

Processor: Intel Pentium III Xeon processor | U10 | 2094/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 74.079 GiB free.

D: is CDROM ()

G: is NetworkDisk (NTFS) - 126 GiB total, 18.67 GiB free.

I: is NetworkDisk (NTFS) - 126 GiB total, 18.67 GiB free.

S: is NetworkDisk (NTFS) - 126 GiB total, 18.67 GiB free.

W: is NetworkDisk (NTFS) - 126 GiB total, 18.67 GiB free.

Y: is NetworkDisk (NTFS) - 126 GiB total, 18.67 GiB free.

Z: is NetworkDisk (NTFS) - 10 GiB total, 3.93 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Intel® PRO/Wireless 3945ABG Network Connection

Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_135B103C&REV_02\4&29E2C51B&0&00E1

Manufacturer: Intel Corporation

Name: Intel® PRO/Wireless 3945ABG Network Connection

PNP Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_135B103C&REV_02\4&29E2C51B&0&00E1

Service: NETw5x32

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

2007 Microsoft Office Suite Service Pack 1 (SP1)

32 Bit HP CIO Components Installer

ACD32DB

Adobe Flash Player 11 ActiveX

Adobe Reader 8.1.3

Agere Systems HDA Modem

AIO_Scan

AMS 360 Client Rev 2

AMS TransactNOW Client

Apple Application Support

Apple Software Update

BlackBerry Desktop Software 6.1

Broadcom NetXtreme Ethernet Controller

BufferChm

C4200

c4200_Help

CDBurnerXP

Citrix online plug-in - web

Citrix online plug-in (DV)

Citrix online plug-in (HDX)

Citrix online plug-in (USB)

Citrix online plug-in (Web)

Copy

Coupon Printer for Windows

Credential Manager for HP ProtectTools

CustomerResearchQFolder

Destinations

DeviceManagementQFolder

DisplayLink Software

DocProc

DocProcQFolder

Dropbox

Embedded Security for HP ProtectTools

eSupportQFolder

Express ClickYes 1.2

Facebook Video Calling 1.2.0.159

fax@vantage

fax@vantage Printer Driver

GFI Business Agent

Google Earth

Google Talk Plugin

Google Toolbar for Firefox

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

GoZone iSync

HdcylindHti

Hotfix for Microsoft .NET Framework 3.0 (KB932471)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB961118)

HP 3D DriveGuard

HP BIOS Configuration for ProtectTools

HP Broadband Wireless Modules

HP Customer Participation Program 8.0

HP Imaging Device Functions 8.0

HP Integrated Module with Bluetooth wireless technology

HP OCR Software 8.0

HP PCMCIA Smart Card Reader

HP Photosmart All-In-One Software 8.0

HP Photosmart Essential

HP ProtectTools Security Manager

HP Quick Launch Buttons 6.20 D3

HP Solution Center 8.0

HP Update

HPProductAssistant

HPSSupply

ImageMixer3

Intel® Graphics Media Accelerator Driver

Interwise Participant

Java 2 Runtime Environment, SE v1.4.2_15

Java Auto Updater

Java 6 Update 31

Java 6 Update 7

Java 7 Update 3

LightScribe System Software 1.14.19.1

LightScribeTemplateLabeler

Malwarebytes Anti-Malware version 1.62.0.1300

MarketResearch

MetaFrame Presentation Server Web Client for Win32

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office Excel MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Edition 2003

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Standard 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Windows XP Video Decoder Checkup Utility

Microsoft Word Viewer 97

MotoHelper 2.0.51 Driver 5.2.0

MotoHelper MergeModules

Motorola Mobile Drivers Installation 5.2.0

Mozilla Thunderbird 14.0 (x86 en-US)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser (KB933579)

Octoshape add-in for Adobe Flash Player

PaperVision Document Viewer Controls

Picasa 3

PS_AIO_ProductContext

PS_AIO_Software

PS_AIO_Software_min

QuickTime

RightFax Product Suite - Client

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator Tools

Scan

Security Update for 2007 Microsoft Office System (KB2277947)

Security Update for 2007 Microsoft Office System (KB951550)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for 2007 Microsoft Office System (KB982312)

Security Update for 2007 Microsoft Office System (KB982331)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Office Excel 2007 (KB982308)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office Outlook 2007 (KB980376)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2251419)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982665)

Smilebox

SMS Advanced Client

SolutionCenter

Sonic Activation Module

SoundMAX

StarTech.com USB2DVI

Status

SUPERAntiSpyware Free Edition

Synaptics Pointing Device Driver

The Print Shop 2.0 Deluxe

Toolbox

TrayApp

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition

Update for Windows XP (KB2345886)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VNC Free Edition 4.1.1

WebFldrs XP

WebReg

Windows Defender

Windows Essentials Media Codec Pack 2.3d

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Format Runtime

Windows Media Player 11

Windows Presentation Foundation

XML Paper Specification Shared Components Pack 1.0

.

==== Event Viewer Messages From Past Week ========

.

7/23/2012 12:03:32 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ATMDLC iaStor

7/20/2012 7:35:56 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ATMDLC

7/19/2012 2:10:54 PM, error: DCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

7/18/2012 9:33:32 PM, error: NETLOGON [5719] - No Domain Controller is available for domain EBSCO due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

.

==== End Of File ===========================

Snake207 · July 24, 2012

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by KSandlin at 10:30:01 on 2012-07-24

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.498 [GMT -5:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

.

============== Running Processes ===============

.

C:\WINDOWS\System32\svchost.exe -k Cognizance

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

c:\Program Files\Windows Defender\MsMpEng.exe

C:\Program Files\DisplayLink Software\DisplayLinkService.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\ifxspmgt.exe

C:\WINDOWS\system32\ifxtcs.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\IfxPsdSv.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\GFI Software\GFIAgent\SBAMSvc.exe

C:\Program Files\GFI Software\GFIAgent\SBPIMSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\RealVNC\VNC4\WinVNC4.exe

C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe

C:\WINDOWS\system32\CCM\CcmExec.exe

C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe

C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe

C:\Program Files\DisplayLink Software\DisplayLinkManager.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe

C:\Program Files\DisplayLink Software\DisplayLinkUI.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files\GFI Software\GFIAgent\SBAMTray.exe

C:\Program Files\RightFax\Client\faxctrl.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe

C:\Program Files\AMS Services\TransactNOW\OALaunch.exe

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

C:\Documents and Settings\ksandlin\Application Data\Dropbox\bin\Dropbox.exe

C:\Program Files\Express ClickYes\ClickYes.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\internet explorer\iexplore.exe

C:\Documents and Settings\ksandlin\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe

C:\Documents and Settings\ksandlin\Local Settings\Application Data\AMS Services, Inc\AMS 360\WorkstationCoordinator.exe

C:\Program Files\Adobe\Reader 8.0\Reader\pdfprevhndlrshim.exe

C:\WINDOWS\system32\wuauclt.exe